Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: sTNuLY/pYgQ9azf3kqE463Aaxlnw6ZPt065OupjgTe8=
Subject key identifier: A9:73:F9:4E:16:62:56:1B:D6:43:0F:18:DF:69:79:10:FD:D2:83:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1056F5E1A570714A27ECE6A1341E871A88DF2C13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Mon 31 Mar 2025 21:30:57 +0000
ROA not before: Mon 31 Mar 2025 21:30:57 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:56:f5:e1:a5:70:71:4a:27:ec:e6:a1:34:1e:87:1a:88:df:2c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:57 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=9913c5183f456c5b0e764c6b0ace24831888a16f26c24d5522fcdb326469aba4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:12:7b:b0:7a:91:76:b9:12:ab:b2:3c:3b:f9:
f7:9a:08:34:3b:1e:f4:7f:5e:a1:51:f6:10:71:e6:
ae:0a:fb:66:bf:ad:94:42:f6:d5:dd:81:0e:07:74:
4f:ce:c0:e4:f9:3f:9a:9a:72:8a:ab:2e:24:98:b8:
1d:d3:6c:b4:17:1b:80:c4:51:be:ca:ff:df:8c:24:
0d:60:7b:85:b7:2d:eb:b5:c5:c8:a1:39:0e:28:12:
e7:51:3d:d2:2a:47:5e:ce:ee:ae:06:4c:66:cf:25:
1d:f9:99:7d:96:c5:c1:c4:4e:8b:9a:79:41:88:5a:
48:07:9b:f6:ee:95:61:19:47:17:c6:7a:fb:72:c7:
d5:84:0e:ff:05:b3:1e:fd:29:cb:ee:0d:2c:74:88:
eb:0c:2b:7e:7c:b9:d1:35:3a:3e:1b:5b:5c:48:68:
d5:61:38:99:6d:53:e9:68:43:ad:30:54:31:9c:28:
23:3b:1b:eb:3a:4c:d3:cc:15:2b:9a:5b:49:c0:f7:
d7:8d:da:65:ed:71:a3:3f:e8:0d:38:35:7d:61:a2:
d5:ba:94:0d:e3:a2:b6:72:19:2e:4a:a9:2d:c1:fe:
2e:33:23:a0:c0:3f:71:52:b5:01:0b:51:49:2f:66:
7d:b0:f5:58:d4:79:d3:5c:d8:6c:12:44:e7:e0:9a:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:73:F9:4E:16:62:56:1B:D6:43:0F:18:DF:69:79:10:FD:D2:83:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2b:75:14:6c:ee:35:f1:e3:59:04:41:70:d6:5c:fc:b4:9b:6a:
fa:cd:36:91:3b:25:b0:3e:08:dd:5e:53:80:0b:51:7d:79:ac:
00:fd:2b:93:dd:a5:23:56:cf:a2:65:9d:ba:9b:92:8b:a3:ed:
de:63:5d:12:30:6f:c4:44:4e:5c:6d:33:09:40:41:fd:0a:2b:
65:db:94:d3:54:f9:30:4c:2a:40:99:a2:00:80:8d:37:7b:8d:
e7:2e:e2:ea:f9:cf:46:bd:7d:b1:2a:07:d7:eb:9b:52:12:5b:
37:55:63:f7:a6:b5:2a:0e:1d:b1:77:49:1d:4a:d5:0a:09:a3:
66:e9:a7:89:30:18:6c:11:d0:a0:1c:05:eb:63:ee:06:37:4c:
c1:4e:80:0e:ba:8f:3a:35:4d:11:2a:0b:81:37:c0:f2:19:2a:
ea:b3:eb:ff:4e:29:87:a6:35:0d:30:7b:38:29:ac:9a:48:a8:
1c:6a:c6:e1:d6:c4:32:31:f6:77:58:c6:86:c5:cf:2b:e4:da:
7f:35:ce:64:42:c5:47:68:39:c8:00:fe:8f:54:51:e2:7c:69:
3d:66:1a:e5:e5:de:aa:15:a0:ad:f8:0e:4a:d4:ee:b3:10:c3:
d1:be:d0:1e:75:3a:45:87:db:30:28:7b:83:21:0c:73:ea:29:
31:d7:2d:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEFb14aVwcUon7OahNB6HGojfLBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwNTdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5MTNjNTE4M2Y0NTZjNWIwZTc2NGM2YjBhY2UyNDgzMTg4OGExNmYyNmMy
NGQ1NTIyZmNkYjMyNjQ2OWFiYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUSe7B6kXa5EquyPDv595oINDse9H9eoVH2EHHmrgr7Zr+tlEL21d2BDgd0
T87A5Pk/mppyiqsuJJi4HdNstBcbgMRRvsr/34wkDWB7hbct67XFyKE5DigS51E9
0ipHXs7urgZMZs8lHfmZfZbFwcROi5p5QYhaSAeb9u6VYRlHF8Z6+3LH1YQO/wWz
Hv0py+4NLHSI6wwrfny50TU6PhtbXEho1WE4mW1T6WhDrTBUMZwoIzsb6zpM08wV
K5pbScD3143aZe1xoz/oDTg1fWGi1bqUDeOitnIZLkqpLcH+LjMjoMA/cVK1AQtR
SS9mfbD1WNR501zYbBJE5+CadNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpc/lO
FmJWG9ZDDxjfaXkQ/dKDfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQArdRRs7jXx41kEQXDWXPy0m2r6zTaROyWwPgjdXlOA
C1F9eawA/SuT3aUjVs+iZZ26m5KLo+3eY10SMG/ERE5cbTMJQEH9Citl25TTVPkw
TCpAmaIAgI03e43nLuLq+c9GvX2xKgfX65tSEls3VWP3prUqDh2xd0kdStUKCaNm
6aeJMBhsEdCgHAXrY+4GN0zBToAOuo86NU0RKguBN8DyGSrqs+v/TimHpjUNMHs4
KayaSKgcasbh1sQyMfZ3WMaGxc8r5Np/Nc5kQsVHaDnIAP6PVFHifGk9Zhrl5d6q
FaCt+A5K1O6zEMPRvtAedTpFh9swKHuDIQxz6ikx1y08
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net