Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: pD0u08AtRGI4n6xDSC3fVpQ1DovED0BdrLID/6lkrqI=
Subject key identifier: 49:69:0F:A3:76:DB:35:F0:58:9E:A2:2B:D3:03:39:55:17:F3:8B:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 242EC9652EA77556CB3CDA9C3F44E5CB959F72B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Fri 11 Apr 2025 00:50:43 +0000
ROA not before: Fri 11 Apr 2025 00:50:43 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:2e:c9:65:2e:a7:75:56:cb:3c:da:9c:3f:44:e5:cb:95:9f:72:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:43 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=cbbe77ad0484769e706c81e1d5d0a267a3d6bf6f01b57aa39e8776c4bb036a0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:64:11:40:ec:84:12:c3:32:f3:e1:38:a1:ed:
14:dc:c1:65:1f:91:b5:47:5e:9b:e9:f8:4c:6f:dd:
68:75:b7:7a:de:39:45:7e:d2:fd:19:a4:49:d0:9f:
44:e8:44:85:7b:9c:04:34:3f:6c:6e:11:a0:1e:ce:
fa:8a:d8:45:0e:2d:94:25:63:87:fa:be:17:15:11:
26:88:bd:f8:90:0a:d3:6b:30:95:02:e1:bc:6f:c3:
b7:90:4d:4f:87:c6:84:b5:3c:43:0c:b3:f6:1b:0c:
e9:6f:b6:77:df:0f:25:a0:1b:35:b6:4a:d1:2f:81:
e0:df:f1:8e:76:96:25:78:88:29:e7:f6:ed:75:89:
26:8d:4d:62:d3:4e:a2:26:db:8c:14:28:69:ba:ad:
37:14:e2:2b:3b:27:5a:e9:a6:29:27:74:32:58:e9:
98:7b:ee:b2:4d:17:f8:b2:05:50:a0:41:be:65:37:
27:06:6e:4f:14:c8:61:07:ce:34:72:09:05:e2:b6:
40:6a:d8:77:14:dd:14:4d:12:7f:e5:de:9c:53:f8:
15:eb:f6:b6:80:ec:83:ad:e1:60:4b:16:1d:aa:9b:
3c:8d:e3:a8:cf:0a:c8:6a:c3:77:ae:53:34:30:ec:
bb:79:b5:f8:67:e5:62:8f:0c:d6:1c:87:b6:da:1a:
84:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:69:0F:A3:76:DB:35:F0:58:9E:A2:2B:D3:03:39:55:17:F3:8B:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:87:e5:f9:45:b2:55:d7:7d:67:28:1f:ae:1c:38:ee:fd:90:
cc:d2:8f:8e:0b:0a:c7:90:23:08:d7:3d:bb:cd:c4:6b:92:42:
d7:9c:e2:73:0a:57:0f:b5:07:49:ed:7f:9a:ab:a4:18:5b:8e:
51:fe:b6:3f:42:9b:50:00:da:91:0b:13:56:a6:25:ff:b3:e1:
2c:30:c7:ad:41:43:83:c0:e9:69:8b:78:08:2b:f1:ad:0a:38:
c4:ba:fc:86:e3:0a:0a:dc:62:6d:4f:96:a3:36:e6:36:6f:8c:
d0:f2:a3:90:7b:22:b0:d6:d6:be:29:de:27:4e:da:6c:54:e7:
b1:74:a4:f4:67:2c:63:e9:32:72:ca:df:58:3b:cb:37:ab:f6:
68:6c:66:83:8c:f4:85:66:16:ee:7e:6f:d1:7f:e8:76:81:4b:
3a:a0:d8:31:2b:99:22:33:ac:36:54:54:7c:c5:08:2d:73:bd:
70:d3:23:26:86:c4:4b:1e:87:e4:6f:2a:98:87:9c:a9:e4:2b:
c6:02:1c:fe:8b:3c:02:2d:e8:b8:fa:6f:99:bb:3d:07:34:88:
19:1d:06:c6:46:ba:eb:ae:40:bd:8d:45:d2:96:99:99:2f:8c:
a3:52:6b:02:3f:d1:ee:1a:73:cd:85:a6:5a:ec:c2:2b:07:ab:
1e:4b:5d:8a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJC7JZS6ndVbLPNqcP0Tly5WfcrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwNDNaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYmU3N2FkMDQ4NDc2OWU3MDZjODFlMWQ1ZDBhMjY3YTNkNmJmNmYwMWI1
N2FhMzllODc3NmM0YmIwMzZhMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPVkEUDshBLDMvPhOKHtFNzBZR+RtUdem+n4TG/daHW3et45RX7S/RmkSdCf
ROhEhXucBDQ/bG4RoB7O+orYRQ4tlCVjh/q+FxURJoi9+JAK02swlQLhvG/Dt5BN
T4fGhLU8Qwyz9hsM6W+2d98PJaAbNbZK0S+B4N/xjnaWJXiIKef27XWJJo1NYtNO
oibbjBQoabqtNxTiKzsnWummKSd0MljpmHvusk0X+LIFUKBBvmU3JwZuTxTIYQfO
NHIJBeK2QGrYdxTdFE0Sf+XenFP4Fev2toDsg63hYEsWHaqbPI3jqM8KyGrDd65T
NDDsu3m1+GflYo8M1hyHttoahEUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJaQ+j
dts18FieoivTAzlVF/OLgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAiofl+UWyVdd9Zygfrhw47v2QzNKPjgsKx5AjCNc9
u83Ea5JC15zicwpXD7UHSe1/mqukGFuOUf62P0KbUADakQsTVqYl/7PhLDDHrUFD
g8DpaYt4CCvxrQo4xLr8huMKCtxibU+WozbmNm+M0PKjkHsisNbWvineJ07abFTn
sXSk9GcsY+kycsrfWDvLN6v2aGxmg4z0hWYW7n5v0X/odoFLOqDYMSuZIjOsNlRU
fMUILXO9cNMjJobESx6H5G8qmIecqeQrxgIc/os8Ai3ouPpvmbs9BzSIGR0Gxka6
665AvY1F0paZmS+Mo1JrAj/R7hpzzYWmWuzCKwerHktdig==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net