Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: ir3JMWWgInruGhIY5lm5GcnhV8tKgy00/7jCeKmPfcQ=
Subject key identifier: 99:7D:B3:51:80:29:DC:67:43:5A:D2:D9:F0:D5:34:AD:1B:67:8F:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C8DD3BFFB2C7ED0F2E8AD3B6A3C97FAA0D3FC9B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Mon 31 Mar 2025 21:20:18 +0000
ROA not before: Mon 31 Mar 2025 21:20:18 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8d:d3:bf:fb:2c:7e:d0:f2:e8:ad:3b:6a:3c:97:fa:a0:d3:fc:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:18 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=2c45b20218622fb568a3b432e27d2a28510a2dd0d0968a3f8cd3e908f5364582, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8d:da:13:dc:1b:9e:a5:7e:9b:00:9d:25:19:
7c:04:86:02:24:8b:7c:27:7c:d8:87:40:43:b2:f5:
7d:a0:d5:09:78:ee:d9:ea:55:5c:c5:01:a0:87:6a:
90:e6:45:10:0e:00:b3:e7:ab:40:31:04:1f:f3:34:
7d:4b:2a:8b:fc:df:46:28:47:87:f0:b3:e8:83:f6:
f1:75:03:eb:7c:35:fd:f7:70:aa:0d:de:ee:b0:06:
b7:79:ff:8f:1e:ee:82:29:c6:43:56:37:e4:c1:69:
7d:b5:1d:cc:76:6d:bd:05:11:cd:9a:4d:26:d6:30:
15:12:51:bb:4b:04:9a:74:dd:65:42:eb:21:59:d7:
87:0a:bc:b4:f7:3a:b2:a3:6a:9c:03:74:d4:eb:c8:
25:49:5a:4f:8b:3b:88:73:aa:31:ac:01:ff:1e:31:
1b:f0:39:94:fd:bf:e1:ee:28:72:ad:dd:a9:36:fb:
c4:ff:2c:89:09:40:5c:5a:d7:7a:ac:58:3e:31:6d:
52:47:1c:46:bd:71:d4:21:26:82:d6:79:3f:d6:63:
ef:57:26:57:2b:22:19:27:0e:6c:19:bc:3d:86:94:
2d:70:44:4e:ed:4c:47:6a:aa:f4:3d:51:fb:a4:77:
b2:56:5d:b0:e2:68:81:2f:d0:e3:ba:f3:b5:a0:3a:
fe:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7D:B3:51:80:29:DC:67:43:5A:D2:D9:F0:D5:34:AD:1B:67:8F:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
72:53:aa:6f:05:0f:50:22:12:2c:a1:1e:49:de:7d:16:c8:88:
25:14:12:16:75:36:c0:38:95:83:2d:9a:cb:42:e1:85:4d:e0:
df:ed:72:52:d2:d1:2c:17:c6:2d:92:a7:85:cc:21:5f:57:fd:
12:e2:fa:39:8d:d2:eb:eb:1d:87:bc:e6:6b:78:77:0a:d6:30:
4f:99:5d:b0:e2:e2:6b:d4:c3:2c:c9:be:73:72:55:8c:8b:75:
2f:fe:ec:d0:bf:45:bd:a2:50:5f:7f:cf:8a:2f:d3:81:e9:e9:
49:7d:b2:d2:4e:1a:93:47:d8:f0:0b:d3:ae:a5:cd:a1:e5:9e:
8c:f6:44:e3:ca:a3:03:0f:4c:32:cd:1e:24:65:b3:34:9e:5f:
7e:6f:bf:5a:24:6e:5e:48:37:07:a8:72:80:bb:37:c3:c7:a8:
68:c0:77:c3:9f:08:2c:2c:9d:96:1e:14:09:0a:87:d1:49:e7:
d0:28:0f:9b:d7:a4:c8:db:62:bc:1b:e0:21:da:f7:d3:ec:94:
a2:71:ae:8d:8d:11:40:40:08:c0:22:79:a7:7c:c8:80:5d:c8:
74:77:dd:c1:8f:75:f6:a7:18:9b:f5:50:4f:26:88:84:33:26:
b5:bd:94:f2:69:be:86:e9:bd:8f:f3:b1:b1:96:4b:65:49:d4:
83:80:a6:8c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXI3Tv/ssftDy6K07ajyX+qDT/JswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMThaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNDViMjAyMTg2MjJmYjU2OGEzYjQzMmUyN2QyYTI4NTEwYTJkZDBkMDk2
OGEzZjhjZDNlOTA4ZjUzNjQ1ODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+N2hPcG56lfpsAnSUZfASGAiSLfCd82IdAQ7L1faDVCXju2epVXMUBoIdq
kOZFEA4As+erQDEEH/M0fUsqi/zfRihHh/Cz6IP28XUD63w1/fdwqg3e7rAGt3n/
jx7uginGQ1Y35MFpfbUdzHZtvQURzZpNJtYwFRJRu0sEmnTdZULrIVnXhwq8tPc6
sqNqnAN01OvIJUlaT4s7iHOqMawB/x4xG/A5lP2/4e4ocq3dqTb7xP8siQlAXFrX
eqxYPjFtUkccRr1x1CEmgtZ5P9Zj71cmVysiGScObBm8PYaULXBETu1MR2qq9D1R
+6R3slZdsOJogS/Q47rztaA6/qECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZfbNR
gCncZ0Na0tnw1TStG2eP4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAclOqbwUPUCISLKEeSd59FsiIJRQSFnU2wDiVgy2a
y0LhhU3g3+1yUtLRLBfGLZKnhcwhX1f9EuL6OY3S6+sdh7zma3h3CtYwT5ldsOLi
a9TDLMm+c3JVjIt1L/7s0L9FvaJQX3/Pii/TgenpSX2y0k4ak0fY8AvTrqXNoeWe
jPZE48qjAw9MMs0eJGWzNJ5ffm+/WiRuXkg3B6hygLs3w8eoaMB3w58ILCydlh4U
CQqH0Unn0CgPm9ekyNtivBvgIdr30+yUonGujY0RQEAIwCJ5p3zIgF3IdHfdwY91
9qcYm/VQTyaIhDMmtb2U8mm+hum9j/OxsZZLZUnUg4CmjA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net