Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: dsmwzKkCDatD1Vb4VhdFbluVY9kYkNUd/HvQJKPc0nQ=
Subject key identifier: BA:C0:A6:9B:0C:65:59:1A:2C:61:5E:FD:7C:DD:37:12:18:C0:07:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38654A74C03A9D015F5DCB24D8E20101B7A050BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Mon 31 Mar 2025 21:30:21 +0000
ROA not before: Mon 31 Mar 2025 21:30:21 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:65:4a:74:c0:3a:9d:01:5f:5d:cb:24:d8:e2:01:01:b7:a0:50:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:21 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=c7440dece88c5eac26621a8bd403228df02c58f07b976ecd0c5526875199ab9c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:57:12:da:47:f4:7e:49:9f:06:b0:10:77:29:
95:38:e4:af:81:4a:12:a0:7b:f8:28:ba:30:94:64:
a2:1a:08:75:7c:4d:64:98:01:7c:99:2e:4e:5b:80:
45:0f:51:53:bd:3b:b1:09:39:f5:93:06:41:86:93:
c5:ed:01:58:1d:46:65:64:39:ef:80:f8:5a:0d:c6:
4b:a3:7b:f3:86:43:f4:05:f2:81:04:84:3f:fa:d5:
b7:f4:df:e9:f4:58:67:8a:ae:6f:df:b8:e3:f1:6f:
9e:a2:6f:ab:f0:a1:35:46:8a:e0:90:b9:eb:79:df:
63:21:22:b0:73:b4:00:21:8f:18:a9:d2:93:91:f9:
c9:cd:99:1f:00:82:34:32:83:85:79:98:d7:fa:55:
5c:37:15:98:ee:a7:10:61:6d:e4:51:29:73:b1:0b:
77:86:d1:6f:ff:fe:60:e0:b6:4a:a6:54:1b:9d:23:
1f:94:31:f2:2f:6c:b8:80:ef:5f:00:78:e7:a3:af:
db:64:33:52:ae:26:0e:59:6f:44:d6:a2:86:b3:d9:
d5:43:1c:e0:20:8e:d2:38:65:d1:46:9a:79:82:ef:
8f:a8:af:df:da:f8:52:e7:34:a3:b1:11:65:e4:8c:
de:31:62:90:f5:59:93:b5:2e:63:97:db:9a:4c:1c:
48:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C0:A6:9B:0C:65:59:1A:2C:61:5E:FD:7C:DD:37:12:18:C0:07:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:35:5f:0d:ca:b3:3e:68:77:01:e1:7c:18:dc:20:97:07:c9:
c7:d1:d5:e5:aa:22:af:a1:12:c0:cd:dd:b4:f5:43:7f:d2:7b:
cc:b4:1c:1b:8f:bf:4e:c9:71:fe:15:b0:df:e1:26:a5:ea:ed:
b4:88:cf:44:1c:f3:58:a4:9b:7b:42:d8:af:6f:79:c9:c5:ce:
e9:8e:9b:f2:ca:a4:dc:4d:20:d7:08:cf:c0:f4:5f:6b:49:c3:
5c:d1:3d:78:b5:42:f1:9c:d4:0a:77:38:52:d5:49:73:f6:90:
88:e6:e6:18:f0:f8:90:11:62:ba:99:51:0f:b4:c1:d1:63:90:
90:b3:17:8f:3f:5e:3a:a8:4d:8e:ce:c3:8f:b5:92:b5:39:6d:
ab:12:98:34:c7:da:dd:ae:50:fc:e4:55:a0:30:8a:f3:02:de:
2b:b9:29:00:b2:e0:cf:f8:bd:cf:41:8a:1f:1f:2a:83:f8:46:
ee:0a:9f:cb:7b:6c:7c:00:b5:b4:bd:39:0c:33:94:83:65:fa:
dd:b5:ce:0b:ce:ce:b3:3c:07:44:d5:63:4c:a2:be:53:5a:d1:
cb:70:cf:ba:76:bc:37:97:39:fb:9c:f7:d4:19:b7:dd:d3:14:
62:b9:94:38:61:35:33:f1:54:b5:9b:94:28:e3:77:5b:bf:e2:
ff:58:01:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOGVKdMA6nQFfXcsk2OIBAbegUL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMjFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NDQwZGVjZTg4YzVlYWMyNjYyMWE4YmQ0MDMyMjhkZjAyYzU4ZjA3Yjk3
NmVjZDBjNTUyNjg3NTE5OWFiOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRXEtpH9H5JnwawEHcplTjkr4FKEqB7+Ci6MJRkohoIdXxNZJgBfJkuTluA
RQ9RU707sQk59ZMGQYaTxe0BWB1GZWQ574D4Wg3GS6N784ZD9AXygQSEP/rVt/Tf
6fRYZ4qub9+44/FvnqJvq/ChNUaK4JC563nfYyEisHO0ACGPGKnSk5H5yc2ZHwCC
NDKDhXmY1/pVXDcVmO6nEGFt5FEpc7ELd4bRb//+YOC2SqZUG50jH5Qx8i9suIDv
XwB456Ov22QzUq4mDllvRNaihrPZ1UMc4CCO0jhl0UaaeYLvj6iv39r4Uuc0o7ER
ZeSM3jFikPVZk7UuY5fbmkwcSBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6wKab
DGVZGixhXv183TcSGMAHqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQDXNV8NyrM+aHcB4XwY3CCXB8nH0dXlqiKvoRLAzd20
9UN/0nvMtBwbj79OyXH+FbDf4Sal6u20iM9EHPNYpJt7Qtivb3nJxc7pjpvyyqTc
TSDXCM/A9F9rScNc0T14tULxnNQKdzhS1Ulz9pCI5uYY8PiQEWK6mVEPtMHRY5CQ
sxePP146qE2OzsOPtZK1OW2rEpg0x9rdrlD85FWgMIrzAt4ruSkAsuDP+L3PQYof
HyqD+EbuCp/Le2x8ALW0vTkMM5SDZfrdtc4Lzs6zPAdE1WNMor5TWtHLcM+6drw3
lzn7nPfUGbfd0xRiuZQ4YTUz8VS1m5Qo43dbv+L/WAGm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net