Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: 5uryZ5L8Wtose720IKLKxvvjFJdjPQA2YcADUBU0b78=
Subject key identifier: 9E:38:DD:6F:1F:72:25:DD:F3:12:21:1C:EF:87:A9:16:0E:65:D7:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: D757008CC0A9572D67970F25CE8695518DF157
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Mon 31 Mar 2025 21:30:10 +0000
ROA not before: Mon 31 Mar 2025 21:30:10 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d7:57:00:8c:c0:a9:57:2d:67:97:0f:25:ce:86:95:51:8d:f1:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:10 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=58b62b5b41e0fb469e1d219a48a126c5e3ac14cfa2118d6586f89cc9d01f2997, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cd:b6:e1:71:30:65:68:35:7d:1a:14:40:83:
dd:d4:ab:81:38:12:97:69:c6:a7:44:7b:a5:7b:29:
f6:fc:29:50:c0:d7:a4:cc:9b:e4:66:93:da:4c:d1:
a3:ce:0d:a3:c2:31:2f:a9:a0:cf:ef:ec:0f:e9:95:
cf:08:b9:07:af:0a:34:48:9f:30:93:00:f9:ab:c7:
6e:1a:d0:3b:ee:59:a1:88:10:88:a9:5e:91:79:7a:
48:62:e2:5c:f0:ea:a2:b5:e5:06:36:df:3a:c2:39:
f4:96:00:19:f7:34:db:4e:c7:49:8f:b8:55:9e:4d:
58:11:c4:a3:64:8c:1b:30:34:a2:11:34:a3:55:6c:
07:2b:b5:f5:5f:4f:aa:b8:64:ee:bb:d2:23:20:8c:
1f:74:2b:af:a3:c1:1e:22:d1:21:cb:d7:87:47:4d:
1f:d5:28:fd:5d:02:89:64:5e:1d:4a:67:58:42:8b:
ad:9d:c4:e0:5a:bd:f7:f5:f5:d7:6f:da:cf:d6:6a:
4b:b2:62:44:bc:11:f1:ce:75:91:39:51:19:80:10:
f5:6f:33:a3:29:8c:6a:27:b4:ad:74:31:3f:c8:26:
59:52:a3:ea:2f:94:b2:f6:ff:69:f9:0d:8c:47:85:
61:a2:71:1d:29:ec:f6:3a:1a:dc:47:59:f4:cf:24:
5e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:38:DD:6F:1F:72:25:DD:F3:12:21:1C:EF:87:A9:16:0E:65:D7:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:74:3c:44:bc:0c:13:51:6a:72:fe:62:d9:e8:43:aa:99:34:
9f:1c:6c:51:f1:0d:36:ee:21:00:67:b9:e8:83:90:09:df:1b:
61:95:3f:5c:ff:e9:1b:75:a4:69:0e:cf:10:9c:db:ac:08:3f:
52:85:12:e0:44:f8:ee:65:03:66:fd:26:ec:41:5e:33:f2:84:
ec:01:92:2c:26:89:59:19:4e:89:55:2d:d5:23:92:72:50:f9:
f0:b8:d1:63:b2:a5:f8:62:f1:ec:14:fb:27:fc:e3:69:a5:b9:
3c:bc:dd:92:2d:d2:23:bd:1b:6b:31:77:da:ae:a4:4c:d9:67:
90:bd:e6:3f:29:89:3a:1a:d8:cb:a4:41:96:70:3e:ae:02:92:
da:39:fa:db:99:eb:4e:64:26:05:4f:31:5e:2a:8f:e3:4f:3c:
29:fb:8f:da:ba:c3:cb:33:72:00:ca:ad:af:27:9c:91:64:6c:
44:d8:df:8f:11:a9:d9:65:7c:24:54:9d:22:24:2d:85:d8:0e:
db:c3:ab:0f:ba:fa:58:c7:8b:ef:56:93:2b:01:90:33:64:9f:
c6:f6:05:24:94:39:46:c5:35:a7:29:2b:08:ed:19:f7:9e:95:
6f:ad:53:8c:97:ba:d8:9d:ba:96:6e:9f:cd:04:62:01:75:f0:
b8:db:80:26
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUANdXAIzAqVctZ5cPJc6GlVGN8VcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YjYyYjViNDFlMGZiNDY5ZTFkMjE5YTQ4YTEyNmM1ZTNhYzE0Y2ZhMjEx
OGQ2NTg2Zjg5Y2M5ZDAxZjI5OTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLNtuFxMGVoNX0aFECD3dSrgTgSl2nGp0R7pXsp9vwpUMDXpMyb5GaT2kzR
o84No8IxL6mgz+/sD+mVzwi5B68KNEifMJMA+avHbhrQO+5ZoYgQiKlekXl6SGLi
XPDqorXlBjbfOsI59JYAGfc0207HSY+4VZ5NWBHEo2SMGzA0ohE0o1VsByu19V9P
qrhk7rvSIyCMH3Qrr6PBHiLRIcvXh0dNH9Uo/V0CiWReHUpnWEKLrZ3E4Fq99/X1
12/az9ZqS7JiRLwR8c51kTlRGYAQ9W8zoymMaie0rXQxP8gmWVKj6i+Usvb/afkN
jEeFYaJxHSns9joa3EdZ9M8kXtsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSeON1v
H3Il3fMSIRzvh6kWDmXXOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQAAdDxEvAwTUWpy/mLZ6EOqmTSfHGxR8Q027iEAZ7no
g5AJ3xthlT9c/+kbdaRpDs8QnNusCD9ShRLgRPjuZQNm/SbsQV4z8oTsAZIsJolZ
GU6JVS3VI5JyUPnwuNFjsqX4YvHsFPsn/ONppbk8vN2SLdIjvRtrMXfarqRM2WeQ
veY/KYk6GtjLpEGWcD6uApLaOfrbmetOZCYFTzFeKo/jTzwp+4/ausPLM3IAyq2v
J5yRZGxE2N+PEanZZXwkVJ0iJC2F2A7bw6sPuvpYx4vvVpMrAZAzZJ/G9gUklDlG
xTWnKSsI7Rn3npVvrVOMl7rYnbqWbp/NBGIBdfC424Am
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net