Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: EYp77aXOX9161Yp4cpu/hBlnW2ntf5zghhdiqzgCeFI=
Subject key identifier: 50:D9:70:05:76:F2:88:5B:41:DE:AC:B2:FE:C0:5C:B0:FA:51:13:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A08DCE108C8B335C17D87867D2A25B0C1BD10D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Tue 01 Apr 2025 15:11:20 +0000
ROA not before: Tue 01 Apr 2025 15:11:20 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:08:dc:e1:08:c8:b3:35:c1:7d:87:86:7d:2a:25:b0:c1:bd:10:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:11:20 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=03fd0e83da1caa0840b27574e9fc115f88cbe078bb7ac0a055e16487d4a759e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:23:94:f6:7f:6f:26:8e:7a:a0:f3:f1:7b:3d:
47:88:f6:5c:e4:60:23:78:fd:01:d5:f0:c0:e3:66:
31:72:6e:2b:17:9f:68:b3:13:0e:97:ed:39:34:09:
f3:ba:15:0d:39:8d:97:3a:00:02:99:74:f9:63:67:
da:3f:a7:f9:d0:34:e3:88:e5:ee:75:55:c3:cd:71:
53:0d:b7:3c:bd:47:21:4f:d7:bc:fb:57:b4:58:34:
58:41:a2:1c:86:36:84:a0:81:2e:b8:0f:d4:cd:90:
50:ae:20:32:c6:b1:49:af:71:2e:c1:d8:99:43:85:
ff:43:e2:05:8d:7f:91:77:4b:52:34:14:76:14:2a:
8a:31:5b:cb:9c:e2:a5:e8:7e:d2:45:c3:f1:a0:56:
f4:ea:f5:db:66:7a:72:ef:df:68:e3:4f:b1:4a:ae:
2d:e8:1a:85:16:0e:0d:e1:bc:b9:d2:18:8a:c3:4d:
af:ec:bc:c1:14:8d:ad:84:a1:af:cf:c8:80:88:5a:
8c:2a:be:b4:cf:96:43:34:38:46:4b:62:42:7a:07:
96:b7:c1:08:09:89:74:bb:14:45:f0:d4:11:bc:b2:
e9:21:e0:6d:a2:0a:dd:21:c4:16:03:d0:2a:d2:ac:
c9:d3:d6:1d:5b:0e:64:fc:e7:a0:7f:ae:f5:34:2a:
01:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D9:70:05:76:F2:88:5B:41:DE:AC:B2:FE:C0:5C:B0:FA:51:13:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:4c:64:b5:ae:d4:4d:3c:f6:bd:07:28:6d:e5:b2:4d:20:58:
1e:ef:79:dc:2f:0e:8d:ce:9c:d8:a5:96:db:1d:9a:e1:41:09:
4a:ef:ea:dc:38:48:f2:f5:2b:c9:50:a2:14:41:e7:82:b0:df:
a7:d0:62:cc:f8:29:1f:7b:cc:59:b9:07:0d:79:63:e4:42:6c:
6f:33:49:2c:33:c5:42:4b:f8:55:cc:a8:e0:ac:5b:66:1a:9a:
13:43:67:1c:66:bb:f3:c1:a4:01:16:a1:c3:9e:68:bc:6d:5b:
6d:b3:6c:5c:41:22:3c:2c:a9:79:dc:03:1f:9c:50:95:80:f7:
8a:3c:ff:99:e9:8b:d4:47:d5:6e:42:8e:ca:eb:d4:34:f6:ec:
9e:04:b0:a2:51:0d:7b:53:7e:09:4a:3c:b1:77:13:5a:6f:35:
5b:74:93:a2:c0:79:56:3b:3c:64:f9:0e:fe:ba:2f:5d:36:41:
37:06:ef:a6:75:c9:a1:cb:55:ba:84:ee:df:b6:16:76:68:c2:
94:bd:71:56:76:c8:93:45:6d:cd:76:e8:78:fa:ef:d0:7b:f1:
f8:b3:b3:08:1c:21:79:92:61:ab:66:2d:db:60:9e:ef:9a:da:
de:6b:4c:cd:01:20:63:72:57:81:7a:f9:9e:7d:8f:f8:ee:00:
a7:b3:b3:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUagjc4QjIszXBfYeGfSolsMG9ENYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTExMjBaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZmQwZTgzZGExY2FhMDg0MGIyNzU3NGU5ZmMxMTVmODhjYmUwNzhiYjdh
YzBhMDU1ZTE2NDg3ZDRhNzU5ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMjlPZ/byaOeqDz8Xs9R4j2XORgI3j9AdXwwONmMXJuKxefaLMTDpftOTQJ
87oVDTmNlzoAApl0+WNn2j+n+dA044jl7nVVw81xUw23PL1HIU/XvPtXtFg0WEGi
HIY2hKCBLrgP1M2QUK4gMsaxSa9xLsHYmUOF/0PiBY1/kXdLUjQUdhQqijFby5zi
peh+0kXD8aBW9Or122Z6cu/faONPsUquLegahRYODeG8udIYisNNr+y8wRSNrYSh
r8/IgIhajCq+tM+WQzQ4RktiQnoHlrfBCAmJdLsURfDUEbyy6SHgbaIK3SHEFgPQ
KtKsydPWHVsOZPznoH+u9TQqAd0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRQ2XAF
dvKIW0HerLL+wFyw+lETqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQBtTGS1rtRNPPa9Byht5bJNIFge73ncLw6NzpzYpZbb
HZrhQQlK7+rcOEjy9SvJUKIUQeeCsN+n0GLM+Ckfe8xZuQcNeWPkQmxvM0ksM8VC
S/hVzKjgrFtmGpoTQ2ccZrvzwaQBFqHDnmi8bVtts2xcQSI8LKl53AMfnFCVgPeK
PP+Z6YvUR9VuQo7K69Q09uyeBLCiUQ17U34JSjyxdxNabzVbdJOiwHlWOzxk+Q7+
ui9dNkE3Bu+mdcmhy1W6hO7fthZ2aMKUvXFWdsiTRW3Nduh4+u/Qe/H4s7MIHCF5
kmGrZi3bYJ7vmtrea0zNASBjcleBevmefY/47gCns7Ne
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net