Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: BMAjISVQk+VotBjU1bUohJS9OLgbOvTZSSRz9azrBEY=
Subject key identifier: 4A:FB:86:9E:88:57:F5:CF:19:FD:5B:A7:57:90:05:DF:60:7C:85:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17FEBE637FBFA61A3E51C66BC9E9F89D825E9919
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Mon 31 Mar 2025 21:30:29 +0000
ROA not before: Mon 31 Mar 2025 21:30:29 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:fe:be:63:7f:bf:a6:1a:3e:51:c6:6b:c9:e9:f8:9d:82:5e:99:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:29 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a3319fdd7f1e5f5fb33128c34c9e44cccc8376efa8cfc129922f812ccd2bf27b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:67:25:1c:10:f0:cb:0f:76:7a:8f:61:ad:bd:
18:e2:96:69:1f:0c:28:9c:85:13:3a:0a:89:ce:80:
48:b6:42:83:3d:3f:a4:96:bb:fa:15:7f:6b:be:fa:
51:bf:3c:a8:cd:48:8d:24:df:1c:d0:c8:1a:01:57:
16:91:5b:15:7a:4e:8d:7a:d6:e9:9f:5b:f9:41:6d:
e2:3b:24:cf:4c:c2:ed:54:b2:47:b5:cd:c4:32:77:
b4:fc:71:7d:4f:af:47:4d:f0:5e:4e:eb:84:3e:8d:
aa:63:26:d9:c0:59:b2:e9:e3:4f:5b:ce:70:82:08:
a1:ce:7e:49:0b:9e:2d:66:88:cd:9f:e7:7f:33:a9:
d6:d0:fc:d4:75:48:95:8b:7d:04:41:b2:ac:4b:98:
a5:b3:d4:74:63:a7:bc:37:22:a5:d0:af:53:82:63:
d4:e6:c9:6a:b7:21:39:1d:1b:9f:12:f9:1d:cf:c2:
89:8e:3a:f1:c8:18:7f:48:ff:14:44:74:35:f7:d3:
57:5e:05:7e:c9:2e:6d:16:06:b0:e5:ff:0d:f5:60:
1f:59:36:a4:d7:05:1f:50:cb:ef:c4:57:17:ff:50:
2f:b3:ed:a4:13:09:55:a3:4b:19:3d:c1:f0:0c:2c:
54:7e:92:37:cc:90:4e:83:75:19:fd:8b:bc:41:00:
95:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:FB:86:9E:88:57:F5:CF:19:FD:5B:A7:57:90:05:DF:60:7C:85:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:0d:91:a3:39:09:a2:ca:3c:29:da:5a:f4:ef:79:4d:f7:72:
3f:b3:53:a2:dd:25:5a:d2:f5:2d:18:54:58:1d:30:23:55:d7:
50:5d:0a:02:c3:f1:17:dd:00:df:d3:e3:4a:a0:b1:33:db:72:
3f:c9:53:d2:6c:83:a5:14:ff:3e:7b:42:f2:e9:9c:05:f5:f3:
df:9c:e3:f8:83:6a:53:83:be:b2:04:9f:fc:75:de:87:b2:72:
2d:60:37:5d:f9:92:c4:51:c8:b5:5a:f5:67:d1:4d:1e:fb:a7:
90:d1:27:cb:02:13:b2:b4:75:2e:de:07:a6:11:f6:ba:63:59:
83:48:95:29:35:08:e6:32:84:40:0c:39:62:2d:e2:ad:ec:0a:
f1:c9:35:ef:08:41:54:48:8a:69:e0:a2:ba:e2:6c:60:ac:3b:
5c:db:cd:e1:42:d5:99:48:70:2b:8e:b0:99:02:f9:60:b6:c1:
ce:f9:34:09:13:1b:6d:67:fd:b2:56:a1:ce:42:8c:c4:09:67:
94:86:74:f5:17:8f:7f:89:6d:e8:14:29:12:16:0d:50:65:7f:
e3:9d:9f:16:6b:27:7a:02:26:b9:fc:2a:a6:05:89:62:99:72:
a6:a8:02:ce:0e:f6:0d:ec:b7:75:8d:bf:d9:55:0f:c4:1e:d8:
56:3c:6a:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF/6+Y3+/pho+UcZryen4nYJemRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMjlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMzE5ZmRkN2YxZTVmNWZiMzMxMjhjMzRjOWU0NGNjY2M4Mzc2ZWZhOGNm
YzEyOTkyMmY4MTJjY2QyYmYyN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdnJRwQ8MsPdnqPYa29GOKWaR8MKJyFEzoKic6ASLZCgz0/pJa7+hV/a776
Ub88qM1IjSTfHNDIGgFXFpFbFXpOjXrW6Z9b+UFt4jskz0zC7VSyR7XNxDJ3tPxx
fU+vR03wXk7rhD6NqmMm2cBZsunjT1vOcIIIoc5+SQueLWaIzZ/nfzOp1tD81HVI
lYt9BEGyrEuYpbPUdGOnvDcipdCvU4Jj1ObJarchOR0bnxL5Hc/CiY468cgYf0j/
FER0NffTV14FfskubRYGsOX/DfVgH1k2pNcFH1DL78RXF/9QL7PtpBMJVaNLGT3B
8AwsVH6SN8yQToN1Gf2LvEEAlWMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRK+4ae
iFf1zxn9W6dXkAXfYHyFbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQCCDZGjOQmiyjwp2lr073lN93I/s1Oi3SVa0vUtGFRY
HTAjVddQXQoCw/EX3QDf0+NKoLEz23I/yVPSbIOlFP8+e0Ly6ZwF9fPfnOP4g2pT
g76yBJ/8dd6HsnItYDdd+ZLEUci1WvVn0U0e+6eQ0SfLAhOytHUu3gemEfa6Y1mD
SJUpNQjmMoRADDliLeKt7ArxyTXvCEFUSIpp4KK64mxgrDtc283hQtWZSHArjrCZ
AvlgtsHO+TQJExttZ/2yVqHOQozECWeUhnT1F49/iW3oFCkSFg1QZX/jnZ8Wayd6
Aia5/CqmBYlimXKmqALODvYN7Ld1jb/ZVQ/EHthWPGpv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net