Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: 1sttDqPVG5BHcTsqQZfAUx/sAazcidQUW6NNwcyuI08=
Subject key identifier: 59:99:38:20:68:2F:64:2B:F9:52:EA:D1:83:3E:6C:D7:62:17:08:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A184DEB946ADB08EDA98447F0ACB9AABD8F7F8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Mon 31 Mar 2025 21:30:30 +0000
ROA not before: Mon 31 Mar 2025 21:30:30 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:18:4d:eb:94:6a:db:08:ed:a9:84:47:f0:ac:b9:aa:bd:8f:7f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:30 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=8dd1dcf0f0db63636d3f54f832d13a2f927923a4f8ff8f5fe51f4307ca99cc11, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:84:39:28:5a:0c:f4:40:ad:a9:3a:4f:97:4b:
51:1b:86:4a:b9:e4:75:93:e3:34:c8:e6:88:7e:09:
31:d8:7d:6b:8b:61:26:6d:59:4d:3d:d6:28:4d:6c:
36:53:20:8d:c2:d3:00:14:fe:a8:74:3b:1e:cd:d8:
72:ce:98:fd:81:88:3c:62:fa:75:e4:4b:7c:8a:ca:
b2:7c:47:e3:44:d6:b6:55:06:ae:4a:22:39:e4:94:
bb:f6:68:c2:c0:0b:04:67:d5:da:7b:77:4b:3f:7c:
8a:16:58:61:ac:be:21:87:bb:99:40:a3:20:61:48:
ee:fd:3a:17:02:d7:e2:43:7b:e8:16:58:a6:a2:e5:
5f:0e:76:8f:ae:ed:78:8f:eb:a9:ab:c1:e6:1a:2c:
92:03:b4:4c:54:a8:5c:8d:57:be:19:4e:d4:37:fd:
e8:40:dd:ec:6e:0e:1e:1e:52:4d:29:20:69:8f:a8:
49:83:cb:e4:ea:4d:84:5a:30:23:36:9e:ae:a2:77:
8b:36:3e:8c:c6:4c:f6:92:be:d5:a2:a2:9b:00:5c:
b2:ab:e5:31:80:cc:14:ec:3f:5e:65:67:53:94:9e:
18:b6:a9:ee:3d:65:67:01:9d:43:d5:d9:e2:af:6a:
b2:e5:fb:64:59:49:82:14:ae:ab:e3:22:23:49:9d:
63:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:99:38:20:68:2F:64:2B:F9:52:EA:D1:83:3E:6C:D7:62:17:08:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:4c:4b:c2:43:13:29:9c:1e:95:3e:e2:bb:f1:b6:80:57:ff:
3b:36:b2:da:82:6d:d7:74:08:04:3f:2d:94:f7:54:3c:99:cd:
13:52:09:f3:e0:05:d4:52:8c:ba:93:2a:c6:3f:81:7f:e6:b9:
9e:81:d3:6d:32:47:c9:98:aa:3d:0e:c8:d4:a3:b8:2f:0b:33:
e1:66:c7:db:fd:f1:8d:b8:99:21:54:3b:57:56:a2:89:ff:45:
b1:4f:a3:6a:29:03:4e:44:54:d0:63:ca:90:f5:f8:70:b8:c2:
a2:81:52:a6:ae:b0:08:9e:96:47:71:5e:74:f0:d4:d5:3a:38:
d5:51:52:08:10:d4:55:d3:65:d6:08:d1:b7:46:c4:04:42:61:
f3:80:51:b5:7b:b3:51:41:5a:94:a6:86:74:8a:75:48:9a:5f:
d9:c9:96:2c:cf:01:b6:b0:9d:67:9a:9e:1b:64:87:13:48:c8:
b2:70:0f:cd:ca:62:bf:bf:ec:7a:31:b9:b8:ab:b1:9c:da:cc:
db:7e:67:b4:ca:0e:32:2f:8d:6b:95:87:77:a4:d7:3f:53:f8:
57:9d:52:56:27:99:83:e6:da:29:1b:e8:89:cc:b5:8d:63:53:
8e:ea:63:26:1f:7b:08:20:04:d3:a2:53:2d:89:2c:d7:bd:e9:
4b:ea:07:df
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUehhN65Rq2wjtqYRH8Ky5qr2Pf44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMzBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZDFkY2YwZjBkYjYzNjM2ZDNmNTRmODMyZDEzYTJmOTI3OTIzYTRmOGZm
OGY1ZmU1MWY0MzA3Y2E5OWNjMTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaEOShaDPRArak6T5dLURuGSrnkdZPjNMjmiH4JMdh9a4thJm1ZTT3WKE1s
NlMgjcLTABT+qHQ7Hs3Ycs6Y/YGIPGL6deRLfIrKsnxH40TWtlUGrkoiOeSUu/Zo
wsALBGfV2nt3Sz98ihZYYay+IYe7mUCjIGFI7v06FwLX4kN76BZYpqLlXw52j67t
eI/rqavB5hoskgO0TFSoXI1XvhlO1Df96EDd7G4OHh5STSkgaY+oSYPL5OpNhFow
IzaerqJ3izY+jMZM9pK+1aKimwBcsqvlMYDMFOw/XmVnU5SeGLap7j1lZwGdQ9XZ
4q9qsuX7ZFlJghSuq+MiI0mdYyUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZmTgg
aC9kK/lS6tGDPmzXYhcIxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQCTTEvCQxMpnB6VPuK78baAV/87NrLagm3XdAgEPy2U
91Q8mc0TUgnz4AXUUoy6kyrGP4F/5rmegdNtMkfJmKo9DsjUo7gvCzPhZsfb/fGN
uJkhVDtXVqKJ/0WxT6NqKQNORFTQY8qQ9fhwuMKigVKmrrAInpZHcV508NTVOjjV
UVIIENRV02XWCNG3RsQEQmHzgFG1e7NRQVqUpoZ0inVIml/ZyZYszwG2sJ1nmp4b
ZIcTSMiycA/NymK/v+x6Mbm4q7Gc2szbfme0yg4yL41rlYd3pNc/U/hXnVJWJ5mD
5topG+iJzLWNY1OO6mMmH3sIIATTolMtiSzXvelL6gff
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net