Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: nAUgn0Oxf97pc5X9rXwLMq8HV3L8lHmKqdN9aftXpWo=
Subject key identifier: F1:6D:95:E7:50:DC:DB:D4:03:79:04:5F:94:77:4D:EE:54:52:DD:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25206DC2F3F1EACE442BC315D2C7524D6CA6C203
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Mon 31 Mar 2025 14:22:00 +0000
ROA not before: Mon 31 Mar 2025 14:22:00 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:20:6d:c2:f3:f1:ea:ce:44:2b:c3:15:d2:c7:52:4d:6c:a6:c2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 14:22:00 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=40551d8d40ef77d108ec9f3e85faf5351fef46bbc373afb2e3393d3254c74775, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:70:73:24:d7:20:e2:85:5d:9a:ff:15:cc:5e:
92:b8:16:14:d3:0a:e9:08:3c:3a:b6:0f:bc:1a:cb:
43:ad:24:74:09:b8:83:b6:57:b3:f2:7a:24:0b:98:
83:5c:e7:73:0b:d5:48:72:91:ae:8f:4c:ca:46:eb:
15:8e:7a:23:8e:ec:48:0e:44:fa:89:e8:2a:95:ca:
71:a8:0f:61:16:75:a9:6b:c6:99:e9:4e:17:64:e8:
b6:d0:42:6f:9b:76:b1:c1:af:ec:8e:76:b8:db:d5:
4b:26:56:c5:71:a3:dd:24:c1:db:94:ed:8c:16:2b:
cb:fb:59:91:66:89:ea:bb:a3:47:13:ab:aa:40:de:
2e:1d:59:ad:d6:8c:b4:0f:59:91:87:6d:26:8f:99:
19:bc:47:e7:e1:f6:0a:59:a1:c5:13:b1:02:11:9b:
be:b4:ea:fa:57:37:ee:98:75:9d:24:b4:df:a1:40:
8d:a1:72:72:3b:b4:27:a6:a7:1b:4a:2d:3b:46:19:
0f:57:57:a3:0d:85:ff:a9:a3:d8:1c:5a:1d:ef:61:
fb:25:fd:98:3f:28:85:a7:97:14:6a:38:db:b9:10:
0e:a1:b5:e7:e0:90:76:77:0b:11:a5:ca:60:8e:67:
d2:ab:09:d5:52:03:10:1b:8f:21:15:64:53:ef:f7:
11:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6D:95:E7:50:DC:DB:D4:03:79:04:5F:94:77:4D:EE:54:52:DD:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5f:3e:1d:83:5c:5a:17:5a:29:91:6a:c8:a0:37:54:1e:a5:26:
d0:f9:c5:04:48:bc:f1:d0:9b:78:af:88:96:63:d7:3b:48:3a:
f1:9e:23:38:d4:f9:81:e0:e1:0f:cf:6b:a1:20:85:a8:19:91:
6e:4a:22:4f:f5:38:34:7c:57:df:82:7e:65:c3:ef:d6:b1:a0:
b2:36:48:68:a7:d0:58:41:e3:44:a2:64:1b:6b:63:4c:3c:fe:
fb:08:f9:34:fc:dc:97:07:2c:d6:9a:fa:b1:c3:6a:91:5d:1b:
73:8c:06:e5:40:f7:8b:8d:d2:8b:25:91:64:4e:42:1c:f4:2a:
97:91:4a:00:59:1a:ef:f9:cc:9b:6d:49:15:59:69:d5:9f:1f:
3c:06:42:7d:3b:79:07:b1:e1:85:cb:76:dc:fc:56:fa:80:41:
57:06:a6:29:b8:33:45:82:32:40:6d:1c:a1:b7:81:c2:58:fc:
f7:18:03:38:46:34:46:9e:0c:9c:1c:78:dc:fe:52:52:f3:e3:
d8:26:bc:40:9a:d1:90:79:7e:b2:ed:cf:6c:e2:bf:89:4a:a9:
46:43:bf:b9:04:1d:3c:69:cb:59:e8:eb:09:a7:59:82:06:ac:
fd:b4:36:fe:56:5b:90:4f:8e:23:66:81:2d:d4:14:ba:b1:da:
a3:93:93:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJSBtwvPx6s5EK8MV0sdSTWymwgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzExNDIyMDBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNTUxZDhkNDBlZjc3ZDEwOGVjOWYzZTg1ZmFmNTM1MWZlZjQ2YmJjMzcz
YWZiMmUzMzkzZDMyNTRjNzQ3NzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5wcyTXIOKFXZr/FcxekrgWFNMK6Qg8OrYPvBrLQ60kdAm4g7ZXs/J6JAuY
g1zncwvVSHKRro9MykbrFY56I47sSA5E+onoKpXKcagPYRZ1qWvGmelOF2TottBC
b5t2scGv7I52uNvVSyZWxXGj3STB25TtjBYry/tZkWaJ6rujRxOrqkDeLh1ZrdaM
tA9ZkYdtJo+ZGbxH5+H2ClmhxROxAhGbvrTq+lc37ph1nSS036FAjaFycju0J6an
G0otO0YZD1dXow2F/6mj2BxaHe9h+yX9mD8ohaeXFGo427kQDqG15+CQdncLEaXK
YI5n0qsJ1VIDEBuPIRVkU+/3EcECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTxbZXn
UNzb1AN5BF+Ud03uVFLdFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQBfPh2DXFoXWimRasigN1QepSbQ+cUESLzx0Jt4r4iW
Y9c7SDrxniM41PmB4OEPz2uhIIWoGZFuSiJP9Tg0fFffgn5lw+/WsaCyNkhop9BY
QeNEomQba2NMPP77CPk0/NyXByzWmvqxw2qRXRtzjAblQPeLjdKLJZFkTkIc9CqX
kUoAWRrv+cybbUkVWWnVnx88BkJ9O3kHseGFy3bc/Fb6gEFXBqYpuDNFgjJAbRyh
t4HCWPz3GAM4RjRGngycHHjc/lJS8+PYJrxAmtGQeX6y7c9s4r+JSqlGQ7+5BB08
actZ6OsJp1mCBqz9tDb+VluQT44jZoEt1BS6sdqjk5P7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net