Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: eFArFOy/dLG6rCi6T22+bE6njoxT/A97FSu204L4cco=
Subject key identifier: 60:BF:8D:D6:12:73:FF:13:82:91:8C:41:0B:C4:BB:2B:BD:5C:DC:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62EA75C69F10E394E4E940765133AB20EE34AC9E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Mon 31 Mar 2025 21:40:10 +0000
ROA not before: Mon 31 Mar 2025 21:40:10 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:ea:75:c6:9f:10:e3:94:e4:e9:40:76:51:33:ab:20:ee:34:ac:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:40:10 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=c6aa7858b6cf16cb607799dfe519e3add618cd7d8530e2c496c1a99518a4dc4d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c0:9c:da:a3:56:a7:67:ff:f4:87:20:58:0e:
80:e6:db:29:9b:09:18:5f:cf:1c:f5:2a:15:d2:98:
2a:21:e4:9b:0e:04:bf:4b:3d:3d:ca:9c:b9:6f:ba:
76:06:ae:92:0c:66:52:15:25:87:30:f6:8b:ae:61:
98:19:af:16:50:9f:b3:db:aa:01:a4:9c:ce:69:78:
48:00:f7:59:97:d0:a9:37:fa:33:31:e4:4f:ad:3f:
d0:55:76:97:58:10:17:8c:cb:60:ce:47:c1:19:49:
d6:39:2a:59:a9:45:42:fd:59:64:a5:07:47:8b:dc:
54:8f:f7:4e:a6:e3:70:aa:05:e7:43:6e:92:4a:a4:
22:b7:e5:1a:62:43:ab:b2:d6:1d:82:1d:5c:b2:25:
ef:60:4b:3a:45:32:47:12:ef:d1:d1:a8:ce:99:92:
af:36:55:0f:35:89:ca:76:52:57:c2:63:a8:12:cd:
f3:6c:4e:ea:2b:d2:5c:fb:fe:75:ae:ab:9a:b3:2a:
cd:f6:c8:04:93:b0:22:d5:4e:8a:cb:b9:98:81:6d:
cd:51:f8:6a:61:df:21:b4:71:16:c9:62:e7:fa:ad:
cc:1a:01:28:dc:fe:ab:0a:bb:40:56:e9:17:b1:b0:
56:59:6c:f7:57:e9:94:c9:e4:d0:e1:f7:33:1e:7e:
d3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BF:8D:D6:12:73:FF:13:82:91:8C:41:0B:C4:BB:2B:BD:5C:DC:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:25:d5:e4:11:26:a7:85:4e:72:51:32:b8:d8:38:bf:7c:d0:
7b:72:a4:80:bb:1f:48:c4:f2:99:a6:5c:f8:60:de:80:3b:44:
37:82:87:13:a2:da:be:85:d3:7d:e4:51:3c:11:6c:dd:db:51:
30:a1:a3:fa:00:ff:0c:92:df:1c:fc:eb:9d:b8:7c:61:64:d9:
6e:d8:b4:a8:75:00:4b:7c:b0:42:48:1d:f0:ff:e0:f1:36:da:
9b:19:ab:ae:cb:90:42:da:e0:0f:40:c7:94:de:fe:b8:e4:db:
4c:39:53:15:89:13:06:54:19:51:a6:0b:b4:09:01:f1:db:a1:
19:c9:71:ad:d9:6b:7e:22:2b:74:0c:1d:eb:6f:85:1f:26:24:
b3:74:ea:dd:82:db:8c:db:07:7c:b6:6b:f0:e0:1c:ad:76:72:
1f:e5:2e:cd:76:6a:16:05:47:89:2f:4c:9d:3d:9c:63:07:3c:
73:78:aa:1a:e9:a9:1c:70:fa:50:2d:45:71:d9:30:f7:16:15:
13:cb:f0:95:1e:c2:9b:3a:ef:a6:34:44:ae:0e:8d:4d:5f:80:
e0:65:e2:ce:ee:c8:22:9c:f5:31:37:a7:ca:8d:38:8a:ad:f7:
5b:24:95:28:c2:e9:8d:5f:82:14:3a:0b:6d:83:c2:e4:c6:cf:
55:3b:17:cb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYup1xp8Q45Tk6UB2UTOrIO40rJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTQwMTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YWE3ODU4YjZjZjE2Y2I2MDc3OTlkZmU1MTllM2FkZDYxOGNkN2Q4NTMw
ZTJjNDk2YzFhOTk1MThhNGRjNGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfAnNqjVqdn//SHIFgOgObbKZsJGF/PHPUqFdKYKiHkmw4Ev0s9PcqcuW+6
dgaukgxmUhUlhzD2i65hmBmvFlCfs9uqAaSczml4SAD3WZfQqTf6MzHkT60/0FV2
l1gQF4zLYM5HwRlJ1jkqWalFQv1ZZKUHR4vcVI/3TqbjcKoF50NukkqkIrflGmJD
q7LWHYIdXLIl72BLOkUyRxLv0dGozpmSrzZVDzWJynZSV8JjqBLN82xO6ivSXPv+
da6rmrMqzfbIBJOwItVOisu5mIFtzVH4amHfIbRxFsli5/qtzBoBKNz+qwq7QFbp
F7GwVlls91fplMnk0OH3Mx5+0wcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRgv43W
EnP/E4KRjEELxLsrvVzctDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQAiJdXkESanhU5yUTK42Di/fNB7cqSAux9IxPKZplz4
YN6AO0Q3gocTotq+hdN95FE8EWzd21EwoaP6AP8Mkt8c/OuduHxhZNlu2LSodQBL
fLBCSB3w/+DxNtqbGauuy5BC2uAPQMeU3v645NtMOVMViRMGVBlRpgu0CQHx26EZ
yXGt2Wt+Iit0DB3rb4UfJiSzdOrdgtuM2wd8tmvw4BytdnIf5S7NdmoWBUeJL0yd
PZxjBzxzeKoa6akccPpQLUVx2TD3FhUTy/CVHsKbOu+mNESuDo1NX4DgZeLO7sgi
nPUxN6fKjTiKrfdbJJUowumNX4IUOgttg8Lkxs9VOxfL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net