Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: AfzuoOJkKxdTJWNnKiYUsiTOBVjWfb7fElmIlLKxr+k=
Subject key identifier: 92:97:56:6E:C5:4C:CB:65:8F:A8:F2:BB:2C:8E:C4:72:A2:2B:C0:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F9B123F99FB4E92707E3C5C6F0406CF99E4CFF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Mon 31 Mar 2025 21:20:04 +0000
ROA not before: Mon 31 Mar 2025 21:20:04 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:9b:12:3f:99:fb:4e:92:70:7e:3c:5c:6f:04:06:cf:99:e4:cf:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:04 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=35216d125d4e6bf5bddf89b542f9f7397e2807199b45fb8de46fb3c75bd8aa74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:97:d8:fa:d0:38:d9:bb:b3:ba:dd:48:97:
03:b2:c3:bf:03:17:21:30:38:57:8a:b3:94:8b:c1:
46:78:0e:1f:9d:ac:e2:6a:19:55:bc:85:48:10:35:
38:0c:a2:f9:d3:45:94:e4:d4:30:21:79:64:29:b2:
91:3e:d7:af:e9:47:bd:d2:a3:0e:0d:4a:7c:e6:b7:
24:0d:db:c5:3e:d5:04:a0:34:82:a0:ba:6b:eb:17:
c7:70:80:1e:8f:db:c4:44:13:64:6e:ec:8b:6f:5a:
03:11:29:3e:82:16:08:08:67:f2:aa:ea:69:1f:a1:
b4:ec:e3:69:6a:e5:82:5b:47:93:95:d7:76:f7:42:
b2:56:6c:b3:45:b6:84:9f:07:00:c7:d0:bd:30:9f:
18:cc:eb:bc:18:99:3b:91:3f:65:c1:3d:6d:57:30:
48:09:50:ec:8d:10:b2:dc:e7:b9:ea:3c:d3:ee:44:
e3:2e:62:19:ea:38:59:e1:54:94:0e:42:50:7f:35:
2a:2d:f5:4b:03:1e:e4:14:ce:1a:30:c6:70:d8:36:
25:50:66:95:48:61:b1:8b:41:05:90:dc:83:42:a0:
69:12:f8:dc:12:38:90:6e:67:82:e7:2e:b6:e3:1e:
be:d5:59:83:59:84:1a:35:cc:9a:bf:94:4b:f6:f5:
40:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:97:56:6E:C5:4C:CB:65:8F:A8:F2:BB:2C:8E:C4:72:A2:2B:C0:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
54:4f:2a:65:4b:d9:76:60:20:d6:4d:e6:3a:4f:eb:3d:c4:3e:
5f:26:b3:4b:75:1f:73:9a:64:54:d8:57:85:d8:7a:30:7a:ab:
51:f0:6f:81:51:a5:41:d9:16:84:26:30:e8:64:c3:3a:83:80:
c7:07:3b:55:d0:f3:5e:3b:d1:09:35:ae:8c:31:6d:6c:8d:a8:
fe:22:45:32:ad:79:9d:67:1d:d8:7a:2c:2f:bd:32:6e:d6:95:
7d:cf:c7:e9:f9:dd:11:de:f8:48:84:e5:41:b1:ff:dd:e0:94:
20:d9:d0:4a:0c:9b:d7:7d:8e:4e:91:67:2d:86:25:1e:5a:92:
7b:06:ea:e9:0c:12:d6:20:9d:98:04:88:f6:28:0d:97:ad:e2:
21:e7:2e:f7:36:b1:65:e5:8d:29:94:12:5a:cc:23:24:ae:ab:
6f:36:91:35:b6:d6:0e:14:17:b7:d4:2c:e2:4c:e5:17:ca:f6:
38:b9:fa:7a:56:75:5f:eb:ae:9b:63:d5:3f:24:2c:9a:e0:7b:
59:d1:87:d2:7b:e4:e4:0b:ab:8a:ba:60:35:95:1c:b9:7e:4f:
fc:5c:fe:5f:6b:47:40:24:72:4b:15:fb:9e:b6:b6:f3:d6:01:
2b:3d:13:95:87:88:ac:67:fa:bf:99:d6:33:40:3f:42:d6:35:
78:fd:47:c5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX5sSP5n7TpJwfjxcbwQGz5nkz/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1MjE2ZDEyNWQ0ZTZiZjViZGRmODliNTQyZjlmNzM5N2UyODA3MTk5YjQ1
ZmI4ZGU0NmZiM2M3NWJkOGFhNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUhl9j60DjZu7O63UiXA7LDvwMXITA4V4qzlIvBRngOH52s4moZVbyFSBA1
OAyi+dNFlOTUMCF5ZCmykT7Xr+lHvdKjDg1KfOa3JA3bxT7VBKA0gqC6a+sXx3CA
Ho/bxEQTZG7si29aAxEpPoIWCAhn8qrqaR+htOzjaWrlgltHk5XXdvdCslZss0W2
hJ8HAMfQvTCfGMzrvBiZO5E/ZcE9bVcwSAlQ7I0Qstznueo80+5E4y5iGeo4WeFU
lA5CUH81Ki31SwMe5BTOGjDGcNg2JVBmlUhhsYtBBZDcg0KgaRL43BI4kG5ngucu
tuMevtVZg1mEGjXMmr+US/b1QH0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSSl1Zu
xUzLZY+o8rssjsRyoivATzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAVE8qZUvZdmAg1k3mOk/rPcQ+XyazS3Ufc5pkVNhX
hdh6MHqrUfBvgVGlQdkWhCYw6GTDOoOAxwc7VdDzXjvRCTWujDFtbI2o/iJFMq15
nWcd2HosL70ybtaVfc/H6fndEd74SITlQbH/3eCUINnQSgyb132OTpFnLYYlHlqS
ewbq6QwS1iCdmASI9igNl63iIecu9zaxZeWNKZQSWswjJK6rbzaRNbbWDhQXt9Qs
4kzlF8r2OLn6elZ1X+uum2PVPyQsmuB7WdGH0nvk5AurirpgNZUcuX5P/Fz+X2tH
QCRySxX7nra289YBKz0TlYeIrGf6v5nWM0A/QtY1eP1HxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net