Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
File: 4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa (raw, json)
Hash identifier: Ad4wbZ5G111O9HAXByLmb447xJ2GVmtxwxy2SHm4XPU=
Subject key identifier: 87:94:A2:C3:42:F2:87:B7:29:50:64:4C:3D:4C:71:63:10:2D:79:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D7F157710738F8E9A3B68084867708A2A9A7822
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
Signing time: Tue 01 Apr 2025 15:10:13 +0000
ROA not before: Tue 01 Apr 2025 15:10:13 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:7f:15:77:10:73:8f:8e:9a:3b:68:08:48:67:70:8a:2a:9a:78:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:10:13 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=bec3858078a6370adf34f784d4491b5b408900250836dd5aedb14676acf377fa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:1c:58:57:c4:1a:7a:81:54:7e:2b:c5:36:
95:fd:25:cb:15:32:06:2d:da:03:a2:af:91:1b:b4:
13:a8:1d:3a:30:78:a8:7b:7f:2f:1c:6a:58:6e:ed:
bf:3d:19:7a:59:3b:ac:68:62:ff:6e:24:a9:15:35:
a6:bc:0e:99:ec:ce:0f:c3:dc:6a:72:ac:26:d4:7f:
ba:78:e2:c2:cf:e0:10:cb:e7:7b:2e:ef:fb:80:1f:
81:db:8d:71:a9:8e:d8:7e:93:77:8c:8c:61:13:43:
e2:86:59:e8:f7:0b:91:df:17:a5:e2:d9:74:cd:24:
c7:a3:26:c2:3f:30:12:78:0b:4e:46:9d:d6:42:d2:
04:f3:33:92:f0:80:d5:db:00:1e:5b:0c:3e:a3:34:
d8:bc:a9:4a:e2:c7:fd:21:6c:ef:b6:56:7c:e7:5d:
65:ea:15:f8:7e:9a:2a:f3:2d:3f:96:64:d1:59:38:
bd:ca:cb:86:97:10:d6:b8:66:c3:b5:bb:6b:db:aa:
7c:c6:9e:a6:06:11:1e:d9:6c:f1:20:00:c1:b4:85:
96:51:ba:35:2a:9e:e2:72:e3:48:d0:3a:06:f8:99:
e1:71:2d:7f:1a:48:09:4b:ab:a5:28:21:a4:a4:73:
d0:21:97:cb:31:9e:eb:0a:bf:36:ad:90:d3:98:df:
7b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:94:A2:C3:42:F2:87:B7:29:50:64:4C:3D:4C:71:63:10:2D:79:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:a5:88:66:88:24:2e:b5:51:26:29:cd:99:7c:ee:d5:81:28:
e2:aa:8d:4f:29:e5:3b:8e:38:e6:c7:58:99:78:fe:45:50:9b:
cb:02:fe:a3:09:fb:62:4c:95:96:43:71:9c:3b:56:64:a1:53:
f1:8e:9d:8b:09:40:84:dd:90:c5:9a:16:69:aa:83:3d:dd:36:
8f:c0:22:16:37:53:67:68:a0:36:97:8a:ca:27:ed:e1:eb:4d:
cd:8d:86:8d:a8:5e:b4:60:86:01:c6:62:b6:dc:79:40:50:a9:
56:d3:2a:a2:27:55:25:64:96:0a:0a:24:e1:4b:00:1b:54:c3:
ad:b2:2a:88:e7:33:a4:0c:ff:4b:5a:9c:98:69:0c:7a:ea:3d:
4f:25:d1:b7:c5:b9:ab:7a:5f:53:19:67:59:35:a7:62:83:55:
1d:77:f6:6a:37:99:3e:0d:9e:dd:0c:68:2b:53:ce:6e:47:f6:
ca:e9:98:53:ab:e6:e3:4f:ea:d0:bc:6c:a3:eb:c6:22:6f:1d:
21:4c:16:69:7a:b5:94:3f:ba:cb:2f:9c:5d:60:28:f7:bc:6e:
73:8b:b9:31:bd:cf:c2:31:01:ae:4b:64:b2:09:f6:72:66:f0:
d8:63:3f:e9:fd:e5:2d:7e:73:e5:b4:91:88:ba:52:89:2e:fa:
96:2a:d5:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDX8VdxBzj46aO2gISGdwiiqaeCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTEwMTNaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlYzM4NTgwNzhhNjM3MGFkZjM0Zjc4NGQ0NDkxYjViNDA4OTAwMjUwODM2
ZGQ1YWVkYjE0Njc2YWNmMzc3ZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6OHFhXxBp6gVR+K8U2lf0lyxUyBi3aA6KvkRu0E6gdOjB4qHt/LxxqWG7t
vz0Zelk7rGhi/24kqRU1prwOmezOD8PcanKsJtR/unjiws/gEMvney7v+4AfgduN
camO2H6Td4yMYRND4oZZ6PcLkd8XpeLZdM0kx6Mmwj8wEngLTkad1kLSBPMzkvCA
1dsAHlsMPqM02LypSuLH/SFs77ZWfOddZeoV+H6aKvMtP5Zk0Vk4vcrLhpcQ1rhm
w7W7a9uqfMaepgYRHtls8SAAwbSFllG6NSqe4nLjSNA6BviZ4XEtfxpICUurpSgh
pKRz0CGXyzGe6wq/Nq2Q05jfe5UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSHlKLD
QvKHtylQZEw9THFjEC15FDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY5ZDNjMzktYWU3Ni00ZjIyLTlkZjktYzY1MDFhY2JjYzg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEAbaWIZogkLrVRJinNmXzu1YEo4qqNTynlO4445sdY
mXj+RVCbywL+own7YkyVlkNxnDtWZKFT8Y6diwlAhN2QxZoWaaqDPd02j8AiFjdT
Z2igNpeKyift4etNzY2GjahetGCGAcZittx5QFCpVtMqoidVJWSWCgok4UsAG1TD
rbIqiOczpAz/S1qcmGkMeuo9TyXRt8W5q3pfUxlnWTWnYoNVHXf2ajeZPg2e3Qxo
K1PObkf2yumYU6vm40/q0Lxso+vGIm8dIUwWaXq1lD+6yy+cXWAo97xuc4u5Mb3P
wjEBrktksgn2cmbw2GM/6f3lLX5z5bSRiLpSiS76lirVLg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net