Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: XFttziWCR4WgTV9i6XYSEUYIZbdPzkHrY2N4cR0At0c=
Subject key identifier: 5C:A5:00:63:C9:3B:D6:EF:B9:3E:86:8A:A1:CE:94:70:EF:E1:53:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D69F5F004B6A3A1D2A6DB242BB8C26ABDE86253
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Fri 11 Apr 2025 00:50:46 +0000
ROA not before: Fri 11 Apr 2025 00:50:46 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:69:f5:f0:04:b6:a3:a1:d2:a6:db:24:2b:b8:c2:6a:bd:e8:62:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:46 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=6804f8e6b6f5f3eb74ae6bc5cd29c0b351c61bc3cf7531a994e12de827e17ea5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:b8:9e:36:f9:5d:80:a0:ed:e4:e7:d2:8c:
f3:05:45:9c:a9:77:e6:40:90:d3:90:00:c9:62:f2:
b9:63:f3:83:12:1d:f0:20:97:19:d4:df:7a:c3:ab:
d2:6f:d1:f5:da:22:4b:a9:fa:2b:99:4f:4d:ad:ee:
d3:fd:52:79:a3:fe:da:01:ed:95:7f:ed:3e:4b:9c:
4b:25:72:fd:56:4d:66:98:1f:3e:5d:af:2c:04:1d:
a2:47:21:c1:78:53:1b:8a:14:0d:5a:ca:de:ab:16:
68:ef:1d:a3:51:85:39:4d:22:36:95:ee:bd:00:28:
f3:58:b1:20:20:67:5f:cf:10:8a:a7:54:a0:57:79:
6f:5c:96:30:ba:14:18:a2:19:36:25:77:22:70:f3:
b4:52:51:61:c8:8c:06:bb:18:db:86:33:94:9d:62:
e4:c8:24:f7:56:98:a4:3b:ce:bd:b6:66:8f:85:2b:
05:11:06:29:5a:a0:9f:47:c4:40:02:ea:75:b8:d5:
cf:1a:2f:27:de:0f:0b:9d:6e:36:42:4d:2d:40:3c:
14:40:d0:ee:ee:df:96:78:3e:0c:d8:e8:d1:fe:7b:
81:42:a4:e5:cc:85:e8:3c:b2:f2:51:2d:11:1b:4e:
72:eb:19:d4:61:b0:3f:09:3e:82:da:bc:61:2e:30:
ef:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A5:00:63:C9:3B:D6:EF:B9:3E:86:8A:A1:CE:94:70:EF:E1:53:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4d:a1:14:94:24:67:07:6a:ff:54:0c:f8:d6:bb:45:b7:31:31:
74:fb:b7:fd:a9:72:e4:a7:47:d5:e0:9b:28:90:30:3b:97:79:
db:d3:fb:ce:3f:6a:09:96:03:e6:85:6f:09:0b:36:1c:13:13:
b1:a8:aa:36:4e:88:03:9b:a6:62:30:55:cc:ba:cd:fd:03:25:
67:1c:1b:c4:01:93:b2:9d:f7:72:8a:74:c2:26:65:e2:c6:73:
e6:fc:ce:b4:88:d9:04:c8:41:1a:98:88:5e:5c:43:87:6a:30:
d4:54:5a:02:e7:3f:2b:ef:94:63:79:a4:64:2b:bc:38:8d:11:
e4:91:24:b5:f6:3f:86:a0:64:7c:19:0e:88:3d:df:64:9a:8d:
8a:4d:8b:29:f7:3d:20:46:ad:f8:69:fb:f4:01:a9:45:04:4c:
f3:a3:55:78:c2:04:d4:16:7e:49:7f:6c:c2:88:98:2b:dd:4e:
ef:78:ba:ee:8a:cb:55:2d:79:f8:ca:79:ad:fa:da:af:0e:b9:
83:37:90:d1:4f:fa:ec:c4:25:ad:ec:ec:35:62:89:6d:33:48:
bb:d3:39:aa:2d:d0:80:92:b4:5e:c6:ab:4b:fb:b7:7c:4e:b2:
0c:40:79:53:c0:84:05:81:22:0a:6e:e2:6f:b7:36:8d:91:c8:
8d:f8:21:1d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPWn18AS2o6HSptskK7jCar3oYlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwNDZaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MDRmOGU2YjZmNWYzZWI3NGFlNmJjNWNkMjljMGIzNTFjNjFiYzNjZjc1
MzFhOTk0ZTEyZGU4MjdlMTdlYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHpuJ42+V2AoO3k59KM8wVFnKl35kCQ05AAyWLyuWPzgxId8CCXGdTfesOr
0m/R9doiS6n6K5lPTa3u0/1SeaP+2gHtlX/tPkucSyVy/VZNZpgfPl2vLAQdokch
wXhTG4oUDVrK3qsWaO8do1GFOU0iNpXuvQAo81ixICBnX88QiqdUoFd5b1yWMLoU
GKIZNiV3InDztFJRYciMBrsY24YzlJ1i5Mgk91aYpDvOvbZmj4UrBREGKVqgn0fE
QALqdbjVzxovJ94PC51uNkJNLUA8FEDQ7u7flng+DNjo0f57gUKk5cyF6Dyy8lEt
ERtOcusZ1GGwPwk+gtq8YS4w7yECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRcpQBj
yTvW77k+hoqhzpRw7+FTJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEATaEUlCRnB2r/VAz41rtFtzExdPu3/aly5KdH1eCb
KJAwO5d529P7zj9qCZYD5oVvCQs2HBMTsaiqNk6IA5umYjBVzLrN/QMlZxwbxAGT
sp33cop0wiZl4sZz5vzOtIjZBMhBGpiIXlxDh2ow1FRaAuc/K++UY3mkZCu8OI0R
5JEktfY/hqBkfBkOiD3fZJqNik2LKfc9IEat+Gn79AGpRQRM86NVeMIE1BZ+SX9s
woiYK91O73i67orLVS15+Mp5rfrarw65gzeQ0U/67MQlrezsNWKJbTNIu9M5qi3Q
gJK0XsarS/u3fE6yDEB5U8CEBYEiCm7ib7c2jZHIjfghHQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net