Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: IY9oXm8/DuByAVHAWgI60FIc/zgmn9WbjcZW8F30vPI=
Subject key identifier: 70:70:E6:9D:69:04:4D:C8:EC:AA:D7:48:F5:25:85:0A:7E:70:6A:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 117BDE8E50A4BF1745C57F27415271A126D01ECF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Mon 31 Mar 2025 21:31:08 +0000
ROA not before: Mon 31 Mar 2025 21:31:08 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:7b:de:8e:50:a4:bf:17:45:c5:7f:27:41:52:71:a1:26:d0:1e:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:08 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=4dd618a5193be74c4c21260d037fd16509135538ccabd09f18b5bec3db9e4ee2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:ec:21:61:e7:45:76:66:5f:18:b8:46:ed:
c5:ec:6d:3f:9f:55:c8:92:ca:ad:c9:f0:0e:75:48:
7f:af:3e:fa:42:91:35:72:5c:4b:8a:ce:66:64:13:
71:92:a8:84:71:20:a5:67:82:90:ff:bd:ad:63:34:
0f:13:d1:bc:71:fd:27:b5:88:b1:d0:6f:41:40:3e:
38:b9:ee:56:52:58:26:74:bf:45:55:49:87:59:5f:
d4:c9:c2:b9:fe:5f:1f:03:34:df:b0:21:9c:9f:f4:
ae:ad:16:d1:3e:71:ca:77:bf:95:a4:84:57:33:8c:
70:40:8e:93:37:2e:0b:7b:c5:6a:70:20:70:83:9f:
06:87:01:67:f9:d7:83:a8:c9:99:0b:4c:eb:30:9e:
15:cb:e1:1e:35:37:22:19:8a:be:6d:b2:96:f9:ad:
38:bb:89:b1:1b:21:f9:58:a3:1f:a3:c3:e5:13:f0:
de:44:ac:f2:4c:a1:9c:99:89:3d:4e:a4:08:08:3a:
57:4d:55:19:db:1f:dc:4c:65:c6:a9:f5:6e:7a:23:
bf:bd:15:e5:d8:ca:18:0a:87:b3:35:c1:c0:a9:52:
d8:4e:ba:a5:e9:68:a7:a6:d3:d0:05:e2:20:bb:b8:
2d:c1:39:5f:27:17:46:69:57:02:de:5b:af:99:a7:
79:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:70:E6:9D:69:04:4D:C8:EC:AA:D7:48:F5:25:85:0A:7E:70:6A:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:fe:86:be:6b:0d:78:b6:73:3e:ae:70:f8:7a:35:15:3d:be:
4b:bc:7f:9d:3c:dd:9d:75:14:f9:56:3a:ba:3b:bc:9a:4e:4f:
6c:ad:b0:9b:d7:cd:0f:38:be:74:1c:f4:1d:44:81:45:ba:1f:
12:f7:c7:13:0e:5d:7e:34:5a:98:61:9c:e8:d9:c1:c5:79:9c:
5d:24:f5:f8:85:f1:c2:63:ef:17:7a:ca:ad:0a:7e:12:bb:22:
92:2c:92:3c:e6:bc:7b:24:41:2f:6d:7a:8c:4e:bf:9f:79:6c:
80:a6:a4:e1:66:19:44:74:42:69:63:91:4b:89:b6:e0:fe:97:
44:1a:0e:13:a9:70:91:c9:63:d8:49:7e:f6:58:ea:14:45:5c:
85:39:43:7d:14:a1:f5:16:e0:bc:36:b5:ca:de:28:2c:b5:82:
ea:f8:1a:fa:16:81:16:69:d8:60:b6:bf:cd:1f:c1:57:5c:85:
15:15:ca:d0:ed:7c:79:15:c8:c9:00:19:b5:77:d9:19:25:ad:
9a:5e:09:84:41:8a:5f:e6:0b:f2:59:9e:70:1f:4d:69:da:7d:
38:58:45:81:e2:94:be:7b:42:d1:26:ca:f9:ef:04:aa:bd:a2:
ed:18:d3:9d:ee:ca:d3:38:6b:08:77:95:f9:2d:3d:af:6f:b6:
59:e1:8e:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEXvejlCkvxdFxX8nQVJxoSbQHs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMDhaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZDYxOGE1MTkzYmU3NGM0YzIxMjYwZDAzN2ZkMTY1MDkxMzU1MzhjY2Fi
ZDA5ZjE4YjViZWMzZGI5ZTRlZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/07CFh50V2Zl8YuEbtxextP59VyJLKrcnwDnVIf68++kKRNXJcS4rOZmQT
cZKohHEgpWeCkP+9rWM0DxPRvHH9J7WIsdBvQUA+OLnuVlJYJnS/RVVJh1lf1MnC
uf5fHwM037AhnJ/0rq0W0T5xyne/laSEVzOMcECOkzcuC3vFanAgcIOfBocBZ/nX
g6jJmQtM6zCeFcvhHjU3IhmKvm2ylvmtOLuJsRsh+VijH6PD5RPw3kSs8kyhnJmJ
PU6kCAg6V01VGdsf3Exlxqn1bnojv70V5djKGAqHszXBwKlS2E66pelop6bT0AXi
ILu4LcE5XycXRmlXAt5br5mneX8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwcOad
aQRNyOyq10j1JYUKfnBqDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ/oa+aw14tnM+rnD4ejUVPb5LvH+dPN2ddRT5Vjq6
O7yaTk9srbCb180POL50HPQdRIFFuh8S98cTDl1+NFqYYZzo2cHFeZxdJPX4hfHC
Y+8XesqtCn4SuyKSLJI85rx7JEEvbXqMTr+feWyApqThZhlEdEJpY5FLibbg/pdE
Gg4TqXCRyWPYSX72WOoURVyFOUN9FKH1FuC8NrXK3igstYLq+Br6FoEWadhgtr/N
H8FXXIUVFcrQ7Xx5FcjJABm1d9kZJa2aXgmEQYpf5gvyWZ5wH01p2n04WEWB4pS+
e0LRJsr57wSqvaLtGNOd7srTOGsId5X5LT2vb7ZZ4Y7y
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net