Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: +Fb7RdUs8SfxLCkFONdUKdh/YYxaviaddPuFIefTKxs=
Subject key identifier: 8C:00:67:AF:AE:BF:AB:CB:64:5D:E2:C7:23:8D:9D:9A:CF:D2:0A:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79318E8FBC9238FD52E019778DE047AF30A32B15
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Fri 11 Apr 2025 00:50:13 +0000
ROA not before: Fri 11 Apr 2025 00:50:13 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:31:8e:8f:bc:92:38:fd:52:e0:19:77:8d:e0:47:af:30:a3:2b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:13 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=d064909c7faf5ac2a4acedc21e46bb56e8fa0dd609a5cc059a4a36ded441c953, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d3:98:c8:22:7e:98:de:9b:ba:00:f3:f8:ce:
7e:4f:88:19:2e:df:05:70:60:2d:65:62:6b:70:ee:
fa:af:76:ae:1b:a4:04:b1:a3:24:fb:c7:12:5b:15:
f6:26:10:2d:4e:e8:c8:a2:a8:f8:b4:a4:03:83:41:
70:38:22:97:1d:90:63:8f:f0:7c:97:a0:d1:8f:e3:
18:2f:e6:66:7a:67:4d:75:a1:d3:e4:ad:6e:b4:6b:
81:d6:85:ed:0e:d6:e8:2d:cc:81:a4:7f:cf:6d:b8:
91:c4:2d:cf:7f:4a:cd:05:dd:a8:bf:ba:fa:fb:23:
67:ef:76:71:ca:4a:7e:90:2f:29:d8:62:9f:71:36:
b1:e3:d1:d0:83:c8:ed:ef:45:cd:a3:4b:4c:c1:3f:
b0:08:3e:a5:29:47:34:36:f4:43:50:45:2d:2b:f4:
90:0a:6c:f4:2f:29:f4:10:d9:2a:89:b2:80:c6:62:
22:32:a3:dc:30:4f:a9:d5:30:30:6e:af:a7:50:04:
8f:64:e5:c7:c6:d5:1b:85:45:13:dd:94:73:c5:96:
ac:fa:79:4e:78:48:aa:74:a2:36:e3:93:8a:1b:4e:
bf:ab:3f:3a:81:34:36:ce:04:67:da:97:55:85:69:
79:d8:49:a0:3e:99:d0:40:90:03:3e:eb:65:f1:dc:
66:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:00:67:AF:AE:BF:AB:CB:64:5D:E2:C7:23:8D:9D:9A:CF:D2:0A:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:54:9b:69:21:24:f5:81:4a:c4:05:2a:a1:c0:43:7a:35:fc:
bf:60:6b:8f:e1:c4:40:47:0a:ed:66:b5:c3:ad:61:6a:a1:f2:
40:b5:37:2d:a9:c0:a2:cc:6e:18:1b:fc:83:43:03:36:bd:46:
8f:5d:c2:7a:04:8a:5d:17:e8:97:6a:a0:e1:86:56:ad:fe:dc:
a5:91:cc:06:3f:55:38:9f:32:ce:96:f2:a2:a1:95:c1:0b:c3:
1f:c4:f0:c9:8e:8a:6c:0e:98:e8:66:9e:f1:aa:f2:08:c7:55:
27:d9:f9:1b:6f:1a:16:63:0c:8c:8b:ba:75:ab:e5:84:c2:72:
9a:fe:d6:25:4e:89:1b:44:20:93:f2:51:d9:df:72:65:fe:fc:
f3:cb:11:e1:e6:4b:b6:78:c3:99:f2:12:9b:c5:b1:ce:74:7d:
80:48:e0:9e:3a:a7:e0:8e:0b:4a:a1:99:fc:9b:87:74:71:dc:
9f:14:26:09:b1:d5:10:99:5a:ce:50:ff:b9:67:d2:f3:d0:6e:
fa:63:8c:5a:9a:8b:7e:ad:d5:a9:07:ae:c2:d5:f5:c7:04:ff:
29:f4:8d:68:77:2a:bb:a1:79:f9:a3:86:c0:82:5b:93:68:09:
83:e7:40:36:67:f6:34:d9:8d:25:88:7c:36:56:39:2b:33:c4:
d6:ee:5d:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeTGOj7ySOP1S4Bl3jeBHrzCjKxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMTNaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNjQ5MDljN2ZhZjVhYzJhNGFjZWRjMjFlNDZiYjU2ZThmYTBkZDYwOWE1
Y2MwNTlhNGEzNmRlZDQ0MWM5NTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPTmMgifpjem7oA8/jOfk+IGS7fBXBgLWVia3Du+q92rhukBLGjJPvHElsV
9iYQLU7oyKKo+LSkA4NBcDgilx2QY4/wfJeg0Y/jGC/mZnpnTXWh0+StbrRrgdaF
7Q7W6C3MgaR/z224kcQtz39KzQXdqL+6+vsjZ+92ccpKfpAvKdhin3E2sePR0IPI
7e9FzaNLTME/sAg+pSlHNDb0Q1BFLSv0kAps9C8p9BDZKomygMZiIjKj3DBPqdUw
MG6vp1AEj2Tlx8bVG4VFE92Uc8WWrPp5TnhIqnSiNuOTihtOv6s/OoE0Ns4EZ9qX
VYVpedhJoD6Z0ECQAz7rZfHcZg8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMAGev
rr+ry2Rd4scjjZ2az9IKETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQDBVJtpIST1gUrEBSqhwEN6Nfy/YGuP4cRARwrtZrXD
rWFqofJAtTctqcCizG4YG/yDQwM2vUaPXcJ6BIpdF+iXaqDhhlat/tylkcwGP1U4
nzLOlvKioZXBC8MfxPDJjopsDpjoZp7xqvIIx1Un2fkbbxoWYwyMi7p1q+WEwnKa
/tYlTokbRCCT8lHZ33Jl/vzzyxHh5ku2eMOZ8hKbxbHOdH2ASOCeOqfgjgtKoZn8
m4d0cdyfFCYJsdUQmVrOUP+5Z9Lz0G76Y4xamot+rdWpB67C1fXHBP8p9I1odyq7
oXn5o4bAgluTaAmD50A2Z/Y02Y0liHw2VjkrM8TW7l0P
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net