Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: kGII/bcM4EQfqKr5KYWNHSF0u5dxVxuNfrMywYHKgS4=
Subject key identifier: E0:C6:78:42:EB:8D:BB:00:31:B2:7F:64:83:CB:6F:19:CA:C9:13:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B32BF3F2B380A66C471DD1F64ED906013E4CD2E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Fri 11 Apr 2025 00:50:45 +0000
ROA not before: Fri 11 Apr 2025 00:50:45 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:32:bf:3f:2b:38:0a:66:c4:71:dd:1f:64:ed:90:60:13:e4:cd:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:45 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=a275293ff03ad4070663e20b29fa5afa123fbc65583e930ba36d692be366aac2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:be:79:44:cb:6c:91:58:a1:a8:9e:8a:c4:fd:
d2:d8:dc:69:0e:65:89:6d:bb:39:a1:80:06:eb:b5:
26:1d:65:76:c0:51:87:81:38:c0:0c:fd:d4:8b:99:
ee:b1:c7:79:63:19:bc:76:41:03:be:aa:7c:be:69:
e0:45:70:28:96:04:c6:c0:df:32:9b:90:93:7f:d0:
61:86:9b:73:01:b3:ca:36:0a:6e:a1:53:60:b1:c7:
cc:b9:75:da:4d:4d:46:57:e8:e3:2f:b5:5d:c0:bb:
a9:d1:1e:16:da:1c:31:9e:93:97:a6:08:45:89:19:
63:b0:62:31:3b:4c:13:c5:25:f5:e1:c1:8e:ad:11:
90:95:14:27:ab:b0:c6:c2:df:96:86:c8:96:27:31:
ab:96:91:a6:d9:2d:49:ee:c3:d8:28:5d:48:7e:56:
90:b8:e0:e9:73:e3:ba:5c:f1:21:b4:43:df:ee:1a:
33:a5:79:74:f8:a6:a8:af:35:11:41:1f:26:c4:2a:
c6:3b:a5:05:7b:7f:d5:20:ef:14:54:11:c0:32:e5:
93:ae:ce:14:e9:2d:ea:d0:11:df:4f:fb:78:4c:8e:
8b:3e:c3:df:d5:02:f4:31:a7:57:65:6c:f4:ea:55:
b9:42:dd:dd:6e:e4:67:24:84:8e:5a:6c:4b:f3:b2:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C6:78:42:EB:8D:BB:00:31:B2:7F:64:83:CB:6F:19:CA:C9:13:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:56:56:cd:4d:69:9e:70:da:14:36:e7:fa:52:d1:c7:30:bd:
59:73:93:cf:d3:37:01:4f:de:00:f4:85:db:ae:8a:28:d6:24:
c6:a4:f5:0a:b6:c7:5f:83:a1:6f:d3:15:0f:26:fe:22:29:27:
17:52:fe:ea:26:e8:6b:cd:87:11:7b:c1:0f:8a:b3:29:c0:57:
0d:45:b7:56:6f:db:bc:7f:e5:1e:44:7d:46:8b:4e:0e:d2:f2:
cd:a1:8c:6b:ae:0e:ae:63:5d:6d:c8:32:a0:53:5a:84:d3:16:
32:e3:29:06:0f:cb:f5:a9:29:70:25:63:1b:80:e6:96:99:02:
8d:8d:ce:b4:6e:e5:18:a3:91:70:7a:33:7a:23:06:40:f9:ab:
30:6e:d1:a9:72:d0:24:87:2c:02:d3:4e:1a:46:4a:87:08:2d:
8b:5e:a3:e5:a9:cf:33:0f:ba:2c:bc:7a:9c:5b:72:43:b6:37:
37:f7:3b:00:43:63:fe:f2:b5:bd:ad:93:77:c2:3f:00:8f:e9:
5e:ee:53:78:82:e1:05:49:30:61:c5:c0:bc:6b:73:af:15:71:
74:db:7e:bc:f6:9c:79:af:56:f1:53:b9:a2:b6:fa:40:1c:30:
ce:92:99:89:67:b0:58:a6:17:bf:ec:6b:98:b6:59:ed:fa:5d:
c7:84:7e:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCzK/Pys4CmbEcd0fZO2QYBPkzS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwNDVaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyNzUyOTNmZjAzYWQ0MDcwNjYzZTIwYjI5ZmE1YWZhMTIzZmJjNjU1ODNl
OTMwYmEzNmQ2OTJiZTM2NmFhYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANe+eUTLbJFYoaieisT90tjcaQ5liW27OaGABuu1Jh1ldsBRh4E4wAz91IuZ
7rHHeWMZvHZBA76qfL5p4EVwKJYExsDfMpuQk3/QYYabcwGzyjYKbqFTYLHHzLl1
2k1NRlfo4y+1XcC7qdEeFtocMZ6Tl6YIRYkZY7BiMTtME8Ul9eHBjq0RkJUUJ6uw
xsLflobIlicxq5aRptktSe7D2ChdSH5WkLjg6XPjulzxIbRD3+4aM6V5dPimqK81
EUEfJsQqxjulBXt/1SDvFFQRwDLlk67OFOkt6tAR30/7eEyOiz7D39UC9DGnV2Vs
9OpVuULd3W7kZySEjlpsS/OyKb8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgxnhC
6427ADGyf2SDy28ZyskTjjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBmVlbNTWmecNoUNuf6UtHHML1Zc5PP0zcBT94A9IXb
rooo1iTGpPUKtsdfg6Fv0xUPJv4iKScXUv7qJuhrzYcRe8EPirMpwFcNRbdWb9u8
f+UeRH1Gi04O0vLNoYxrrg6uY11tyDKgU1qE0xYy4ykGD8v1qSlwJWMbgOaWmQKN
jc60buUYo5FwejN6IwZA+aswbtGpctAkhywC004aRkqHCC2LXqPlqc8zD7osvHqc
W3JDtjc39zsAQ2P+8rW9rZN3wj8Aj+le7lN4guEFSTBhxcC8a3OvFXF023689px5
r1bxU7mitvpAHDDOkpmJZ7BYphe/7GuYtlnt+l3HhH7Y
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net