Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: Bpe+FwPaO/V54z6wItk3zqyTcfCGrq4LGdkLLGhg8aQ=
Subject key identifier: 92:D0:9A:E9:A1:27:8C:EA:ED:6B:F0:50:63:D7:0D:AF:03:D4:0A:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 167E90152C7AE8E8428B08692C522F3D4538D9A1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Mon 31 Mar 2025 21:31:03 +0000
ROA not before: Mon 31 Mar 2025 21:31:03 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:7e:90:15:2c:7a:e8:e8:42:8b:08:69:2c:52:2f:3d:45:38:d9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:03 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=376a605a36879fc90c862b0d9b5d5e7af516a22bcd526f37dcfef3b6d34a5823, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c1:94:7f:9c:77:94:5f:0b:a9:cd:fb:66:ca:
94:bc:7d:96:1b:c8:64:c5:6e:14:ee:1a:38:b2:6e:
b5:ab:77:dd:3d:44:12:82:3e:d3:ea:2d:12:44:ca:
ae:6e:1a:b4:29:95:07:69:f3:eb:f6:9d:7d:d2:46:
78:1e:e2:f7:59:0d:ec:4b:ce:97:6a:73:08:cc:a6:
a1:c4:47:53:a3:d1:37:ec:f0:6e:bc:a9:a4:f1:a2:
43:bc:27:50:3b:fa:ab:6f:f7:6e:b2:6c:9a:56:9f:
ad:55:b6:ee:6a:c2:e6:b7:d0:75:89:8f:b4:21:d4:
99:81:97:a6:be:4d:91:14:34:01:b1:e9:aa:e0:a7:
e2:bf:11:0b:d6:cb:48:33:9f:1d:aa:04:75:7d:cb:
ac:aa:24:ce:eb:e7:79:ae:92:45:5f:8d:67:44:f0:
39:7e:eb:e6:8d:66:36:c8:22:db:c7:98:86:5b:b3:
a7:f1:b0:da:3d:7f:8e:09:97:69:25:fe:9b:9f:31:
bc:d3:63:f3:bf:84:c5:47:99:bb:6b:4e:14:27:d4:
60:74:ca:b3:e3:1f:74:73:ef:f7:c2:46:fa:53:99:
d4:c7:6d:6c:35:77:a8:d3:74:61:b3:78:fb:f9:6f:
ca:8c:6b:2d:b7:d0:2d:7b:f0:4e:e4:b2:47:d6:a2:
29:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D0:9A:E9:A1:27:8C:EA:ED:6B:F0:50:63:D7:0D:AF:03:D4:0A:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
22:98:2a:8a:df:75:29:4b:5d:67:6b:16:70:b5:8a:67:9a:0c:
fa:f5:41:62:64:83:1e:1d:17:75:05:28:9e:b4:50:de:79:26:
5a:5e:00:df:b9:bd:b6:88:63:2e:50:d4:7b:c5:3c:a0:fa:47:
1e:a4:7a:36:70:c4:08:13:4c:ce:80:a4:eb:25:d1:19:ee:3a:
f5:8c:2f:d1:85:70:0f:f9:14:78:e8:6a:a6:c6:e3:21:51:22:
62:03:2d:41:25:7b:67:26:7a:f2:31:cd:c2:e4:0d:9d:c2:b5:
b9:97:83:3a:2a:f0:2d:fa:5e:38:45:1a:bb:7a:53:ca:79:11:
2e:a1:23:6a:c5:71:72:d1:67:90:56:0b:6d:fc:36:68:75:c1:
51:f9:7f:88:2b:c1:74:29:0f:cf:82:6f:d1:87:9e:b6:c9:6a:
4f:e5:4c:01:a1:20:52:7b:88:2e:36:ed:0d:34:3a:14:29:79:
57:83:f0:f6:80:5d:91:fd:8d:af:95:54:6d:70:33:0e:2d:54:
28:d1:3c:8a:dc:e4:06:d9:52:12:f4:6a:0d:12:bc:c3:ce:c4:
15:c3:7b:f2:ea:5f:f2:13:0b:7e:6e:ed:fb:fb:c4:56:cf:92:
a5:e6:e0:2f:e8:fa:8c:04:8f:b0:9e:a8:7d:93:50:60:ee:ab:
a0:8e:1d:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFn6QFSx66OhCiwhpLFIvPUU42aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMDNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NmE2MDVhMzY4NzlmYzkwYzg2MmIwZDliNWQ1ZTdhZjUxNmEyMmJjZDUy
NmYzN2RjZmVmM2I2ZDM0YTU4MjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrBlH+cd5RfC6nN+2bKlLx9lhvIZMVuFO4aOLJutat33T1EEoI+0+otEkTK
rm4atCmVB2nz6/adfdJGeB7i91kN7EvOl2pzCMymocRHU6PRN+zwbryppPGiQ7wn
UDv6q2/3brJsmlafrVW27mrC5rfQdYmPtCHUmYGXpr5NkRQ0AbHpquCn4r8RC9bL
SDOfHaoEdX3LrKokzuvnea6SRV+NZ0TwOX7r5o1mNsgi28eYhluzp/Gw2j1/jgmX
aSX+m58xvNNj87+ExUeZu2tOFCfUYHTKs+MfdHPv98JG+lOZ1MdtbDV3qNN0YbN4
+/lvyoxrLbfQLXvwTuSyR9aiKU0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSS0Jrp
oSeM6u1r8FBj1w2vA9QKLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQAimCqK33UpS11naxZwtYpnmgz69UFiZIMeHRd1BSie
tFDeeSZaXgDfub22iGMuUNR7xTyg+kcepHo2cMQIE0zOgKTrJdEZ7jr1jC/RhXAP
+RR46GqmxuMhUSJiAy1BJXtnJnryMc3C5A2dwrW5l4M6KvAt+l44RRq7elPKeREu
oSNqxXFy0WeQVgtt/DZodcFR+X+IK8F0KQ/Pgm/Rh562yWpP5UwBoSBSe4guNu0N
NDoUKXlXg/D2gF2R/Y2vlVRtcDMOLVQo0TyK3OQG2VIS9GoNErzDzsQVw3vy6l/y
Ewt+bu37+8RWz5Kl5uAv6PqMBI+wnqh9k1Bg7qugjh30
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net