Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: BNFJye8bs2Hcuz4o1y26+7mbFHLg5i9rHrTnMM/mgdQ=
Subject key identifier: 38:D9:1D:55:AB:EB:74:FA:F9:A0:1C:0A:81:95:F8:3F:BB:4C:CB:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33DD0362A9CB45281BBF55C19FD6F9B9D541CCCA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Fri 11 Apr 2025 00:50:05 +0000
ROA not before: Fri 11 Apr 2025 00:50:05 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:dd:03:62:a9:cb:45:28:1b:bf:55:c1:9f:d6:f9:b9:d5:41:cc:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:05 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=4f778367032738d8960f6397104e6edfebe99914c12d3888173b7feda9df3f5f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:4c:60:3a:5d:57:4c:10:b8:f8:08:b6:3c:
59:0a:44:69:d7:75:56:6b:b0:67:c1:e6:25:a0:77:
0f:94:ab:75:08:a0:6d:b5:95:fc:4c:23:bf:04:44:
d9:6d:fd:8a:04:4f:3b:ea:59:bf:e0:79:5a:80:50:
92:01:e4:f7:b7:3f:77:95:8f:c6:7d:cd:6c:f0:26:
63:9d:9d:8d:19:f6:45:10:a6:ea:6b:29:72:87:8a:
3e:f7:65:7b:33:dc:56:b6:29:24:1f:19:03:ae:75:
a2:17:be:ba:85:46:d4:e9:dc:49:39:63:50:55:c7:
fa:2e:48:cd:44:b9:a0:f6:ec:2f:b1:31:4a:f5:be:
c9:81:c4:51:d3:b0:b2:1e:a7:b7:a8:01:59:ba:ec:
8d:a8:76:b6:c9:0e:69:e8:47:00:56:0f:a3:32:50:
78:b7:5e:c8:a6:ee:d5:30:9a:5b:ad:67:b6:a9:5e:
b9:62:3c:85:1a:24:95:ee:e6:dc:b6:3d:4f:e5:42:
5b:69:73:a0:3a:9b:cf:a1:8f:78:29:94:c0:0c:b3:
03:05:2a:6b:e9:89:16:ed:1a:07:41:f1:e1:f7:7f:
1d:68:df:aa:54:cb:28:c4:b5:43:8a:71:54:c9:f9:
a2:c1:b6:6a:8a:54:73:e0:a5:64:01:8d:31:24:48:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D9:1D:55:AB:EB:74:FA:F9:A0:1C:0A:81:95:F8:3F:BB:4C:CB:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:7d:b0:2b:9c:6d:1f:fb:5b:f3:0e:81:f6:b5:ab:c6:1d:11:
f3:69:60:f4:32:5a:51:78:55:86:f8:dc:1a:a4:ba:73:f3:32:
d9:27:be:10:60:08:39:02:0b:42:28:20:6c:4b:b2:0c:b2:a8:
75:44:55:58:5e:1f:f5:cb:75:15:a3:d4:3a:a1:95:37:fb:76:
2d:16:28:89:7f:29:3f:30:0d:1d:0c:f7:76:69:3d:5e:64:99:
5a:04:77:17:49:66:71:b1:9f:d8:b6:3c:da:5a:47:13:71:1e:
88:5d:80:c4:23:11:ec:64:bf:3a:e6:0f:19:87:ff:d1:ce:ad:
97:b6:1d:f7:47:43:4a:5f:6b:a7:d9:0f:d5:e7:05:5a:4d:e0:
a2:17:3d:bd:82:f4:c0:17:b4:b8:36:60:e7:aa:15:f1:74:9b:
4f:01:40:53:8a:24:88:f5:32:39:d2:5f:08:26:4f:48:a2:a4:
43:fa:58:39:ba:ef:d9:18:6a:97:cd:6b:cf:76:d4:20:81:ae:
15:69:cb:3c:32:7e:95:09:be:94:91:13:05:7b:2d:f3:b8:3b:
7c:57:43:40:97:76:01:84:f2:47:0c:6f:60:1f:04:e5:e7:06:
b2:b8:67:bf:11:48:48:af:df:b5:5b:4a:8b:45:0e:df:cc:86:
ba:ab:55:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM90DYqnLRSgbv1XBn9b5udVBzMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMDVaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmNzc4MzY3MDMyNzM4ZDg5NjBmNjM5NzEwNGU2ZWRmZWJlOTk5MTRjMTJk
Mzg4ODE3M2I3ZmVkYTlkZjNmNWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlgTGA6XVdMELj4CLY8WQpEadd1VmuwZ8HmJaB3D5SrdQigbbWV/EwjvwRE
2W39igRPO+pZv+B5WoBQkgHk97c/d5WPxn3NbPAmY52djRn2RRCm6mspcoeKPvdl
ezPcVrYpJB8ZA651ohe+uoVG1OncSTljUFXH+i5IzUS5oPbsL7ExSvW+yYHEUdOw
sh6nt6gBWbrsjah2tskOaehHAFYPozJQeLdeyKbu1TCaW61ntqleuWI8hRokle7m
3LY9T+VCW2lzoDqbz6GPeCmUwAyzAwUqa+mJFu0aB0Hx4fd/HWjfqlTLKMS1Q4px
VMn5osG2aopUc+ClZAGNMSRI/MUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ42R1V
q+t0+vmgHAqBlfg/u0zLQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAL32wK5xtH/tb8w6B9rWrxh0R82lg9DJaUXhVhvjc
GqS6c/My2Se+EGAIOQILQiggbEuyDLKodURVWF4f9ct1FaPUOqGVN/t2LRYoiX8p
PzANHQz3dmk9XmSZWgR3F0lmcbGf2LY82lpHE3EeiF2AxCMR7GS/OuYPGYf/0c6t
l7Yd90dDSl9rp9kP1ecFWk3gohc9vYL0wBe0uDZg56oV8XSbTwFAU4okiPUyOdJf
CCZPSKKkQ/pYObrv2Rhql81rz3bUIIGuFWnLPDJ+lQm+lJETBXst87g7fFdDQJd2
AYTyRwxvYB8E5ecGsrhnvxFISK/ftVtKi0UO38yGuqtVDA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net