Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: 6v2wu0grAqCVupxh6B0W65WelbARIziBSxWDME4EXvk=
Subject key identifier: 5D:AB:5A:72:E1:58:2B:B8:CF:88:A9:61:E3:94:89:9D:01:F2:E8:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 677997FEE39A84B232D570B63FDB7F9139FF183E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Mon 31 Mar 2025 21:30:13 +0000
ROA not before: Mon 31 Mar 2025 21:30:13 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:79:97:fe:e3:9a:84:b2:32:d5:70:b6:3f:db:7f:91:39:ff:18:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:13 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=115b2e211d67d491d41597083d384dd9e06017541cbcc3e6ae901db76f077080, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fb:07:e5:76:9a:41:8b:05:bd:a3:00:59:f7:
ec:81:21:97:b8:58:ef:e3:78:bd:b7:44:5d:75:06:
63:f4:74:f7:0f:09:48:66:4b:dc:56:04:f5:3d:5a:
77:b4:0f:70:33:99:ab:a6:89:5e:89:c4:66:4a:5f:
81:3b:f7:ac:51:25:48:f6:53:97:69:f8:12:6b:54:
45:86:80:cb:b6:4d:cb:a4:2a:a0:7c:f2:66:2a:da:
96:b2:09:b4:d1:06:c2:93:6f:27:f6:52:12:39:f1:
51:d7:28:3a:93:0d:9e:af:55:a7:24:4b:bf:49:58:
2e:bc:10:e0:00:d8:e8:f4:dd:de:e6:b4:5e:83:e6:
dc:0e:ec:26:22:f6:db:cf:18:d5:c5:35:48:45:9a:
46:bf:14:87:f7:a2:43:f7:08:15:b2:cb:a4:c5:be:
ec:66:7a:5f:06:78:d5:6a:7c:0b:f1:fb:c2:3c:aa:
08:f2:bc:90:de:bf:31:27:ec:eb:00:47:45:8d:0c:
7c:4d:ef:77:02:13:21:59:dd:a2:9e:f5:ea:8d:20:
78:35:c1:ad:b8:72:50:63:15:e9:73:58:8f:41:4b:
f9:5e:73:49:68:a7:ff:d8:b6:fe:5b:09:43:80:7c:
4e:c9:1e:64:c8:cb:6d:7c:8d:af:95:8a:aa:e1:d1:
0f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AB:5A:72:E1:58:2B:B8:CF:88:A9:61:E3:94:89:9D:01:F2:E8:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3c:f5:a3:db:31:a7:5a:06:78:60:fb:c8:0c:d9:42:c9:59:a2:
6b:06:01:80:81:b9:67:08:8a:1d:82:45:5f:61:c8:6e:a5:de:
5c:dd:fb:65:7e:5b:0d:22:fa:58:43:bd:2f:38:5f:eb:6f:5a:
39:f3:e5:e1:1e:bd:3d:b2:22:7e:5a:3f:0c:da:75:d4:7b:c9:
29:d9:03:33:c1:5e:2c:fb:e8:c4:56:a8:29:f9:2f:3c:74:07:
25:7b:c6:f1:d2:ff:01:18:69:1e:ca:20:ee:d9:6b:ef:01:fb:
f9:11:27:6c:2c:c4:83:52:dd:85:02:c3:f2:8d:33:d0:ab:b5:
a4:fe:d0:a7:4b:54:aa:ed:ea:da:06:21:40:af:8a:a8:87:6e:
66:00:ed:e0:ed:44:08:1b:a2:8f:c7:aa:90:4d:05:11:5c:96:
00:93:9c:da:f0:a0:d7:08:35:ee:7c:0f:f4:6e:62:f5:30:f6:
ec:4a:6c:4c:4c:f1:09:ac:97:23:99:d7:69:0a:88:30:74:13:
31:b3:2c:59:51:50:04:b3:b3:10:bb:eb:f0:cc:54:43:bc:c7:
09:df:fa:f6:2b:97:2e:aa:e4:fb:1b:02:ee:b0:21:13:20:8e:
c7:55:d5:7b:20:b1:24:83:0a:63:32:95:78:b5:94:0d:0c:76:
60:1f:75:ed
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ3mX/uOahLIy1XC2P9t/kTn/GD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMTNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNWIyZTIxMWQ2N2Q0OTFkNDE1OTcwODNkMzg0ZGQ5ZTA2MDE3NTQxY2Jj
YzNlNmFlOTAxZGI3NmYwNzcwODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANf7B+V2mkGLBb2jAFn37IEhl7hY7+N4vbdEXXUGY/R09w8JSGZL3FYE9T1a
d7QPcDOZq6aJXonEZkpfgTv3rFElSPZTl2n4EmtURYaAy7ZNy6QqoHzyZiralrIJ
tNEGwpNvJ/ZSEjnxUdcoOpMNnq9VpyRLv0lYLrwQ4ADY6PTd3ua0XoPm3A7sJiL2
288Y1cU1SEWaRr8Uh/eiQ/cIFbLLpMW+7GZ6XwZ41Wp8C/H7wjyqCPK8kN6/MSfs
6wBHRY0MfE3vdwITIVndop716o0geDXBrbhyUGMV6XNYj0FL+V5zSWin/9i2/lsJ
Q4B8TskeZMjLbXyNr5WKquHRD7MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdq1py
4VgruM+IqWHjlImdAfLobDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAPPWj2zGnWgZ4YPvIDNlCyVmiawYBgIG5ZwiKHYJF
X2HIbqXeXN37ZX5bDSL6WEO9Lzhf629aOfPl4R69PbIiflo/DNp11HvJKdkDM8Fe
LPvoxFaoKfkvPHQHJXvG8dL/ARhpHsog7tlr7wH7+REnbCzEg1LdhQLD8o0z0Ku1
pP7Qp0tUqu3q2gYhQK+KqIduZgDt4O1ECBuij8eqkE0FEVyWAJOc2vCg1wg17nwP
9G5i9TD27EpsTEzxCayXI5nXaQqIMHQTMbMsWVFQBLOzELvr8MxUQ7zHCd/69iuX
Lqrk+xsC7rAhEyCOx1XVeyCxJIMKYzKVeLWUDQx2YB917Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net