Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: NBKrx1Bdt/4YGfIZeC79FFQ2wKW50/8bFKua6YP3uUQ=
Subject key identifier: 20:A1:AC:D3:EC:4C:72:56:D4:08:7D:4F:EB:8A:DE:2D:25:15:A7:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66B024FB4FD26BA2AD2E003CF56821890D5431D4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Mon 31 Mar 2025 21:31:06 +0000
ROA not before: Mon 31 Mar 2025 21:31:06 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:b0:24:fb:4f:d2:6b:a2:ad:2e:00:3c:f5:68:21:89:0d:54:31:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:06 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=0f138a24cfdd636b3b7bc766080f541c6a8ac8ecee06774799a0ff3943d37373, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bd:08:61:1e:42:6e:8f:43:b5:a1:73:b5:1a:
c7:85:37:c2:56:82:0b:ac:05:32:18:f4:1c:c9:03:
b1:e2:cc:69:d4:21:0e:bb:30:61:a1:ba:91:3e:0f:
3d:57:a0:40:9f:1d:f0:fa:c1:f6:36:0f:24:d9:2a:
ce:5c:ea:70:0a:a4:9a:d1:05:e1:6a:6a:9f:23:74:
6e:a6:d2:e8:9c:df:6e:2b:02:cb:17:d8:ea:db:76:
d8:60:ef:55:64:28:9f:64:18:1a:ad:fa:ad:34:98:
80:21:06:91:22:07:10:b3:2a:cb:cf:8e:0d:ed:4d:
11:8a:9b:03:0f:34:28:43:9a:64:37:7e:d1:6e:27:
fc:fc:47:bc:00:2e:ac:61:a6:55:9b:2a:2b:74:29:
88:e3:9f:ef:f2:bb:00:03:05:ef:9c:d1:74:54:a8:
90:12:c8:e2:60:db:e6:c9:14:bf:f6:e7:51:37:b8:
88:05:eb:f2:77:ec:19:e6:57:96:44:18:0b:78:b3:
84:95:b9:f0:4b:b8:cb:29:19:8f:9e:ef:95:45:63:
14:9d:7e:03:69:ee:3d:2e:b6:d2:38:f0:3e:cc:7c:
81:1b:14:41:b1:97:db:95:76:42:66:71:f2:56:65:
4f:aa:ff:7c:01:41:a1:0b:55:9f:87:1f:dd:49:8f:
15:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A1:AC:D3:EC:4C:72:56:D4:08:7D:4F:EB:8A:DE:2D:25:15:A7:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
85:66:b2:e5:cc:c7:89:6a:3b:cd:23:5e:23:a4:ac:84:ec:73:
ed:51:24:b9:44:59:2d:29:1f:54:00:fd:56:04:00:40:a6:d2:
ad:32:33:bc:ee:c5:1a:82:c2:8b:67:16:86:17:bc:f6:a6:c4:
21:38:a1:be:6f:6e:d1:0d:52:14:c3:1a:ec:49:82:f7:13:07:
a8:25:f2:86:01:3a:e4:9c:0d:c3:1f:a6:66:f0:4c:e4:7c:7d:
af:ae:d9:68:dd:5e:cb:b5:6d:9c:39:ae:1e:53:d6:3d:9a:c7:
7c:a9:2d:4f:4b:3a:e5:01:10:8a:f9:c5:75:86:73:a5:65:c3:
f2:c9:0c:51:22:07:a0:3b:d0:46:41:c5:8c:25:3d:41:e5:58:
4b:53:8a:44:e6:5a:0f:2a:6d:f1:dd:c0:d8:34:a1:fd:ef:f8:
ea:f6:81:10:77:36:4e:3f:f4:b2:d2:1f:c0:cb:ce:e7:b9:59:
83:c1:d0:03:7b:20:ac:c9:fb:9a:6a:a5:db:98:1c:20:b8:4d:
94:49:79:4a:8f:57:5f:be:63:f1:e9:15:5d:8f:01:2f:fc:f6:
d3:5a:59:48:8b:de:6e:ee:44:7a:7b:ac:c1:27:c7:90:bc:d3:
ce:b1:0c:89:7a:c1:a9:c5:40:88:8e:97:3d:e8:7c:26:1a:11:
7d:0b:8b:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZrAk+0/Sa6KtLgA89WghiQ1UMdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMDZaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmMTM4YTI0Y2ZkZDYzNmIzYjdiYzc2NjA4MGY1NDFjNmE4YWM4ZWNlZTA2
Nzc0Nzk5YTBmZjM5NDNkMzczNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANm9CGEeQm6PQ7Whc7Uax4U3wlaCC6wFMhj0HMkDseLMadQhDrswYaG6kT4P
PVegQJ8d8PrB9jYPJNkqzlzqcAqkmtEF4WpqnyN0bqbS6JzfbisCyxfY6tt22GDv
VWQon2QYGq36rTSYgCEGkSIHELMqy8+ODe1NEYqbAw80KEOaZDd+0W4n/PxHvAAu
rGGmVZsqK3QpiOOf7/K7AAMF75zRdFSokBLI4mDb5skUv/bnUTe4iAXr8nfsGeZX
lkQYC3izhJW58Eu4yykZj57vlUVjFJ1+A2nuPS620jjwPsx8gRsUQbGX25V2QmZx
8lZlT6r/fAFBoQtVn4cf3UmPFe8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgoazT
7ExyVtQIfU/rit4tJRWnfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQCFZrLlzMeJajvNI14jpKyE7HPtUSS5RFktKR9UAP1W
BABAptKtMjO87sUagsKLZxaGF7z2psQhOKG+b27RDVIUwxrsSYL3EweoJfKGATrk
nA3DH6Zm8EzkfH2vrtlo3V7LtW2cOa4eU9Y9msd8qS1PSzrlARCK+cV1hnOlZcPy
yQxRIgegO9BGQcWMJT1B5VhLU4pE5loPKm3x3cDYNKH97/jq9oEQdzZOP/Sy0h/A
y87nuVmDwdADeyCsyfuaaqXbmBwguE2USXlKj1dfvmPx6RVdjwEv/PbTWllIi95u
7kR6e6zBJ8eQvNPOsQyJesGpxUCIjpc96HwmGhF9C4vR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net