Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: 0CzNn0gr0KpnETtkIdgMRaN4WEWLnCioByFJgfhOd6w=
Subject key identifier: B9:DE:88:5F:53:85:06:45:8A:67:34:03:EC:6C:3D:C1:19:67:F3:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70C9E3129CA27015631615C998DAC67615A979F1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Fri 11 Apr 2025 00:50:18 +0000
ROA not before: Fri 11 Apr 2025 00:50:18 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c9:e3:12:9c:a2:70:15:63:16:15:c9:98:da:c6:76:15:a9:79:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:18 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=81cc86b790211b1d483fecd16717bf4d2b417175b90abb76755af1f7c56b16d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:5f:5f:26:27:63:bc:6e:4a:c3:e1:fd:7b:
cb:e0:62:c3:59:1a:c6:ee:f8:6d:68:03:d0:b4:4c:
63:86:1c:85:f4:0f:fd:c5:1e:dd:b8:2f:53:46:68:
9e:8f:57:2d:fc:a7:d9:f7:31:81:8b:c3:cb:b5:22:
24:8c:d0:7f:08:2a:95:41:ae:4c:e2:b6:51:5b:0a:
36:9f:72:c6:a3:76:d3:4a:81:77:be:a1:85:bc:09:
49:2f:be:fb:05:59:c6:06:97:8b:23:12:c4:b0:69:
ff:81:91:85:a0:2f:d7:b4:86:ca:97:74:41:9f:19:
f5:d2:89:93:99:50:da:15:b3:e1:36:07:59:74:44:
2c:ab:16:89:21:36:19:87:14:8f:fb:a9:b4:fa:80:
82:4f:31:96:d7:1c:6c:29:0a:5d:4b:5d:ec:5d:1e:
14:1a:6d:17:e2:ff:b4:33:01:92:96:9a:a7:b3:3c:
c9:91:08:8c:4d:3a:c3:8d:ae:47:45:bd:c5:f8:78:
12:d1:a1:f7:1d:ca:76:ff:01:40:06:a1:36:4c:60:
ed:be:af:d4:ab:e1:8c:3b:25:73:6b:72:ec:c8:cb:
78:1f:dd:37:99:56:ad:14:bd:16:36:a3:81:48:77:
33:69:a5:cb:b4:17:60:cd:ca:3e:89:c4:f0:31:18:
8b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DE:88:5F:53:85:06:45:8A:67:34:03:EC:6C:3D:C1:19:67:F3:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:82:28:f0:ad:64:01:7b:45:4b:88:52:28:5a:26:63:72:01:
bd:91:32:74:39:27:19:d2:90:59:78:bd:72:af:01:14:d6:53:
bb:bb:df:60:fb:75:60:56:08:73:61:fe:df:2b:71:81:44:3c:
eb:3e:0e:5e:16:bc:51:3e:d7:a8:1d:89:38:d0:39:7e:42:4e:
3c:ae:f3:a4:37:1b:73:2b:5b:fe:9e:9b:6e:52:bc:ae:0d:c8:
ba:fc:2d:d5:e1:ef:07:2d:ad:b4:0b:00:a3:70:94:a2:c0:9a:
c4:7a:f6:4e:f7:b9:a4:85:41:b6:20:24:4c:c2:a3:1a:7a:cf:
ff:9f:46:a4:49:ed:64:d4:c7:60:a3:16:e0:9a:b5:0e:03:45:
ea:bd:b1:5f:99:3b:f6:f7:fa:2b:9c:e0:45:72:87:2a:c2:fd:
58:c1:b7:8f:69:0a:19:cd:96:9e:23:08:2c:d1:72:9d:58:79:
f4:f7:cc:b6:c7:03:90:31:3f:ad:1c:f3:05:e3:96:32:b0:03:
2c:9d:e3:4e:a3:f5:8c:9f:73:66:c7:db:a1:09:73:02:fd:f5:
5e:22:26:f9:34:b9:44:d9:5a:42:89:f8:83:f6:89:f6:8e:65:
4a:2f:14:29:17:3a:67:b1:00:d3:50:ab:14:84:18:b8:8f:82:
ea:2f:ff:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcMnjEpyicBVjFhXJmNrGdhWpefEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMThaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxY2M4NmI3OTAyMTFiMWQ0ODNmZWNkMTY3MTdiZjRkMmI0MTcxNzViOTBh
YmI3Njc1NWFmMWY3YzU2YjE2ZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1VX18mJ2O8bkrD4f17y+Biw1kaxu74bWgD0LRMY4YchfQP/cUe3bgvU0Zo
no9XLfyn2fcxgYvDy7UiJIzQfwgqlUGuTOK2UVsKNp9yxqN200qBd76hhbwJSS++
+wVZxgaXiyMSxLBp/4GRhaAv17SGypd0QZ8Z9dKJk5lQ2hWz4TYHWXRELKsWiSE2
GYcUj/uptPqAgk8xltccbCkKXUtd7F0eFBptF+L/tDMBkpaap7M8yZEIjE06w42u
R0W9xfh4EtGh9x3Kdv8BQAahNkxg7b6v1KvhjDslc2ty7MjLeB/dN5lWrRS9Fjaj
gUh3M2mly7QXYM3KPonE8DEYi7cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS53ohf
U4UGRYpnNAPsbD3BGWfzTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQCcgijwrWQBe0VLiFIoWiZjcgG9kTJ0OScZ0pBZeL1y
rwEU1lO7u99g+3VgVghzYf7fK3GBRDzrPg5eFrxRPteoHYk40Dl+Qk48rvOkNxtz
K1v+nptuUryuDci6/C3V4e8HLa20CwCjcJSiwJrEevZO97mkhUG2ICRMwqMaes//
n0akSe1k1MdgoxbgmrUOA0XqvbFfmTv29/ornOBFcocqwv1YwbePaQoZzZaeIwgs
0XKdWHn098y2xwOQMT+tHPMF45YysAMsneNOo/WMn3Nmx9uhCXMC/fVeIib5NLlE
2VpCifiD9on2jmVKLxQpFzpnsQDTUKsUhBi4j4LqL/96
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net