Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: dak6MgyRbw4KG5Qh4VEZ92J8oe1jzvu+Yb+KYXBiTbY=
Subject key identifier: 1B:99:5B:D9:26:C0:05:E3:1E:90:35:0C:5E:6D:04:67:DC:D4:F6:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37AA8B058EDC6A90DB65C890434D2E83254D389B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Mon 31 Mar 2025 21:31:15 +0000
ROA not before: Mon 31 Mar 2025 21:31:15 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:aa:8b:05:8e:dc:6a:90:db:65:c8:90:43:4d:2e:83:25:4d:38:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:15 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=403ba7b53f528cd9898b0071a270d8c56b92aa31cea42b57a1fc0ade8b200700, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:9f:c8:5e:ca:f6:ec:71:20:85:82:d4:78:
77:31:cf:f5:52:33:bb:18:98:31:95:b0:ac:9e:b7:
3b:7e:44:83:75:2f:30:4b:6d:1f:02:5d:c8:bc:a3:
0e:73:ff:ad:fa:c5:7b:d8:d9:39:2b:28:bd:1e:a3:
7a:83:8f:81:8e:a1:05:1a:89:08:84:7d:ac:d0:5a:
c8:3a:42:90:d5:d3:99:f4:3a:34:f1:57:ce:3e:8a:
2a:41:cd:14:40:03:9a:f4:e8:d6:fd:8e:04:30:70:
bd:6b:50:5c:9f:85:fc:41:ee:f8:0a:62:62:99:fe:
96:57:12:7d:2a:fd:5a:62:46:4a:01:23:94:26:dc:
24:17:ea:15:33:85:ea:74:81:f0:97:96:3c:47:0d:
9d:61:28:d7:26:ce:f6:cf:70:ff:b3:2b:85:9b:74:
0e:2e:ff:88:5a:08:b9:32:53:94:42:c7:f0:60:b3:
30:06:20:4e:98:08:b2:9c:f4:42:c8:56:37:ee:c1:
dd:a3:fe:f0:e9:b7:51:e8:d6:fe:cd:8f:59:51:fa:
44:d5:29:96:ad:9d:f4:f8:d3:84:81:5d:21:f3:b0:
06:79:6e:92:d9:a8:5d:4c:d7:db:bc:40:a7:80:24:
be:97:2c:a8:f6:4e:db:5e:f3:0c:75:c9:f5:48:59:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:99:5B:D9:26:C0:05:E3:1E:90:35:0C:5E:6D:04:67:DC:D4:F6:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:52:c1:c1:50:ed:d7:84:d8:bf:85:5d:94:f3:d5:f5:56:d0:
d8:78:94:91:f7:d2:b1:b4:55:7f:4c:7d:14:1b:45:48:4f:35:
b4:90:b4:38:17:7a:3b:f6:93:f2:08:39:ab:6c:7c:38:da:8a:
86:cd:e1:77:34:e1:34:a1:b9:7e:ac:aa:ab:17:8b:ef:51:17:
c7:68:56:df:03:18:cb:ab:55:69:c7:c1:2e:31:63:11:41:be:
ef:db:17:9e:77:b9:b1:69:4d:f5:7f:15:5e:71:84:ec:9f:31:
97:c9:04:4a:27:9c:b4:32:fe:ce:0a:7a:98:a7:e2:1d:81:84:
d3:ca:c3:b3:03:81:e3:b1:20:16:d2:3d:2a:a1:3b:c6:09:48:
0e:ca:90:d8:02:76:5f:d0:89:e7:18:cc:eb:0f:f8:43:83:84:
97:fb:f3:b2:a7:fb:87:82:bd:9e:3e:b3:5a:53:0e:65:ba:d4:
83:b1:d1:45:47:9a:87:46:08:c8:77:05:05:fc:1c:73:f3:98:
a1:f9:59:0a:32:e7:93:75:d9:45:53:8b:d9:e2:17:f4:26:fb:
3e:be:a1:12:34:1c:78:99:56:81:c9:93:4f:22:88:28:48:bd:
e0:16:3d:c7:ec:ab:27:47:5f:1c:6d:4a:66:ed:48:1e:d5:41:
48:6a:4b:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN6qLBY7capDbZciQQ00ugyVNOJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMTVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwM2JhN2I1M2Y1MjhjZDk4OThiMDA3MWEyNzBkOGM1NmI5MmFhMzFjZWE0
MmI1N2ExZmMwYWRlOGIyMDA3MDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK12n8heyvbscSCFgtR4dzHP9VIzuxiYMZWwrJ63O35Eg3UvMEttHwJdyLyj
DnP/rfrFe9jZOSsovR6jeoOPgY6hBRqJCIR9rNBayDpCkNXTmfQ6NPFXzj6KKkHN
FEADmvTo1v2OBDBwvWtQXJ+F/EHu+ApiYpn+llcSfSr9WmJGSgEjlCbcJBfqFTOF
6nSB8JeWPEcNnWEo1ybO9s9w/7MrhZt0Di7/iFoIuTJTlELH8GCzMAYgTpgIspz0
QshWN+7B3aP+8Om3UejW/s2PWVH6RNUplq2d9PjThIFdIfOwBnluktmoXUzX27xA
p4AkvpcsqPZO217zDHXJ9UhZxMsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQbmVvZ
JsAF4x6QNQxebQRn3NT27jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBlUsHBUO3XhNi/hV2U89X1VtDYeJSR99KxtFV/TH0U
G0VITzW0kLQ4F3o79pPyCDmrbHw42oqGzeF3NOE0obl+rKqrF4vvURfHaFbfAxjL
q1Vpx8EuMWMRQb7v2xeed7mxaU31fxVecYTsnzGXyQRKJ5y0Mv7OCnqYp+IdgYTT
ysOzA4HjsSAW0j0qoTvGCUgOypDYAnZf0InnGMzrD/hDg4SX+/Oyp/uHgr2ePrNa
Uw5lutSDsdFFR5qHRgjIdwUF/Bxz85ih+VkKMueTddlFU4vZ4hf0Jvs+vqESNBx4
mVaByZNPIogoSL3gFj3H7KsnR18cbUpm7Uge1UFIaksK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net