Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: /7n3bKwRQQiNiYFoh6vRex0GnHDUtsrz62OigNdEfgc=
Subject key identifier: 73:55:51:A0:A1:1A:7F:6C:5F:8B:1B:B5:DF:CD:2A:51:B7:11:C6:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51DD9949D18A3E8615F94AA27F9CEA44D71AC4F0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Mon 31 Mar 2025 21:30:45 +0000
ROA not before: Mon 31 Mar 2025 21:30:45 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:dd:99:49:d1:8a:3e:86:15:f9:4a:a2:7f:9c:ea:44:d7:1a:c4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:45 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=2464b6c91b3abeac783c88d864f5f8ea83ea9b076c0bd02a148650678aea07d7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b3:c8:48:89:29:23:f6:1a:66:fa:f7:4a:52:
f3:ff:33:2f:d5:18:95:60:99:64:66:4b:2d:45:1c:
2b:5e:5d:4d:d0:eb:dd:44:8c:4c:8d:7f:13:3e:5a:
33:01:f4:e6:8b:97:63:d6:3a:9e:fa:49:de:6b:6e:
fe:c5:96:39:69:a0:2a:eb:31:01:7f:4d:13:b6:57:
f2:86:d1:ca:5b:9e:25:0c:72:c7:e1:cc:23:79:63:
b2:98:08:9e:31:7b:08:50:71:0d:62:0a:ed:fd:ee:
4b:bc:ed:06:00:9e:7f:f1:1c:35:f7:ba:92:ef:b6:
ae:5b:6e:5f:90:33:2c:18:06:76:27:38:a0:11:10:
b3:17:dc:52:2c:67:57:b7:1c:15:7b:19:d9:01:6a:
92:28:b4:ba:25:d1:4f:58:ce:51:de:80:02:af:0b:
07:64:64:f3:3a:a7:e0:e9:bf:eb:f8:6b:03:1c:52:
8e:0e:87:ca:27:a4:5a:ee:27:96:6a:64:58:6c:1f:
a9:d2:c3:5c:c1:f5:e0:13:f8:5c:d4:a3:ae:b9:34:
b2:33:a9:41:da:a4:f7:c8:e9:de:91:3b:b6:e8:fa:
fb:99:7c:44:33:f6:0c:ea:bd:24:42:65:ee:d1:eb:
0a:ec:8c:b8:0b:f0:88:4c:32:c2:58:05:2e:e1:3e:
6e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:55:51:A0:A1:1A:7F:6C:5F:8B:1B:B5:DF:CD:2A:51:B7:11:C6:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
81:fe:5c:f9:ff:57:73:ea:a5:b4:2d:52:76:89:ac:e0:a1:77:
25:00:35:a2:6a:09:10:c1:62:92:18:fb:de:b0:03:de:f8:5e:
25:d8:98:2c:b8:38:e3:cd:1d:b8:c7:c9:49:ff:db:b2:12:38:
12:4b:42:a1:2d:fd:db:65:5b:5e:ac:4a:e8:d7:00:33:84:4e:
5c:db:33:2b:1b:56:eb:47:04:63:3e:bd:01:c0:4f:29:c0:a5:
c4:9a:63:e0:76:1d:3a:df:23:a0:db:a9:52:ac:39:3a:5e:f2:
d9:0b:60:24:33:c0:ed:c8:74:e5:7b:f3:5a:5f:f5:9b:9b:7c:
87:1c:2e:3c:c8:d6:03:f6:a7:7a:fe:ce:c3:eb:3e:d5:9c:e5:
a0:4f:f1:a7:f9:99:11:8e:eb:43:ab:8f:54:51:87:ee:0b:32:
0b:8f:01:d3:5b:7f:cb:ef:4c:c1:0d:6c:f1:3f:5a:8f:c9:d1:
fa:2d:32:06:06:d3:52:0b:1b:97:f1:5e:0b:6d:de:de:80:1c:
38:ee:9b:3a:d7:92:9f:66:e9:c9:04:54:8d:7f:bc:e4:04:41:
72:50:ea:83:f4:79:cc:cd:c3:e6:28:da:64:cf:d3:a2:7f:03:
09:ca:95:cc:3d:13:f3:3b:bb:41:31:b6:bb:18:6d:34:d2:8c:
be:c5:47:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUd2ZSdGKPoYV+Uqif5zqRNcaxPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwNDVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0NjRiNmM5MWIzYWJlYWM3ODNjODhkODY0ZjVmOGVhODNlYTliMDc2YzBi
ZDAyYTE0ODY1MDY3OGFlYTA3ZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqzyEiJKSP2Gmb690pS8/8zL9UYlWCZZGZLLUUcK15dTdDr3USMTI1/Ez5a
MwH05ouXY9Y6nvpJ3mtu/sWWOWmgKusxAX9NE7ZX8obRylueJQxyx+HMI3ljspgI
njF7CFBxDWIK7f3uS7ztBgCef/EcNfe6ku+2rltuX5AzLBgGdic4oBEQsxfcUixn
V7ccFXsZ2QFqkii0uiXRT1jOUd6AAq8LB2Rk8zqn4Om/6/hrAxxSjg6HyiekWu4n
lmpkWGwfqdLDXMH14BP4XNSjrrk0sjOpQdqk98jp3pE7tuj6+5l8RDP2DOq9JEJl
7tHrCuyMuAvwiEwywlgFLuE+bqUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRzVVGg
oRp/bF+LG7XfzSpRtxHGMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQCB/lz5/1dz6qW0LVJ2iazgoXclADWiagkQwWKSGPve
sAPe+F4l2JgsuDjjzR24x8lJ/9uyEjgSS0KhLf3bZVterEro1wAzhE5c2zMrG1br
RwRjPr0BwE8pwKXEmmPgdh063yOg26lSrDk6XvLZC2AkM8DtyHTle/NaX/Wbm3yH
HC48yNYD9qd6/s7D6z7VnOWgT/Gn+ZkRjutDq49UUYfuCzILjwHTW3/L70zBDWzx
P1qPydH6LTIGBtNSCxuX8V4Lbd7egBw47ps615KfZunJBFSNf7zkBEFyUOqD9HnM
zcPmKNpkz9OifwMJypXMPRPzO7tBMba7GG000oy+xUdJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net