Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: D5M4hnWyc3ERIN2XxZH/WvEjCZTsi3Rqeav2Y2C6mZA=
Subject key identifier: 2A:FB:C7:5E:7F:C0:17:3B:C0:08:8D:2D:AC:63:15:F3:70:9F:98:8C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 799C6B102A973FEABD807BE95D86A1695080304A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Mon 31 Mar 2025 21:31:02 +0000
ROA not before: Mon 31 Mar 2025 21:31:02 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:9c:6b:10:2a:97:3f:ea:bd:80:7b:e9:5d:86:a1:69:50:80:30:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:02 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=1f355d48e32c1eee42bb9de538a3e475b29d6a828f8c5d06cdc813750c482bae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0c:b3:ce:b2:f5:95:38:0b:38:22:97:b0:04:
70:5d:57:70:b0:77:1f:cf:6d:ba:f5:39:00:81:cb:
ae:7a:46:aa:cf:6a:f1:3b:44:aa:b1:80:51:ba:11:
d5:5f:25:e3:91:c3:e9:4b:cf:a3:3d:a4:05:64:80:
1b:7a:ce:f1:20:a2:01:a8:4a:2b:72:cc:b8:14:38:
d9:6e:f1:ff:ad:e9:10:f5:0f:e3:07:4a:7f:4b:f5:
14:42:6e:ab:aa:63:09:70:20:3a:ac:7b:9a:09:c6:
bc:01:aa:05:75:d3:d2:e3:4b:fa:29:28:7d:fd:b0:
2b:d9:a3:52:ad:2c:06:8a:61:60:f8:38:50:59:0f:
ee:93:e4:4c:0b:05:74:06:f4:7e:7f:ef:c2:a2:ed:
df:c7:63:e0:db:35:10:5b:b1:8a:8a:a6:84:39:b8:
8e:dd:1d:41:23:e8:bb:df:31:bc:51:ba:3c:12:ea:
87:e2:15:6d:89:61:d0:93:cb:a2:64:a9:88:77:7e:
b0:3b:e8:78:12:aa:1e:65:46:93:24:70:31:79:ef:
e6:41:ef:6c:37:c2:67:72:b6:3e:70:6c:25:96:0a:
9d:cf:30:b2:94:ba:b4:9e:e9:30:c2:bb:e4:fa:6d:
0a:7c:b0:b5:0a:02:df:27:62:20:94:86:ec:5b:54:
89:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FB:C7:5E:7F:C0:17:3B:C0:08:8D:2D:AC:63:15:F3:70:9F:98:8C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
67:c3:12:bc:e5:77:3e:ca:7a:11:6e:b3:6e:64:16:82:3d:6b:
6a:d7:4a:fb:cf:a7:f4:68:fd:16:3e:e1:d4:c4:25:4d:54:77:
73:42:0f:cb:3c:c8:5a:1a:a9:54:bf:8b:fc:1d:41:69:d6:e9:
87:de:88:54:50:85:23:72:8e:85:45:1a:50:37:64:63:b2:c5:
d4:20:c2:1a:fd:a3:12:c7:07:4d:8a:4f:d7:d9:96:30:43:9b:
a2:c6:f8:b1:8f:1c:dd:1d:fd:28:da:56:79:c5:77:db:b7:06:
b1:18:d9:2f:04:c6:97:5f:39:b5:77:e7:92:c7:e4:26:3f:76:
cb:36:2a:98:22:40:f1:6c:92:a9:20:e5:1f:71:80:bd:28:8f:
49:ae:fc:b2:a9:79:1f:7c:68:7d:44:53:91:02:ac:59:eb:3b:
7a:d6:82:4f:62:c9:b8:e1:ee:96:f7:0a:c9:da:25:54:91:a6:
6b:61:0d:e8:b3:aa:31:bf:31:15:87:6d:58:dd:c8:73:46:4f:
92:40:90:b9:a5:01:12:71:5f:e4:b8:1f:4d:1f:14:13:51:d7:
a2:79:77:ca:f0:ca:3e:03:e0:c0:8c:86:75:77:b9:f7:e3:13:
02:b6:47:64:96:c6:1b:81:b6:58:8c:8f:8f:2c:b6:88:95:84:
45:c0:2f:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeZxrECqXP+q9gHvpXYahaVCAMEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMDJaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMzU1ZDQ4ZTMyYzFlZWU0MmJiOWRlNTM4YTNlNDc1YjI5ZDZhODI4Zjhj
NWQwNmNkYzgxMzc1MGM0ODJiYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMMs86y9ZU4Czgil7AEcF1XcLB3H89tuvU5AIHLrnpGqs9q8TtEqrGAUboR
1V8l45HD6UvPoz2kBWSAG3rO8SCiAahKK3LMuBQ42W7x/63pEPUP4wdKf0v1FEJu
q6pjCXAgOqx7mgnGvAGqBXXT0uNL+ikoff2wK9mjUq0sBophYPg4UFkP7pPkTAsF
dAb0fn/vwqLt38dj4Ns1EFuxioqmhDm4jt0dQSPou98xvFG6PBLqh+IVbYlh0JPL
omSpiHd+sDvoeBKqHmVGkyRwMXnv5kHvbDfCZ3K2PnBsJZYKnc8wspS6tJ7pMMK7
5PptCnywtQoC3ydiIJSG7FtUieMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQq+8de
f8AXO8AIjS2sYxXzcJ+YjDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQBnwxK85Xc+ynoRbrNuZBaCPWtq10r7z6f0aP0WPuHU
xCVNVHdzQg/LPMhaGqlUv4v8HUFp1umH3ohUUIUjco6FRRpQN2RjssXUIMIa/aMS
xwdNik/X2ZYwQ5uixvixjxzdHf0o2lZ5xXfbtwaxGNkvBMaXXzm1d+eSx+QmP3bL
NiqYIkDxbJKpIOUfcYC9KI9JrvyyqXkffGh9RFORAqxZ6zt61oJPYsm44e6W9wrJ
2iVUkaZrYQ3os6oxvzEVh21Y3chzRk+SQJC5pQEScV/kuB9NHxQTUdeieXfK8Mo+
A+DAjIZ1d7n34xMCtkdklsYbgbZYjI+PLLaIlYRFwC/m
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net