Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: 2I4EjQyktWwRpGn85MUb1B+f4Z0czRJZM/NV+hSvFsw=
Subject key identifier: 84:48:E3:2E:B1:F5:95:29:14:3C:F3:71:69:A0:8B:32:29:D9:68:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07096CBAEF1CAC787D99EA8881AB820AD3086E0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Fri 11 Apr 2025 00:50:17 +0000
ROA not before: Fri 11 Apr 2025 00:50:17 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:09:6c:ba:ef:1c:ac:78:7d:99:ea:88:81:ab:82:0a:d3:08:6e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:17 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=425c29dee2a90d47db2ebc633ec69e88b8fcb55161d4fbd7a4aa4f170298c2f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1a:ec:90:dd:a5:98:de:57:a8:a0:5c:ea:47:
b7:03:1c:3b:00:f9:a2:3c:90:6e:ba:c7:0c:ab:77:
20:45:29:14:d7:54:3e:74:75:86:aa:55:29:d3:7e:
a9:ea:e3:7f:84:b6:8f:01:06:b1:0f:37:bd:5d:d7:
3e:94:d2:8d:4f:65:54:80:5e:0f:aa:ca:6e:3f:db:
06:39:99:0e:36:b4:6a:71:b1:0b:8d:8b:e8:bb:41:
ca:59:8a:41:48:77:5d:ed:5c:5e:f4:e3:8b:c1:ea:
8f:45:20:aa:b2:50:1c:1d:1b:b1:67:8c:5d:49:71:
7f:7e:2f:07:df:9a:1d:00:bc:6e:d8:d8:eb:8d:4e:
40:1c:be:10:e4:aa:40:f2:19:d5:87:d7:17:fb:c0:
9c:72:15:1b:9e:dc:b4:39:c6:52:3a:97:e4:fc:94:
5e:69:b3:5c:43:f3:ae:14:4f:b1:8a:87:0e:fe:6b:
ea:06:c1:0b:6c:53:ae:de:65:8d:a1:4c:27:06:ce:
73:ac:ae:e7:a4:e0:c9:c9:5d:b7:51:f8:92:2e:ed:
b9:75:5e:ce:ec:17:c5:e8:28:64:d9:54:45:9f:86:
21:98:e3:57:a4:6c:95:85:2b:81:20:16:c5:9f:f6:
59:6b:f0:02:1d:78:47:d9:06:91:ed:6f:8b:5a:b3:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:48:E3:2E:B1:F5:95:29:14:3C:F3:71:69:A0:8B:32:29:D9:68:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:50:c7:0a:53:e8:86:b7:65:1c:86:99:42:70:11:76:5f:5f:
b8:09:e6:2b:49:35:81:ac:c3:52:91:a3:dd:8d:74:81:de:6a:
42:06:13:e8:4f:3b:13:4e:42:e4:a6:8d:53:3e:d4:17:c5:1a:
e1:d6:c7:e0:4c:16:fd:0a:74:58:c6:05:aa:9d:8b:e7:a8:5c:
66:95:9d:c5:c7:60:1c:99:e5:25:13:ab:2a:fb:ad:d9:1b:49:
ac:01:1a:d5:fa:f9:fd:4a:76:12:0c:9b:51:c9:56:41:1b:2c:
4f:7b:88:4c:15:7c:b4:79:c8:98:d0:ab:a9:36:e5:31:01:c8:
37:6b:62:e7:79:3f:04:86:9f:3e:84:cf:50:0d:4e:cd:5f:d7:
65:23:1e:26:11:4a:14:21:bf:dc:e7:f3:05:39:75:3b:ee:c9:
6b:a8:40:3a:b1:b7:6c:91:34:70:13:ec:fd:5b:07:0a:b7:94:
9e:e5:31:4d:e5:d8:9b:4b:96:6c:06:4f:22:be:20:04:de:0b:
a9:ef:55:8f:f3:ce:e2:61:2f:0f:16:b0:66:ed:12:4a:75:06:
1e:e2:de:a9:b3:e2:73:2f:ba:9b:bb:b2:9d:ea:31:14:11:09:
9d:44:a6:42:00:5e:ef:77:1d:24:d4:dc:fa:cf:3a:0e:9d:c1:
89:1c:ae:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBwlsuu8crHh9meqIgauCCtMIbg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMTdaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNWMyOWRlZTJhOTBkNDdkYjJlYmM2MzNlYzY5ZTg4YjhmY2I1NTE2MWQ0
ZmJkN2E0YWE0ZjE3MDI5OGMyZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAa7JDdpZjeV6igXOpHtwMcOwD5ojyQbrrHDKt3IEUpFNdUPnR1hqpVKdN+
qerjf4S2jwEGsQ83vV3XPpTSjU9lVIBeD6rKbj/bBjmZDja0anGxC42L6LtBylmK
QUh3Xe1cXvTji8Hqj0UgqrJQHB0bsWeMXUlxf34vB9+aHQC8btjY641OQBy+EOSq
QPIZ1YfXF/vAnHIVG57ctDnGUjqX5PyUXmmzXEPzrhRPsYqHDv5r6gbBC2xTrt5l
jaFMJwbOc6yu56Tgycldt1H4ki7tuXVezuwXxegoZNlURZ+GIZjjV6RslYUrgSAW
xZ/2WWvwAh14R9kGke1vi1qzo+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSESOMu
sfWVKRQ883FpoIsyKdlopTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQA5UMcKU+iGt2UchplCcBF2X1+4CeYrSTWBrMNSkaPd
jXSB3mpCBhPoTzsTTkLkpo1TPtQXxRrh1sfgTBb9CnRYxgWqnYvnqFxmlZ3Fx2Ac
meUlE6sq+63ZG0msARrV+vn9SnYSDJtRyVZBGyxPe4hMFXy0eciY0KupNuUxAcg3
a2LneT8Ehp8+hM9QDU7NX9dlIx4mEUoUIb/c5/MFOXU77slrqEA6sbdskTRwE+z9
WwcKt5Se5TFN5dibS5ZsBk8iviAE3gup71WP887iYS8PFrBm7RJKdQYe4t6ps+Jz
L7qbu7Kd6jEUEQmdRKZCAF7vdx0k1Nz6zzoOncGJHK4O
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net