Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: eKWl2ZbwsIp0k9I+CC/lyx6eyPcigHfof8ZkPDQ3uGk=
Subject key identifier: FD:43:EF:49:E0:FA:31:F2:22:0B:C9:30:01:04:29:EB:00:85:52:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AFCC6973802F4AC303B19D2FAE15294A275CA20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Mon 31 Mar 2025 21:20:20 +0000
ROA not before: Mon 31 Mar 2025 21:20:20 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:fc:c6:97:38:02:f4:ac:30:3b:19:d2:fa:e1:52:94:a2:75:ca:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:20 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=502abbfa479b6fd5050c44556a76eb9d3623d70105068e305668ec92dd6c5bcb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3f:af:16:d5:c7:94:92:c8:84:9f:f8:e5:ed:
14:f1:61:25:ce:a9:8e:71:02:cc:1b:b4:d8:56:a2:
46:0a:b4:88:10:2a:3d:c2:49:e9:da:84:05:4e:4b:
d1:69:ba:d2:70:c0:c4:ca:d9:f1:6d:d0:32:07:17:
34:b1:75:8c:7f:7b:9a:2a:2a:5e:bc:fd:bc:c5:94:
8d:e6:47:26:7b:e4:c8:ac:fb:02:90:f8:a4:72:82:
0c:e3:83:6e:c1:cc:64:89:2e:3a:21:10:9b:f0:b2:
01:26:70:29:a8:ad:62:26:c2:ef:40:db:cc:96:25:
5e:32:9d:52:a3:9e:8a:4a:22:82:97:b0:af:89:0d:
06:5c:b5:64:ce:7e:73:25:2e:5a:a9:43:92:78:2f:
1d:e6:43:a5:55:9d:e2:12:7c:14:fe:a4:f7:a1:ea:
7d:6b:08:a0:7e:6c:e0:4e:4e:ff:3b:48:bd:12:2b:
84:68:9d:6f:84:8c:cf:81:26:fc:5e:06:9e:cb:b5:
1d:9f:bb:eb:a2:94:f0:e7:6a:63:a1:8e:da:ca:55:
18:f0:0f:c2:a9:dd:28:69:41:29:f5:7a:91:b2:12:
f6:e6:b7:1c:2e:af:cc:f8:02:e5:d4:47:a4:bc:11:
f5:1c:ac:41:f1:01:c9:98:68:92:a4:65:84:e0:f2:
37:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:43:EF:49:E0:FA:31:F2:22:0B:C9:30:01:04:29:EB:00:85:52:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:94:e0:14:e9:52:f6:1d:cd:98:4d:98:67:6b:56:62:da:a6:
88:e7:ad:65:72:53:c3:d4:43:a5:45:ac:c7:a4:c8:f2:95:fd:
54:7e:54:59:43:f3:8f:16:2b:00:96:fb:0e:5e:2c:19:92:f1:
01:0a:7a:da:25:66:57:37:eb:f4:53:42:9a:0b:5d:42:1a:08:
6c:5d:c4:31:2e:e2:7e:ba:d7:c1:d5:51:25:fb:5a:76:ea:66:
62:cf:28:01:5c:15:f1:22:be:4f:6a:e8:f2:99:c4:7a:79:99:
2e:a4:cd:63:15:6b:cf:6b:34:40:0b:fc:5b:6f:b3:0c:36:e9:
e2:47:5d:c7:53:65:8c:4f:75:9e:04:05:6f:31:3f:4a:e1:cf:
73:a9:f3:00:90:c9:16:95:21:e1:92:b6:56:ba:e7:d4:83:cd:
10:37:cc:ab:15:9e:44:a5:8f:a0:ee:02:28:49:0d:02:2f:7d:
3e:3a:f2:0f:54:d7:8b:f0:cc:0c:0c:0e:bc:a8:06:5f:38:16:
62:47:f4:46:8a:4b:17:d5:68:db:aa:2b:f0:26:49:53:c6:fb:
6c:96:a4:db:a0:0c:bf:9a:e3:82:be:be:53:48:0a:84:95:45:
cf:ca:20:bf:c9:a4:73:1f:e9:3a:53:af:22:39:61:6f:e8:b1:
3a:68:da:65
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGvzGlzgC9KwwOxnS+uFSlKJ1yiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMjBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMmFiYmZhNDc5YjZmZDUwNTBjNDQ1NTZhNzZlYjlkMzYyM2Q3MDEwNTA2
OGUzMDU2NjhlYzkyZGQ2YzViY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ/rxbVx5SSyISf+OXtFPFhJc6pjnECzBu02FaiRgq0iBAqPcJJ6dqEBU5L
0Wm60nDAxMrZ8W3QMgcXNLF1jH97mioqXrz9vMWUjeZHJnvkyKz7ApD4pHKCDOOD
bsHMZIkuOiEQm/CyASZwKaitYibC70DbzJYlXjKdUqOeikoigpewr4kNBly1ZM5+
cyUuWqlDkngvHeZDpVWd4hJ8FP6k96HqfWsIoH5s4E5O/ztIvRIrhGidb4SMz4Em
/F4Gnsu1HZ+766KU8OdqY6GO2spVGPAPwqndKGlBKfV6kbIS9ua3HC6vzPgC5dRH
pLwR9RysQfEByZhokqRlhODyN+UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT9Q+9J
4Pox8iILyTABBCnrAIVS+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQC3lOAU6VL2Hc2YTZhna1Zi2qaI561lclPD1EOlRazH
pMjylf1UflRZQ/OPFisAlvsOXiwZkvEBCnraJWZXN+v0U0KaC11CGghsXcQxLuJ+
utfB1VEl+1p26mZizygBXBXxIr5PaujymcR6eZkupM1jFWvPazRAC/xbb7MMNuni
R13HU2WMT3WeBAVvMT9K4c9zqfMAkMkWlSHhkrZWuufUg80QN8yrFZ5EpY+g7gIo
SQ0CL30+OvIPVNeL8MwMDA68qAZfOBZiR/RGiksX1WjbqivwJklTxvtslqTboAy/
muOCvr5TSAqElUXPyiC/yaRzH+k6U68iOWFv6LE6aNpl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net