Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: Urt6AnCF4s3MkGJNzWfoPMXmt3jF46T4vFRzO+ATARw=
Subject key identifier: B9:27:36:BF:81:2C:A3:A8:64:88:F7:A0:85:07:04:DF:78:12:5A:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F381F818430A8AAD4091BEC96D9FB301BB26102
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Mon 31 Mar 2025 21:20:07 +0000
ROA not before: Mon 31 Mar 2025 21:20:07 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:38:1f:81:84:30:a8:aa:d4:09:1b:ec:96:d9:fb:30:1b:b2:61:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:07 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=48bb4d6680a8063700b3a2d77d9414e55d0a0eec28a4c16d73ca2d500c008535, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f4:bf:d2:f8:12:27:15:b1:79:f8:e9:6a:b2:
76:48:5a:da:a4:18:31:06:fc:9f:ab:97:b9:95:48:
c1:fd:f7:07:0f:d2:fb:da:c8:89:26:e0:56:f1:1e:
aa:52:a5:6a:b6:46:99:e9:31:38:6c:71:80:3d:cc:
d5:d9:9b:e5:32:32:2d:ab:ee:ab:a4:bd:57:e4:6a:
9d:5c:dc:fe:b8:eb:19:26:d5:f8:e3:94:12:e3:d0:
55:b1:64:6e:66:0b:5e:0e:9a:1b:e9:3c:11:60:fe:
5d:ba:e3:89:08:f2:17:34:6e:87:de:48:62:91:63:
6d:40:37:24:88:0d:be:ce:f1:c8:07:48:66:8e:90:
f1:e0:ff:70:f5:7a:a0:87:51:f2:02:87:c7:c6:7f:
e8:7d:a9:be:27:c6:b4:7f:36:6e:c4:7a:ff:2a:da:
09:0e:98:a7:57:e7:a4:45:d9:af:1c:e2:44:c3:d2:
e5:83:8f:6f:cb:ca:1e:ef:7d:dd:81:9a:a4:7c:da:
7d:73:bf:82:08:91:f2:14:bb:71:5c:92:ab:7d:72:
eb:44:63:bd:43:f1:e9:a9:c5:44:1c:cf:fd:19:f9:
a7:1c:42:8e:b4:64:67:57:2a:7e:76:1a:1d:03:2a:
c1:89:5a:d1:e3:2d:c1:42:0a:7b:3e:5e:48:5b:6c:
c0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:27:36:BF:81:2C:A3:A8:64:88:F7:A0:85:07:04:DF:78:12:5A:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:07:f0:e8:a9:e0:5e:d5:f4:ae:4b:90:2a:2d:96:0f:9d:ff:
1a:64:55:e7:f1:f1:b6:0a:b1:27:bb:29:3d:51:39:c8:7a:58:
6c:21:40:71:a5:bf:80:30:85:17:ce:30:e8:ca:1b:01:16:8f:
8a:df:fa:cc:8a:df:1e:d0:c8:86:6b:a0:e9:2b:37:5c:0e:f3:
da:c6:03:a0:21:1e:13:29:40:5a:15:c0:f8:31:8d:01:39:0b:
a6:33:66:1e:e2:7e:e7:bc:67:6a:a8:a7:8a:79:7d:bc:8d:8e:
3d:48:0b:10:04:cc:d6:9d:c1:29:51:e7:c0:a3:bd:fc:90:76:
c0:8c:bc:b5:c8:d3:6b:28:c7:ac:fa:1f:75:6d:cb:b9:94:5b:
e9:f7:da:15:37:45:b2:9a:e3:dc:6d:61:cd:33:fe:dc:67:b8:
1c:af:fb:d5:6d:f8:8e:e4:e2:56:77:0d:2d:3f:fb:8c:1f:d9:
2d:66:42:7f:00:f1:94:81:0e:9b:11:03:b8:0c:b9:30:ab:6c:
4c:10:7f:96:5b:14:97:75:ba:41:42:6c:7a:26:97:ba:74:cc:
c1:6b:e5:15:ab:af:b8:39:1b:ae:dd:31:dd:aa:69:3e:08:4e:
2a:95:cb:fe:26:da:6d:56:86:36:82:86:fa:8f:a1:fb:eb:38:
04:9c:b5:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXzgfgYQwqKrUCRvsltn7MBuyYQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YmI0ZDY2ODBhODA2MzcwMGIzYTJkNzdkOTQxNGU1NWQwYTBlZWMyOGE0
YzE2ZDczY2EyZDUwMGMwMDg1MzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJP0v9L4EicVsXn46Wqydkha2qQYMQb8n6uXuZVIwf33Bw/S+9rIiSbgVvEe
qlKlarZGmekxOGxxgD3M1dmb5TIyLavuq6S9V+RqnVzc/rjrGSbV+OOUEuPQVbFk
bmYLXg6aG+k8EWD+XbrjiQjyFzRuh95IYpFjbUA3JIgNvs7xyAdIZo6Q8eD/cPV6
oIdR8gKHx8Z/6H2pvifGtH82bsR6/yraCQ6Yp1fnpEXZrxziRMPS5YOPb8vKHu99
3YGapHzafXO/ggiR8hS7cVySq31y60RjvUPx6anFRBzP/Rn5pxxCjrRkZ1cqfnYa
HQMqwYla0eMtwUIKez5eSFtswGUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5Jza/
gSyjqGSI96CFBwTfeBJaPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQASB/DoqeBe1fSuS5AqLZYPnf8aZFXn8fG2CrEnuyk9
UTnIelhsIUBxpb+AMIUXzjDoyhsBFo+K3/rMit8e0MiGa6DpKzdcDvPaxgOgIR4T
KUBaFcD4MY0BOQumM2Ye4n7nvGdqqKeKeX28jY49SAsQBMzWncEpUefAo738kHbA
jLy1yNNrKMes+h91bcu5lFvp99oVN0WymuPcbWHNM/7cZ7gcr/vVbfiO5OJWdw0t
P/uMH9ktZkJ/APGUgQ6bEQO4DLkwq2xMEH+WWxSXdbpBQmx6Jpe6dMzBa+UVq6+4
ORuu3THdqmk+CE4qlcv+JtptVoY2gob6j6H76zgEnLVM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net