Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: NG82OQ4RUxg5gYfj87owVdbXZ6GMDXCLRwhr0QZvh9o=
Subject key identifier: 07:E4:97:C6:E4:57:AA:9A:D7:A8:38:3F:B6:C2:AF:D0:A5:18:2F:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6EC4098D7D6D16BADFCCF05DC68AF110BCB10200
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Mon 31 Mar 2025 21:30:35 +0000
ROA not before: Mon 31 Mar 2025 21:30:35 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:c4:09:8d:7d:6d:16:ba:df:cc:f0:5d:c6:8a:f1:10:bc:b1:02:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:35 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=f10ddfb642bc26b6aabe4f761623b05ede5745d0d14da715c77b884968fc7480, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:72:29:87:61:51:db:d4:ef:ac:f1:ae:07:34:
1a:a3:02:2d:91:8a:c2:c5:7a:de:52:e8:96:f8:e8:
8e:b1:16:a0:11:9a:4d:58:55:19:9f:ee:35:15:e7:
27:9d:51:b9:c8:ea:ff:5e:79:bf:7e:52:a3:11:7f:
d1:b2:9f:94:d5:bc:32:85:22:9d:2d:61:32:f2:67:
3c:57:09:da:8c:be:11:3a:1b:5d:39:47:35:83:ea:
67:a6:42:60:d8:f7:52:19:cf:82:e5:b9:1c:a1:02:
4c:f5:3d:7a:5d:41:e4:4e:4b:0b:9f:77:3b:3a:71:
17:7f:a7:d3:fe:5e:76:e6:ec:a4:d0:e4:db:a9:fb:
75:f2:7d:c1:42:c7:08:f4:b8:a3:84:d0:76:4d:ea:
8a:87:f8:3d:18:26:05:06:33:32:7a:33:74:be:c1:
8d:f9:7d:ab:f3:ba:35:48:41:2b:bb:80:89:22:ab:
26:ed:cf:66:8b:96:6f:7b:57:65:2a:62:8f:81:b7:
6c:bb:a0:84:26:f4:59:0e:53:54:9d:65:7d:9b:af:
20:98:13:9f:3b:04:54:b6:11:ad:06:60:eb:dc:8d:
1b:9c:ab:df:bb:3f:d7:5c:82:5e:ce:e1:e5:14:b4:
ca:23:f3:7d:d9:cc:88:16:6a:bd:da:3c:e4:bb:7b:
fa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E4:97:C6:E4:57:AA:9A:D7:A8:38:3F:B6:C2:AF:D0:A5:18:2F:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3b:da:e1:50:96:32:9b:1a:12:b2:f0:32:c3:e6:74:db:8d:7e:
78:a2:07:f4:42:69:03:8b:f4:c6:29:bf:1a:cd:25:e0:01:ff:
41:f2:e4:fa:2a:94:4a:0b:54:4f:c7:b0:79:5f:46:d7:89:49:
8a:86:84:eb:e6:a8:39:c3:0a:bb:a0:94:7f:1e:57:a2:12:58:
e3:bb:b5:89:51:da:7e:f3:98:db:84:58:5e:77:08:e3:2d:f9:
17:8b:d7:01:d0:b0:4f:3b:c8:49:12:37:0d:ab:5c:07:a3:86:
a4:15:a2:6e:af:f9:5c:6b:bd:7c:ec:be:44:b0:56:00:95:8e:
91:3e:80:60:e2:5c:07:ca:99:6b:bd:ea:51:6c:86:02:a2:c9:
28:f8:ac:2b:41:96:f3:b9:b3:03:bd:6e:27:58:d8:70:ec:a0:
cb:b8:4c:e1:1d:38:22:d5:3b:17:36:2e:ea:95:6a:d2:9e:d2:
cc:d6:8e:c7:dd:d7:2e:b7:f4:1d:94:3a:44:07:fb:51:0f:1e:
12:ce:af:75:30:c3:6d:16:7e:af:40:d0:aa:d9:56:29:c7:7a:
02:eb:a6:b0:3f:6f:c4:b8:c2:c9:27:fa:de:c1:f3:f9:25:ae:
e0:ae:b9:70:9d:24:ea:84:ad:57:1d:dc:c5:f7:31:a5:9b:cc:
4c:71:c6:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbsQJjX1tFrrfzPBdxorxELyxAgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMzVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMGRkZmI2NDJiYzI2YjZhYWJlNGY3NjE2MjNiMDVlZGU1NzQ1ZDBkMTRk
YTcxNWM3N2I4ODQ5NjhmYzc0ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMByKYdhUdvU76zxrgc0GqMCLZGKwsV63lLolvjojrEWoBGaTVhVGZ/uNRXn
J51Rucjq/155v35SoxF/0bKflNW8MoUinS1hMvJnPFcJ2oy+ETobXTlHNYPqZ6ZC
YNj3UhnPguW5HKECTPU9el1B5E5LC593OzpxF3+n0/5edubspNDk26n7dfJ9wULH
CPS4o4TQdk3qiof4PRgmBQYzMnozdL7Bjfl9q/O6NUhBK7uAiSKrJu3PZouWb3tX
ZSpij4G3bLughCb0WQ5TVJ1lfZuvIJgTnzsEVLYRrQZg69yNG5yr37s/11yCXs7h
5RS0yiPzfdnMiBZqvdo85Lt7+n0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQH5JfG
5FeqmteoOD+2wq/QpRgvPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQA72uFQljKbGhKy8DLD5nTbjX54ogf0QmkDi/TGKb8a
zSXgAf9B8uT6KpRKC1RPx7B5X0bXiUmKhoTr5qg5wwq7oJR/HleiEljju7WJUdp+
85jbhFhedwjjLfkXi9cB0LBPO8hJEjcNq1wHo4akFaJur/lca7187L5EsFYAlY6R
PoBg4lwHyplrvepRbIYCosko+KwrQZbzubMDvW4nWNhw7KDLuEzhHTgi1TsXNi7q
lWrSntLM1o7H3dcut/QdlDpEB/tRDx4Szq91MMNtFn6vQNCq2VYpx3oC66awP2/E
uMLJJ/rewfP5Ja7grrlwnSTqhK1XHdzF9zGlm8xMccYN
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net