Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: FHjg4YR9qMyv2u10KfkdrMjPaDEZrwcuoMqyttBJ6dM=
Subject key identifier: B7:23:EF:BD:35:C8:46:88:24:00:4E:DD:3E:23:AC:6A:DA:4B:B1:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52CED5FD7A0F1D9021059D4C25A1F467838B5EE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Tue 01 Apr 2025 15:11:15 +0000
ROA not before: Tue 01 Apr 2025 15:11:15 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:ce:d5:fd:7a:0f:1d:90:21:05:9d:4c:25:a1:f4:67:83:8b:5e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:11:15 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=817598116d3e11623c10fe2dd5619725185344f0e132db3fafb0b6f4d91a38d3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:50:54:7d:d6:14:4c:6b:c6:28:5a:de:a9:5b:
e8:8c:e0:b8:f4:82:44:3b:48:d8:08:7b:4a:7c:6d:
5e:2f:02:85:ab:8b:49:3f:73:4a:8a:7c:fb:e4:42:
e3:9b:bc:c5:49:60:94:58:27:a4:6d:d6:41:81:4a:
a4:b1:54:26:bf:67:8e:b1:7d:c0:16:04:f7:5f:8e:
ae:9c:d4:73:c2:c2:0a:b9:83:08:92:2d:ef:03:ed:
d5:b3:a0:ac:54:eb:13:ea:22:67:e0:60:32:41:e6:
0a:b5:c0:d9:3d:83:6f:e9:2a:3b:41:9d:6c:9e:65:
b5:57:e9:2a:13:a8:74:28:44:20:21:14:cc:fd:80:
d1:fc:2c:54:33:b6:cb:df:87:53:a2:77:b1:61:82:
62:8f:04:52:e2:58:d9:72:52:c5:ba:6b:8f:7d:d7:
8b:27:54:67:65:2d:ee:4a:ae:b5:98:0f:73:55:51:
4b:57:e4:30:98:08:f1:f7:a8:5e:92:46:2f:e3:2e:
9d:e2:b9:eb:34:fa:b1:75:71:ec:23:fb:a2:30:ab:
dd:3b:f2:5a:a1:e8:49:fe:6d:da:07:40:32:6a:4f:
8c:5f:21:29:34:fa:77:5c:53:dc:8d:e5:27:cb:cb:
5c:18:ad:29:fd:ac:f3:1d:0e:b8:f6:c4:e2:74:e8:
58:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:23:EF:BD:35:C8:46:88:24:00:4E:DD:3E:23:AC:6A:DA:4B:B1:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:a5:4e:f4:6f:6d:34:34:ce:c1:fd:96:0f:1b:68:86:58:f5:
43:ae:4b:b2:e9:56:d7:f0:cc:42:4b:01:ae:55:1f:ee:18:92:
c8:81:d8:d1:44:6e:49:82:ab:6b:33:66:bc:09:75:c6:06:95:
2e:9a:fb:d0:79:28:75:71:08:6f:e5:f9:30:5b:33:94:ae:1c:
62:27:fd:ba:c1:c6:2d:19:db:0f:91:c9:4c:a4:2e:d2:7c:ce:
2b:5a:e6:99:99:8e:0c:b8:67:e4:83:21:b3:be:e9:f7:ae:03:
37:46:8a:e6:a2:14:61:b4:d9:89:0f:0d:1a:9c:1f:db:7e:84:
2e:e6:3a:a7:42:3f:be:91:a2:9f:d3:a1:26:b0:71:df:16:fb:
da:58:93:0e:6f:2e:85:3b:46:aa:86:64:ec:d5:55:1e:d3:d7:
05:99:da:8b:23:18:f9:b4:67:c5:ed:f2:c1:38:eb:65:db:a4:
eb:aa:5e:5d:53:8e:cc:cb:3a:5a:08:d1:bc:62:ec:e3:c6:64:
7d:79:2e:31:15:6c:db:8f:04:74:2d:a4:77:2a:e9:6c:ce:f9:
10:7b:c8:f4:7b:66:b2:9f:51:be:d5:47:e9:a2:70:cd:9c:15:
65:f6:9f:f0:76:89:5a:a4:f9:fe:38:df:cc:32:6c:76:0b:99:
c7:c6:e6:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUs7V/XoPHZAhBZ1MJaH0Z4OLXugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTExMTVaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNzU5ODExNmQzZTExNjIzYzEwZmUyZGQ1NjE5NzI1MTg1MzQ0ZjBlMTMy
ZGIzZmFmYjBiNmY0ZDkxYTM4ZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlQVH3WFExrxiha3qlb6IzguPSCRDtI2Ah7SnxtXi8ChauLST9zSop8++RC
45u8xUlglFgnpG3WQYFKpLFUJr9njrF9wBYE91+OrpzUc8LCCrmDCJIt7wPt1bOg
rFTrE+oiZ+BgMkHmCrXA2T2Db+kqO0GdbJ5ltVfpKhOodChEICEUzP2A0fwsVDO2
y9+HU6J3sWGCYo8EUuJY2XJSxbprj33XiydUZ2Ut7kqutZgPc1VRS1fkMJgI8feo
XpJGL+MuneK56zT6sXVx7CP7ojCr3TvyWqHoSf5t2gdAMmpPjF8hKTT6d1xT3I3l
J8vLXBitKf2s8x0OuPbE4nToWGECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3I++9
NchGiCQATt0+I6xq2kuxLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQDIpU70b200NM7B/ZYPG2iGWPVDrkuy6VbX8MxCSwGu
VR/uGJLIgdjRRG5JgqtrM2a8CXXGBpUumvvQeSh1cQhv5fkwWzOUrhxiJ/26wcYt
GdsPkclMpC7SfM4rWuaZmY4MuGfkgyGzvun3rgM3RormohRhtNmJDw0anB/bfoQu
5jqnQj++kaKf06EmsHHfFvvaWJMOby6FO0aqhmTs1VUe09cFmdqLIxj5tGfF7fLB
OOtl26Trql5dU47MyzpaCNG8YuzjxmR9eS4xFWzbjwR0LaR3KulszvkQe8j0e2ay
n1G+1UfponDNnBVl9p/wdolapPn+ON/MMmx2C5nHxubu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net