Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: o+iWkJGmKNR0sz7oHeSonlPdGIWbAVyV9iycPgpUyRo=
Subject key identifier: 53:AC:5D:FC:4A:8A:D9:C9:EA:FF:E4:C8:44:39:49:AC:76:ED:43:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A3E7CB99CBF6C259DE1F23B1CD4D05358BCFFBF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Mon 31 Mar 2025 21:20:17 +0000
ROA not before: Mon 31 Mar 2025 21:20:17 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:3e:7c:b9:9c:bf:6c:25:9d:e1:f2:3b:1c:d4:d0:53:58:bc:ff:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:17 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=799dd955b04e7a553c697d20e8293fd2b7e9e0179cb494b49dde10eeb0ec79ed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:75:1d:a3:2a:da:5b:af:5b:fd:3e:58:8e:78:
f5:a4:4e:3e:81:0c:fe:73:01:cd:fa:a2:c7:55:56:
91:7b:57:32:c6:64:17:ca:cc:24:ef:c9:8c:1f:4b:
3d:3d:56:45:7e:04:d3:45:64:e4:a2:63:0d:7b:01:
16:b4:d3:a3:6b:ad:05:8a:a0:c4:15:4e:31:bd:0e:
63:a6:71:85:0e:d1:50:36:17:e9:33:86:cf:e6:03:
98:a7:1a:88:17:2e:54:4e:81:06:94:07:68:0a:94:
cf:41:57:80:91:7f:3f:a9:cd:28:2f:64:ef:be:23:
e0:0c:33:75:85:a6:b8:35:af:84:5a:80:a2:ec:e3:
1b:48:6b:3c:90:7a:0d:db:8c:7f:24:3a:63:3f:7a:
7b:1d:5c:b1:7d:fe:d1:31:29:e4:f5:28:4c:b2:47:
f9:a7:a5:05:b7:a3:d7:67:7c:2f:a2:af:f2:27:56:
58:50:50:c3:c6:ef:da:77:78:af:fe:7e:84:48:ee:
1f:d6:59:68:8a:e3:b8:82:b5:fa:35:9f:9b:a8:06:
4e:b6:a0:20:c8:d0:3e:ea:98:ce:c8:bd:9e:a3:64:
ff:df:7c:e0:55:72:4d:0f:17:8b:e5:67:48:82:78:
a3:c2:13:3e:90:f0:a9:56:cf:d3:2f:4a:bc:f7:2f:
96:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AC:5D:FC:4A:8A:D9:C9:EA:FF:E4:C8:44:39:49:AC:76:ED:43:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
55:8f:c3:88:a0:bc:52:eb:c7:4c:f7:38:f7:f0:96:a1:54:d1:
59:61:cb:ae:d5:f0:79:1c:9b:b8:37:2c:4f:a2:e7:de:e2:0e:
97:6b:db:d5:11:7b:ef:1f:23:31:6b:2b:b3:8c:71:f4:71:87:
b8:67:02:52:fb:2a:33:9b:a2:53:3b:03:dc:5d:95:25:f6:18:
98:17:f5:f6:f3:8f:50:68:ea:8a:29:e4:3c:64:89:f7:2f:56:
55:f2:2d:69:b1:2c:e9:9b:dc:d0:41:f7:7e:f6:14:ad:67:d8:
34:cf:b1:c0:07:ad:cf:f6:93:16:99:6d:33:42:31:f4:5c:f8:
c4:9c:ed:0f:9b:f6:0b:b8:5b:b5:26:5f:63:56:35:87:79:5f:
0e:93:d3:cd:a7:67:ac:18:d5:9a:74:d7:54:5b:0a:be:02:0f:
49:9c:76:11:12:b5:91:0e:c2:2a:91:43:7d:15:99:bc:1f:d1:
9a:dd:29:a0:06:6a:ad:a8:b7:81:95:8c:a8:8c:8d:f8:52:be:
c1:33:9b:2a:77:81:76:7d:96:8a:b1:4f:bc:e8:3d:06:45:24:
2e:aa:2e:f3:b4:6e:2b:a2:62:5f:5d:fb:d7:6a:f5:01:7f:d2:
39:4e:b5:2c:b0:f6:fe:d3:e8:4f:f2:44:08:f5:dd:ce:9b:be:
b2:97:bd:dc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGj58uZy/bCWd4fI7HNTQU1i8/78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMTdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5OWRkOTU1YjA0ZTdhNTUzYzY5N2QyMGU4MjkzZmQyYjdlOWUwMTc5Y2I0
OTRiNDlkZGUxMGVlYjBlYzc5ZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMN1HaMq2luvW/0+WI549aROPoEM/nMBzfqix1VWkXtXMsZkF8rMJO/JjB9L
PT1WRX4E00Vk5KJjDXsBFrTTo2utBYqgxBVOMb0OY6ZxhQ7RUDYX6TOGz+YDmKca
iBcuVE6BBpQHaAqUz0FXgJF/P6nNKC9k774j4AwzdYWmuDWvhFqAouzjG0hrPJB6
DduMfyQ6Yz96ex1csX3+0TEp5PUoTLJH+aelBbej12d8L6Kv8idWWFBQw8bv2nd4
r/5+hEjuH9ZZaIrjuIK1+jWfm6gGTragIMjQPuqYzsi9nqNk/9984FVyTQ8Xi+Vn
SIJ4o8ITPpDwqVbP0y9KvPcvliECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRTrF38
SorZyer/5MhEOUmsdu1DgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAVY/DiKC8UuvHTPc49/CWoVTRWWHLrtXweRybuDcs
T6Ln3uIOl2vb1RF77x8jMWsrs4xx9HGHuGcCUvsqM5uiUzsD3F2VJfYYmBf19vOP
UGjqiinkPGSJ9y9WVfItabEs6Zvc0EH3fvYUrWfYNM+xwAetz/aTFpltM0Ix9Fz4
xJztD5v2C7hbtSZfY1Y1h3lfDpPTzadnrBjVmnTXVFsKvgIPSZx2ERK1kQ7CKpFD
fRWZvB/Rmt0poAZqrai3gZWMqIyN+FK+wTObKneBdn2WirFPvOg9BkUkLqou87Ru
K6JiX13712r1AX/SOU61LLD2/tPoT/JECPXdzpu+spe93A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net