Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: vZhJbpKRGQUqB6KUmHTEKXmTorHgcoOGPowpDQZof4I=
Subject key identifier: 55:23:CA:63:72:5D:2C:95:17:C3:9A:A6:23:09:BA:F5:68:37:EC:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 575F696F76DC49CA519598E8824BAE2A43581B34
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Fri 11 Apr 2025 00:50:10 +0000
ROA not before: Fri 11 Apr 2025 00:50:10 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:5f:69:6f:76:dc:49:ca:51:95:98:e8:82:4b:ae:2a:43:58:1b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:10 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=f070bd00f5623db33a8dbefdb0fd5de2de695ad272fdcf1ef0f196cbd18d84e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:78:f5:c3:68:b1:d1:de:83:96:ea:fc:9f:
e9:18:07:09:d0:ef:fa:4c:39:d3:7d:cf:ca:5d:20:
ba:94:e1:5b:bd:7d:6d:41:54:e3:3a:a5:ea:8c:2f:
a6:bb:6c:df:9d:b0:4d:6a:22:5c:22:00:6c:0a:4a:
6e:21:5a:0d:6b:84:bf:a8:31:f2:33:a4:a1:32:79:
f8:51:93:e7:6d:a7:f4:33:6b:21:29:90:a2:ae:0b:
0c:3d:5e:bb:ca:e0:47:53:2d:95:52:79:5d:d1:74:
fe:85:2a:44:a8:d8:f3:2c:41:dd:65:98:b5:28:31:
c4:f4:be:0a:48:f4:b4:5c:4c:20:74:a4:1d:79:01:
72:c4:cc:4b:38:23:21:9d:52:94:11:38:8c:7b:0e:
43:94:69:2c:bb:d9:d4:13:ba:df:35:73:5a:37:57:
c9:c0:37:8a:a5:5f:d6:9c:fa:aa:dc:d4:01:aa:c5:
cf:96:d6:96:e8:c8:f6:99:61:c7:b4:b0:a0:90:1a:
a8:c6:86:23:00:06:31:2b:7e:1b:e1:62:48:1d:dd:
23:00:cf:03:23:eb:70:5c:c7:cc:f8:e3:21:d8:86:
58:b5:e3:c6:b7:9f:2e:05:a6:d4:2b:d3:77:c2:25:
33:e9:c9:f3:2d:c6:df:20:23:b2:ae:91:2b:5e:77:
88:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:23:CA:63:72:5D:2C:95:17:C3:9A:A6:23:09:BA:F5:68:37:EC:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
c0:83:5a:c3:b9:f2:4c:07:5e:61:b5:d5:28:ec:72:da:68:de:
3c:ae:d9:94:a1:6e:63:e0:0b:9b:e7:bd:5a:b3:47:77:38:30:
05:7f:e2:76:83:61:cc:4d:f0:98:92:a7:b2:06:22:36:3d:fa:
23:39:be:aa:fc:d2:59:4e:ad:79:08:aa:2e:83:a6:8d:db:84:
37:e7:08:83:06:21:7c:b6:d1:4f:4a:7e:9e:a8:38:70:43:c2:
5c:5f:40:47:1c:cf:38:ae:48:c3:93:21:4a:2b:e4:62:de:11:
e1:e8:45:24:71:df:4d:e7:96:11:3c:eb:46:55:d3:75:b5:a2:
4d:1c:56:c5:2a:07:2a:54:80:26:94:b8:64:6b:fb:ad:62:87:
92:da:ee:3c:65:ea:3c:f2:73:59:33:cd:2e:fb:05:78:c5:c5:
44:a5:7d:e4:df:99:f0:89:cc:c5:3b:2c:1f:00:1c:ad:c3:83:
13:5b:c9:5d:2b:68:92:3e:a2:84:04:6b:ad:2d:b1:14:5d:67:
66:da:a9:84:dc:c8:cd:f4:08:dc:32:34:86:68:d0:01:bf:de:
b7:c3:29:e5:0a:d9:d6:0f:de:87:ee:0d:64:83:1e:e7:70:57:
4c:e5:41:b3:4f:fa:ca:42:a7:55:5d:73:a6:f5:cc:51:71:ba:
29:d4:e7:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV19pb3bcScpRlZjogkuuKkNYGzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMTBaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNzBiZDAwZjU2MjNkYjMzYThkYmVmZGIwZmQ1ZGUyZGU2OTVhZDI3MmZk
Y2YxZWYwZjE5NmNiZDE4ZDg0ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkxePXDaLHR3oOW6vyf6RgHCdDv+kw5033Pyl0gupThW719bUFU4zql6owv
prts352wTWoiXCIAbApKbiFaDWuEv6gx8jOkoTJ5+FGT522n9DNrISmQoq4LDD1e
u8rgR1MtlVJ5XdF0/oUqRKjY8yxB3WWYtSgxxPS+Ckj0tFxMIHSkHXkBcsTMSzgj
IZ1SlBE4jHsOQ5RpLLvZ1BO63zVzWjdXycA3iqVf1pz6qtzUAarFz5bWlujI9plh
x7SwoJAaqMaGIwAGMSt+G+FiSB3dIwDPAyPrcFzHzPjjIdiGWLXjxrefLgWm1CvT
d8IlM+nJ8y3G3yAjsq6RK153iEcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVI8pj
cl0slRfDmqYjCbr1aDfsaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAwINaw7nyTAdeYbXVKOxy2mjePK7ZlKFuY+AL
m+e9WrNHdzgwBX/idoNhzE3wmJKnsgYiNj36Izm+qvzSWU6teQiqLoOmjduEN+cI
gwYhfLbRT0p+nqg4cEPCXF9ARxzPOK5Iw5MhSivkYt4R4ehFJHHfTeeWETzrRlXT
dbWiTRxWxSoHKlSAJpS4ZGv7rWKHktruPGXqPPJzWTPNLvsFeMXFRKV95N+Z8InM
xTssHwAcrcODE1vJXStokj6ihARrrS2xFF1nZtqphNzIzfQI3DI0hmjQAb/et8Mp
5QrZ1g/eh+4NZIMe53BXTOVBs0/6ykKnVV1zpvXMUXG6KdTnEw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net