Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: Pn82b/jOyurlYM7Zlu5sytNc5M2i+tklrl8U9Mw7aqw=
Subject key identifier: D2:AD:F9:49:68:AD:44:29:11:1E:38:3D:DE:7D:49:8D:32:3D:18:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63153A64F7DBACA8123FC6864B1F80048CA6463A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Tue 01 Apr 2025 15:11:08 +0000
ROA not before: Tue 01 Apr 2025 15:11:08 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:15:3a:64:f7:db:ac:a8:12:3f:c6:86:4b:1f:80:04:8c:a6:46:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:11:08 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=4b4b6dd89a45c1499e1a6b8668b9dbe5988f35c60b42d44d787b4d5b568ae2f9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b9:0e:4c:51:22:3d:31:a0:38:db:23:f7:a4:
7b:5e:15:9a:8e:6f:a6:b5:84:be:ce:e8:c0:3e:d2:
a6:98:10:96:9f:e6:28:07:ae:fe:f0:ac:e6:b7:62:
28:c5:81:e9:d6:eb:72:de:90:32:06:f4:2c:cf:ad:
a9:e4:5a:ab:f3:a5:f3:87:f8:68:41:72:3e:1b:ba:
20:85:bc:9a:ae:27:64:48:c6:52:6c:be:ad:d6:c7:
d4:19:df:9b:b9:9a:7e:82:be:b6:a5:d0:af:35:08:
f2:af:32:b5:84:39:53:db:3b:50:42:fa:86:a5:c0:
59:00:56:35:33:e5:cb:b7:2a:14:e8:81:12:5f:49:
54:a9:1a:bf:d1:ce:dd:e3:87:45:81:41:6f:b5:c0:
ae:2a:cd:9e:57:cc:08:03:63:29:fa:5e:cb:00:58:
29:43:13:f9:3c:8d:81:18:cd:fd:e5:9e:55:db:e6:
ff:13:c9:72:78:0b:c9:0d:cf:2b:97:f4:8e:69:d9:
54:98:35:d1:35:77:c9:c1:57:6a:16:7f:9e:44:e6:
81:b7:2c:ff:23:d8:58:2c:be:d4:97:c7:e4:7f:ca:
d4:8d:27:62:26:ce:7d:af:2c:4f:84:79:73:6e:31:
b0:e9:19:fc:03:b2:a0:39:0b:94:ab:fc:d8:8b:dd:
76:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AD:F9:49:68:AD:44:29:11:1E:38:3D:DE:7D:49:8D:32:3D:18:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
85:f3:6a:36:07:7b:1c:7a:c9:6c:98:d7:85:ab:bc:84:c5:63:
f4:6d:db:cd:4a:97:5e:b5:14:bc:ff:02:1a:b7:63:d7:c3:e7:
d7:00:c6:16:38:f0:e6:0e:24:08:9a:d7:e9:00:be:b7:e5:ab:
d2:08:62:ce:a8:06:9e:ec:53:d6:1e:a7:0c:24:a0:9e:d1:9f:
7b:09:e2:a0:a3:ae:f4:98:2f:99:6a:9e:a9:0f:78:a3:8f:b2:
e2:f5:29:cc:d1:5c:52:a6:7e:e4:9d:aa:1e:a6:04:87:d1:51:
14:8a:b2:13:32:2a:ef:43:6a:65:83:5e:d2:24:ae:9d:5d:f4:
47:36:99:b5:b3:48:62:79:e4:77:fc:cb:43:fb:35:5c:44:5a:
75:46:61:bb:56:5e:13:24:4b:df:06:c6:52:15:06:00:29:d3:
f5:67:a5:e0:6f:73:2f:3d:22:13:5a:04:a4:29:ba:9b:c0:63:
96:92:c5:83:1e:fa:00:1d:36:14:dc:a1:a1:98:1f:28:e5:b0:
26:81:31:36:6f:ff:e6:c5:a0:00:30:a6:26:34:66:a6:cb:53:
82:5c:78:b5:23:81:21:00:c2:6a:12:39:ae:7e:27:06:d9:cc:
4a:87:dc:a7:ba:d0:98:a7:1e:97:b2:92:fa:85:36:82:c0:37:
35:13:e7:17
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYxU6ZPfbrKgSP8aGSx+ABIymRjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTExMDhaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNGI2ZGQ4OWE0NWMxNDk5ZTFhNmI4NjY4YjlkYmU1OTg4ZjM1YzYwYjQy
ZDQ0ZDc4N2I0ZDViNTY4YWUyZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOC5DkxRIj0xoDjbI/eke14Vmo5vprWEvs7owD7SppgQlp/mKAeu/vCs5rdi
KMWB6dbrct6QMgb0LM+tqeRaq/Ol84f4aEFyPhu6IIW8mq4nZEjGUmy+rdbH1Bnf
m7mafoK+tqXQrzUI8q8ytYQ5U9s7UEL6hqXAWQBWNTPly7cqFOiBEl9JVKkav9HO
3eOHRYFBb7XArirNnlfMCANjKfpeywBYKUMT+TyNgRjN/eWeVdvm/xPJcngLyQ3P
K5f0jmnZVJg10TV3ycFXahZ/nkTmgbcs/yPYWCy+1JfH5H/K1I0nYibOfa8sT4R5
c24xsOkZ/AOyoDkLlKv82Ivdds8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTSrflJ
aK1EKREeOD3efUmNMj0YDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQCF82o2B3sceslsmNeFq7yExWP0bdvNSpdetRS8/wIa
t2PXw+fXAMYWOPDmDiQImtfpAL635avSCGLOqAae7FPWHqcMJKCe0Z97CeKgo670
mC+Zap6pD3ijj7Li9SnM0VxSpn7knaoepgSH0VEUirITMirvQ2plg17SJK6dXfRH
Npm1s0hieeR3/MtD+zVcRFp1RmG7Vl4TJEvfBsZSFQYAKdP1Z6Xgb3MvPSITWgSk
KbqbwGOWksWDHvoAHTYU3KGhmB8o5bAmgTE2b//mxaAAMKYmNGamy1OCXHi1I4Eh
AMJqEjmuficG2cxKh9ynutCYpx6XspL6hTaCwDc1E+cX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net