Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json)
Hash identifier: THokBzeMa8+x1KMu+tT1AldMTy7/KLX9dpaAKa8FKnM=
Subject key identifier: 8D:D2:0D:D2:B2:85:8D:6D:FB:A3:65:2D:6D:A3:E9:55:1D:6D:5C:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14D74739E501F8349F95261EDC82166DBB3CB71E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
Signing time: Tue 01 Apr 2025 15:10:20 +0000
ROA not before: Tue 01 Apr 2025 15:10:20 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d7:47:39:e5:01:f8:34:9f:95:26:1e:dc:82:16:6d:bb:3c:b7:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:10:20 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=fee3332882d500528da2cff861494f91051fa066681f1e7c8e071249796a1475, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:63:f9:f1:e3:de:21:7a:c4:22:57:f3:5c:9a:
a1:11:5f:bd:55:3d:be:2b:58:ff:5a:78:c0:fc:af:
94:b5:3a:83:60:7e:80:54:0b:5b:ac:2b:2c:05:ec:
fa:f9:1e:64:59:4c:7c:60:d2:e6:8a:82:8e:72:9e:
d4:cc:39:c4:71:c2:cd:2c:03:3e:e8:30:ac:b4:95:
c1:57:c3:2f:c3:b0:a8:7b:64:28:f1:ad:21:e0:ed:
b1:c8:57:38:d2:fb:5c:14:90:89:7a:73:ea:13:be:
de:1a:8c:3c:73:aa:81:e5:49:33:fa:69:4b:53:08:
e2:24:5f:33:77:f8:2e:00:18:a1:b2:f3:f9:44:92:
aa:ee:d8:d1:a6:6a:ac:04:17:1d:1b:cc:4e:77:33:
80:cb:ed:5c:5a:c3:c7:c9:a1:2b:50:3c:2f:5e:69:
bc:d7:26:c1:49:0b:75:74:b8:37:0f:dd:ec:91:75:
05:33:c8:de:e0:3b:01:e1:1d:54:a8:e3:45:8b:88:
21:70:c1:1c:d1:d9:84:29:59:0a:c5:c0:54:90:d7:
ab:c6:d6:fd:04:e2:4d:33:e2:83:b4:fc:23:ff:f9:
73:b2:7f:09:44:d0:30:d2:85:1d:82:7b:78:e1:ce:
06:3b:ba:b4:32:cc:97:bb:80:c8:a5:12:41:b1:46:
ee:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D2:0D:D2:B2:85:8D:6D:FB:A3:65:2D:6D:A3:E9:55:1D:6D:5C:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:83:f9:53:dc:b6:40:bf:42:53:d7:e7:3b:5b:b5:74:6c:0a:
f7:8a:79:5b:ad:ac:f9:2c:6e:01:aa:46:dc:ec:31:85:e4:9f:
95:6f:bf:d7:97:c0:2c:70:60:d2:59:eb:69:c6:50:f2:91:9b:
55:c4:a1:e7:ef:5d:19:5a:70:e7:67:a7:6c:ac:27:fb:66:5b:
2b:48:67:85:1e:22:0a:bd:60:64:85:4b:68:3d:6b:02:99:50:
49:d5:63:82:ac:4e:cf:71:36:0f:51:68:3e:03:f3:07:c3:11:
0d:9a:0e:64:a8:2d:8e:ba:67:ed:87:e3:2b:58:41:0e:bf:e6:
78:20:0f:d6:fd:0c:48:69:47:91:bc:ee:cf:fd:62:47:de:cc:
6a:8f:1e:c7:d5:5a:f5:35:0d:58:5f:ab:f4:9d:7c:55:95:46:
2c:9a:f7:df:9d:8e:01:97:cc:fd:d7:f4:ae:43:7f:ce:14:fa:
9d:4e:07:19:e3:ce:de:02:ce:2c:44:7f:c7:eb:1b:d4:4f:1d:
f3:f0:d8:11:2a:71:d8:80:bf:7e:2a:6c:08:3c:ec:5d:27:3d:
c2:67:aa:f6:d2:8a:1b:fc:98:e9:b5:d2:17:0f:4e:a1:6b:46:
61:25:10:3c:e4:d0:da:68:ec:14:80:ba:00:21:ee:89:8b:6f:
9c:47:93:c4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFNdHOeUB+DSflSYe3IIWbbs8tx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTEwMjBaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZTMzMzI4ODJkNTAwNTI4ZGEyY2ZmODYxNDk0ZjkxMDUxZmEwNjY2ODFm
MWU3YzhlMDcxMjQ5Nzk2YTE0NzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI1j+fHj3iF6xCJX81yaoRFfvVU9vitY/1p4wPyvlLU6g2B+gFQLW6wrLAXs
+vkeZFlMfGDS5oqCjnKe1Mw5xHHCzSwDPugwrLSVwVfDL8OwqHtkKPGtIeDtschX
ONL7XBSQiXpz6hO+3hqMPHOqgeVJM/ppS1MI4iRfM3f4LgAYobLz+USSqu7Y0aZq
rAQXHRvMTnczgMvtXFrDx8mhK1A8L15pvNcmwUkLdXS4Nw/d7JF1BTPI3uA7AeEd
VKjjRYuIIXDBHNHZhClZCsXAVJDXq8bW/QTiTTPig7T8I//5c7J/CUTQMNKFHYJ7
eOHOBju6tDLMl7uAyKUSQbFG7jkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSN0g3S
soWNbfujZS1to+lVHW1cuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAO4P5U9y2QL9CU9fnO1u1dGwK94p5W62s+SxuAapG
3OwxheSflW+/15fALHBg0lnracZQ8pGbVcSh5+9dGVpw52enbKwn+2ZbK0hnhR4i
Cr1gZIVLaD1rAplQSdVjgqxOz3E2D1FoPgPzB8MRDZoOZKgtjrpn7YfjK1hBDr/m
eCAP1v0MSGlHkbzuz/1iR97Mao8ex9Va9TUNWF+r9J18VZVGLJr3352OAZfM/df0
rkN/zhT6nU4HGePO3gLOLER/x+sb1E8d8/DYESpx2IC/fipsCDzsXSc9wmeq9tKK
G/yY6bXSFw9OoWtGYSUQPOTQ2mjsFIC6ACHuiYtvnEeTxA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net