Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: Ia/caK/HA78YYyBcV5NAL6+H6xaC6NBbq0sJYWuIheY=
Subject key identifier: 71:43:3C:02:63:0B:55:96:5C:8B:B8:FF:2C:27:1E:AE:27:BB:D1:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53C923EC45DD5995134448D2182B6BD7D46AA19D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Mon 31 Mar 2025 21:20:04 +0000
ROA not before: Mon 31 Mar 2025 21:20:04 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c9:23:ec:45:dd:59:95:13:44:48:d2:18:2b:6b:d7:d4:6a:a1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:04 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=d1e7f11c7b0ef1274d24a91e41ce42d21edb268ac78681bb2a167d373dc77f04, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:05:2c:2d:64:41:b6:97:32:46:48:37:37:82:
ca:7c:30:10:6c:c8:c2:02:d9:7e:09:c5:54:9c:9d:
2c:46:ac:2e:17:03:d3:a5:67:ea:f4:ac:75:8d:21:
55:a4:12:cb:88:0e:c0:60:ad:ea:42:6f:c5:10:8b:
27:8e:c8:63:45:d7:f8:b5:b0:c1:b1:41:48:bb:8b:
11:0b:be:dc:99:bf:a2:12:12:71:11:04:96:54:50:
be:4a:2f:19:75:6f:13:c2:77:7d:e5:45:6b:9f:d0:
20:f5:1e:44:af:4c:6d:84:43:92:dd:64:36:f6:65:
3e:09:45:f2:4c:b2:e1:ef:87:9d:0b:0b:5c:09:a7:
a0:fc:d6:61:1f:26:18:4e:ec:e5:f2:cb:08:23:81:
07:b9:46:0c:de:e2:15:45:df:93:8f:ea:da:15:1f:
78:1f:8f:3b:ef:66:e1:8d:32:6f:49:c1:30:23:62:
c9:48:b0:c9:92:a7:a0:c6:6c:b7:f2:f5:8c:57:a6:
1d:c4:d0:b5:d2:e0:11:64:d2:28:b7:0d:9e:76:9e:
81:10:1a:44:d7:b3:b2:51:7a:94:0d:d0:51:71:fb:
ba:e3:c8:80:9c:44:95:4a:81:b5:e9:ef:f7:17:2f:
8d:f1:2d:0e:59:52:46:f8:86:cb:4c:1c:8c:1c:d6:
28:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:3C:02:63:0B:55:96:5C:8B:B8:FF:2C:27:1E:AE:27:BB:D1:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:19:e0:2a:95:8e:26:72:81:17:c6:8a:04:9f:d1:61:b3:5c:
fe:27:08:4f:4b:de:f5:19:1e:79:d4:24:86:5a:84:c9:7b:d2:
eb:13:03:75:cd:69:89:22:69:8f:8d:7e:ea:0e:9c:7c:46:e5:
d5:09:7d:4a:6b:a1:2f:50:5d:c9:2d:84:b0:b4:bc:dc:7a:3d:
bd:4b:ce:ed:08:60:55:71:8a:31:6b:43:04:26:5b:49:92:b9:
10:5e:03:26:ce:bf:07:5a:39:43:8f:11:a3:ad:17:93:4e:bd:
3f:ef:21:32:9b:0a:79:22:10:41:3a:bb:bf:b8:48:92:cd:64:
ab:dd:a2:fd:49:5d:98:3f:50:44:4a:95:d7:aa:ce:00:07:de:
7a:3e:16:29:30:a3:d2:0b:5f:70:b1:a0:c0:54:65:6f:1a:57:
59:49:68:44:ba:4e:c0:11:e5:d6:60:1c:bb:9a:46:75:41:ac:
17:80:44:de:8a:b4:dd:2e:db:df:15:ef:52:f4:de:3d:f6:0d:
f5:de:63:4b:e7:b5:b7:63:f7:99:f9:35:38:44:b9:55:35:68:
18:61:47:67:3a:c1:ae:e7:b8:6f:00:9f:b2:8a:d5:e9:62:f1:
a0:69:91:56:e6:b7:0b:52:12:4f:f5:14:bb:14:5e:2e:51:4b:
08:99:7f:06
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU8kj7EXdWZUTREjSGCtr19RqoZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZTdmMTFjN2IwZWYxMjc0ZDI0YTkxZTQxY2U0MmQyMWVkYjI2OGFjNzg2
ODFiYjJhMTY3ZDM3M2RjNzdmMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQFLC1kQbaXMkZINzeCynwwEGzIwgLZfgnFVJydLEasLhcD06Vn6vSsdY0h
VaQSy4gOwGCt6kJvxRCLJ47IY0XX+LWwwbFBSLuLEQu+3Jm/ohIScREEllRQvkov
GXVvE8J3feVFa5/QIPUeRK9MbYRDkt1kNvZlPglF8kyy4e+HnQsLXAmnoPzWYR8m
GE7s5fLLCCOBB7lGDN7iFUXfk4/q2hUfeB+PO+9m4Y0yb0nBMCNiyUiwyZKnoMZs
t/L1jFemHcTQtdLgEWTSKLcNnnaegRAaRNezslF6lA3QUXH7uuPIgJxElUqBtenv
9xcvjfEtDllSRviGy0wcjBzWKI0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxQzwC
YwtVllyLuP8sJx6uJ7vR6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAOhngKpWOJnKBF8aKBJ/RYbNc/icIT0ve9RkeedQk
hlqEyXvS6xMDdc1piSJpj41+6g6cfEbl1Ql9SmuhL1BdyS2EsLS83Ho9vUvO7Qhg
VXGKMWtDBCZbSZK5EF4DJs6/B1o5Q48Ro60Xk069P+8hMpsKeSIQQTq7v7hIks1k
q92i/UldmD9QREqV16rOAAfeej4WKTCj0gtfcLGgwFRlbxpXWUloRLpOwBHl1mAc
u5pGdUGsF4BE3oq03S7b3xXvUvTePfYN9d5jS+e1t2P3mfk1OES5VTVoGGFHZzrB
rue4bwCfsorV6WLxoGmRVua3C1IST/UUuxReLlFLCJl/Bg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net