Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: xhJ6SVh0jIV67ZP8Pj119Tp0LNpDwmRlj3UB0Tm2uYE=
Subject key identifier: 70:CB:54:F6:28:AE:E3:33:05:E6:73:43:12:90:67:63:23:67:D1:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B8B98C1981C3E06C09AD7BF46DAD71E280D8662
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Mon 31 Mar 2025 21:20:07 +0000
ROA not before: Mon 31 Mar 2025 21:20:07 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:8b:98:c1:98:1c:3e:06:c0:9a:d7:bf:46:da:d7:1e:28:0d:86:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:07 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=e7c9d5b12e821ac8ffb665ae4e20833fbdcb9ef704cfb272ab29f7f766ef9b02, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3d:47:bd:25:68:6f:dd:3d:0a:ff:71:a4:5e:
b5:31:a1:a3:4c:68:7f:0a:3b:0e:fb:3d:95:b5:f9:
d9:34:a9:c7:79:66:9e:e9:da:d6:89:07:7b:cb:18:
fd:b9:2a:01:14:83:e8:c1:89:87:7f:7f:c8:3f:c1:
de:56:34:f6:99:57:5d:89:fc:8a:7d:53:89:65:84:
d4:2c:14:e7:50:81:81:36:76:75:da:4b:b6:39:76:
8b:20:70:67:70:1d:61:5f:58:2a:21:2c:83:55:43:
34:10:cc:a3:b7:93:87:4d:34:1a:c4:ad:90:37:67:
63:6e:f3:47:f8:6a:80:4f:4b:61:a6:00:40:57:15:
e8:c8:72:a0:62:4f:b1:19:77:00:c1:19:ff:1a:2f:
1f:07:62:df:1c:19:94:06:37:a9:8e:9f:e6:d1:aa:
e0:06:16:56:83:89:28:f6:19:33:39:bc:bc:ef:81:
9f:2c:f4:48:b4:cb:34:b1:28:e7:33:f1:2a:84:38:
cd:89:81:88:7f:f3:e0:1a:b7:78:43:cb:a4:fd:91:
14:9c:b4:c6:ff:9e:eb:e9:b9:52:9f:5f:ee:ba:a8:
10:1e:0f:f3:0a:9e:95:e2:85:1b:ee:26:5e:ab:69:
de:1f:db:d0:19:b0:5d:26:2c:91:1e:8d:02:84:ca:
50:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CB:54:F6:28:AE:E3:33:05:E6:73:43:12:90:67:63:23:67:D1:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:2d:3c:ef:f7:12:39:c7:37:f5:c9:20:9e:10:6c:4d:6a:d2:
4e:23:13:9d:46:36:0d:66:e7:1e:e4:c6:b2:36:a9:fd:fc:bb:
72:43:6c:fd:0e:52:13:48:dd:8d:79:e6:ab:2a:33:1a:72:61:
70:36:5b:7a:78:f1:16:5d:2c:b5:5d:70:33:7f:d5:0b:03:34:
06:c7:7e:6b:19:4a:c8:a8:1f:c8:7b:f1:97:7b:5d:1e:bf:e6:
f1:88:89:c6:27:7c:55:16:c9:d2:88:09:20:1c:8b:db:57:bf:
50:da:ae:29:7e:1a:a7:dd:84:77:6b:06:cc:ee:5d:b1:bc:38:
07:fa:07:fa:52:86:64:6b:a8:3a:16:a2:ff:91:6e:eb:2f:26:
c9:94:2b:f1:d3:b1:0a:8f:6d:06:d4:fe:b1:9c:b6:80:57:e6:
ce:f6:48:b6:b1:46:eb:25:c5:56:8d:6e:21:71:2f:8f:0c:43:
20:cc:9a:39:7e:37:7d:6c:3e:01:cd:93:65:61:ca:26:71:e9:
77:4a:94:11:42:07:70:c8:9b:84:1a:b6:55:a5:a4:97:1d:c7:
fe:3d:2b:19:4b:ad:b8:11:fb:85:c4:60:4c:bb:b6:db:f0:34:
85:02:90:d9:e0:e7:b2:4c:24:60:8d:91:a9:52:58:43:79:d9:
a1:9f:1e:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe4uYwZgcPgbAmte/RtrXHigNhmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3YzlkNWIxMmU4MjFhYzhmZmI2NjVhZTRlMjA4MzNmYmRjYjllZjcwNGNm
YjI3MmFiMjlmN2Y3NjZlZjliMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMo9R70laG/dPQr/caRetTGho0xofwo7Dvs9lbX52TSpx3lmnuna1okHe8sY
/bkqARSD6MGJh39/yD/B3lY09plXXYn8in1TiWWE1CwU51CBgTZ2ddpLtjl2iyBw
Z3AdYV9YKiEsg1VDNBDMo7eTh000GsStkDdnY27zR/hqgE9LYaYAQFcV6MhyoGJP
sRl3AMEZ/xovHwdi3xwZlAY3qY6f5tGq4AYWVoOJKPYZMzm8vO+Bnyz0SLTLNLEo
5zPxKoQ4zYmBiH/z4Bq3eEPLpP2RFJy0xv+e6+m5Up9f7rqoEB4P8wqeleKFG+4m
Xqtp3h/b0BmwXSYskR6NAoTKUKsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwy1T2
KK7jMwXmc0MSkGdjI2fRPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQCpLTzv9xI5xzf1ySCeEGxNatJOIxOdRjYNZuce5May
Nqn9/LtyQ2z9DlITSN2NeearKjMacmFwNlt6ePEWXSy1XXAzf9ULAzQGx35rGUrI
qB/Ie/GXe10ev+bxiInGJ3xVFsnSiAkgHIvbV79Q2q4pfhqn3YR3awbM7l2xvDgH
+gf6UoZka6g6FqL/kW7rLybJlCvx07EKj20G1P6xnLaAV+bO9ki2sUbrJcVWjW4h
cS+PDEMgzJo5fjd9bD4BzZNlYcomcel3SpQRQgdwyJuEGrZVpaSXHcf+PSsZS624
EfuFxGBMu7bb8DSFApDZ4OeyTCRgjZGpUlhDedmhnx4B
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net