Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: l3SgC0MvHsoubWIISAEZPvBbu1PawU1BeyZJdmeYRXc=
Subject key identifier: 5E:5B:B0:7F:DD:DE:32:96:B0:F0:55:9F:31:B2:BE:54:C0:9C:90:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 723981206FB0D7033944D6FDFAB68D2A24658738
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Mon 31 Mar 2025 21:31:14 +0000
ROA not before: Mon 31 Mar 2025 21:31:14 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:39:81:20:6f:b0:d7:03:39:44:d6:fd:fa:b6:8d:2a:24:65:87:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:14 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=7839bf88ee139589cf3c5d093e6adfe599f612b77d8bd5fbf6700118833d00b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7c:ef:4b:ee:9b:0b:83:50:6f:0a:c4:10:cc:
5e:27:60:f1:27:4b:98:f8:08:b5:a3:88:85:db:ef:
ea:82:6b:ea:29:d9:09:1d:8d:69:65:8b:e0:0b:76:
a0:f5:66:5a:21:c7:45:f6:34:b8:41:37:2b:0d:9a:
db:45:25:e6:4a:1a:8d:64:55:69:57:33:a8:80:b1:
fb:c8:44:84:90:eb:3f:cc:b0:dc:0f:34:36:9a:a6:
09:7e:a5:a7:e5:87:f0:aa:fc:10:f3:09:e1:51:46:
eb:23:54:c9:8b:cc:1d:3d:f7:22:1b:43:d2:f7:04:
9b:63:57:bb:86:fb:c9:bb:85:c3:05:d1:72:d3:15:
ae:05:7c:68:09:79:be:b4:5f:a0:ac:ec:64:b3:60:
bf:e0:b9:5a:56:27:e6:c4:68:db:ef:26:bc:4f:46:
2e:aa:57:ba:db:da:e2:67:2e:98:df:de:bf:2e:43:
f2:7e:8d:7c:22:28:7d:81:2a:17:55:43:31:8e:25:
81:2d:13:ea:ef:00:0a:ce:0d:b8:5d:18:eb:c9:f2:
a7:d1:00:1b:f2:42:fc:ee:c1:26:b1:9f:b6:12:60:
a9:12:26:10:3f:6d:8f:6b:ad:a7:67:a0:4f:12:10:
94:3d:4d:3d:74:c8:9f:da:97:b6:00:97:2b:c3:cb:
c9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5B:B0:7F:DD:DE:32:96:B0:F0:55:9F:31:B2:BE:54:C0:9C:90:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:91:e7:11:4c:90:90:ac:22:94:d8:59:ba:8f:4a:49:57:e6:
ef:b0:5a:d4:6d:cb:d1:f1:8a:2b:b8:4b:ef:1c:f3:0c:cc:20:
9e:51:39:de:b7:90:cb:ec:b2:32:b8:ed:e5:d2:42:e8:78:b9:
8d:45:bd:fd:71:29:b3:fb:3f:9c:8e:db:f0:65:67:ab:04:fe:
a4:bd:3c:e4:15:4f:f8:42:12:1a:ba:f0:84:14:17:eb:de:f8:
c2:0b:c1:d2:f6:36:db:e4:c8:fc:67:73:cb:c6:56:90:6e:61:
50:73:7c:ed:29:2a:c6:6f:14:69:3a:4c:63:c9:05:a9:75:36:
ae:cc:36:c5:89:84:58:e3:c9:a2:64:76:3b:e6:c7:72:7f:12:
95:29:d8:cd:9d:89:28:65:19:1f:2d:73:5c:d3:ee:03:f9:2d:
97:cb:d7:30:4a:ca:ea:28:fe:45:c8:69:e2:7c:c5:b3:51:2b:
ae:4b:17:6a:2a:61:b8:b8:d2:d5:88:94:46:c7:e6:11:cc:d2:
5e:24:bb:ba:ea:f2:8c:06:a7:0a:55:9d:78:e8:16:80:63:93:
27:f5:cb:80:0e:16:d5:d1:83:ef:0d:da:72:7b:59:ee:b4:e6:
b7:7d:c8:f0:30:88:87:4b:24:e6:3e:07:7d:a0:e8:96:d1:4d:
8c:e3:4b:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcjmBIG+w1wM5RNb9+raNKiRlhzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMTRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MzliZjg4ZWUxMzk1ODljZjNjNWQwOTNlNmFkZmU1OTlmNjEyYjc3ZDhi
ZDVmYmY2NzAwMTE4ODMzZDAwYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJh870vumwuDUG8KxBDMXidg8SdLmPgItaOIhdvv6oJr6inZCR2NaWWL4At2
oPVmWiHHRfY0uEE3Kw2a20Ul5koajWRVaVczqICx+8hEhJDrP8yw3A80NpqmCX6l
p+WH8Kr8EPMJ4VFG6yNUyYvMHT33IhtD0vcEm2NXu4b7ybuFwwXRctMVrgV8aAl5
vrRfoKzsZLNgv+C5WlYn5sRo2+8mvE9GLqpXutva4mcumN/evy5D8n6NfCIofYEq
F1VDMY4lgS0T6u8ACs4NuF0Y68nyp9EAG/JC/O7BJrGfthJgqRImED9tj2utp2eg
TxIQlD1NPXTIn9qXtgCXK8PLyTsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBReW7B/
3d4ylrDwVZ8xsr5UwJyQETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBdkecRTJCQrCKU2Fm6j0pJV+bvsFrUbcvR8YoruEvv
HPMMzCCeUTnet5DL7LIyuO3l0kLoeLmNRb39cSmz+z+cjtvwZWerBP6kvTzkFU/4
QhIauvCEFBfr3vjCC8HS9jbb5Mj8Z3PLxlaQbmFQc3ztKSrGbxRpOkxjyQWpdTau
zDbFiYRY48miZHY75sdyfxKVKdjNnYkoZRkfLXNc0+4D+S2Xy9cwSsrqKP5FyGni
fMWzUSuuSxdqKmG4uNLViJRGx+YRzNJeJLu66vKMBqcKVZ146BaAY5Mn9cuADhbV
0YPvDdpye1nutOa3fcjwMIiHSyTmPgd9oOiW0U2M40tK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net