Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: lmIJxcl49OcDpQBHTEpSFlpoNdNTOeAqrj/T3lQi6jM=
Subject key identifier: 15:13:15:B3:1E:3A:42:F0:66:C7:C3:F9:99:DA:2F:7C:B2:D6:9F:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 443FCD2EF2BF05942A37663F72FB639465ED8599
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Fri 11 Apr 2025 00:50:46 +0000
ROA not before: Fri 11 Apr 2025 00:50:46 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:3f:cd:2e:f2:bf:05:94:2a:37:66:3f:72:fb:63:94:65:ed:85:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:46 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=22df65a127f912f4d72015b05e7632835b362386c2cc71d8b89e29371ffc0975, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:a6:04:a3:8c:27:af:4e:b2:8d:a2:7b:c4:
18:3e:ac:5b:3b:7d:c2:ae:53:35:d1:c0:7f:39:ca:
70:93:5a:88:7e:03:df:8a:4d:a7:5c:6f:33:7c:1a:
15:67:5e:a7:56:eb:ed:4b:7f:66:74:9c:0b:13:8d:
51:93:10:11:99:7a:a4:5b:44:46:58:e1:c4:dc:cf:
a0:59:50:06:71:f3:cb:3c:dc:73:ff:e4:0a:c8:cb:
21:06:fd:8e:49:fa:74:3f:bb:3b:ab:b3:4b:c8:3c:
25:8c:fe:86:cf:e1:9b:8b:5f:7d:80:32:9c:91:33:
2d:0e:c2:85:36:49:ec:84:94:e7:d2:b4:70:ec:e0:
e8:06:07:be:1c:4e:40:56:f5:3e:15:46:6d:ce:e7:
c7:19:6d:83:b8:a6:99:ac:11:e7:ed:8c:e2:00:68:
6f:62:1f:c0:71:13:9c:ca:ea:06:0b:c8:ea:be:3f:
e2:ba:d7:bd:43:f5:c3:42:8e:44:a2:ee:fd:65:94:
93:de:75:41:66:4d:75:83:d0:02:c7:fb:b5:6c:14:
ea:ae:ad:10:5b:b0:24:a3:b5:8c:7b:5c:46:54:cc:
17:13:d0:ae:c5:87:69:3e:25:e8:dd:83:b4:ae:87:
09:83:2b:86:83:c9:8d:01:98:8c:25:a8:5e:5a:b0:
bf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:13:15:B3:1E:3A:42:F0:66:C7:C3:F9:99:DA:2F:7C:B2:D6:9F:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:59:3a:5e:91:21:99:48:83:37:b8:09:07:fb:86:a6:26:36:
ba:67:50:91:ed:3d:7d:ba:b6:42:de:69:0a:c9:cc:42:bc:25:
8c:05:dd:28:3f:97:1b:3d:b7:ba:14:e4:aa:4e:9b:14:2a:14:
79:f7:93:c5:2a:94:1c:74:63:ee:78:d4:f5:f0:21:54:25:bf:
b6:e3:8d:55:53:ad:92:4e:4c:dc:21:72:71:c0:3b:a9:05:2d:
90:b9:84:33:18:73:66:62:e6:3b:b9:dc:2e:1e:a7:9e:41:05:
cb:c8:2b:1c:60:e0:b7:78:30:7c:96:7d:fb:65:dd:10:21:0b:
96:84:df:f1:07:ce:df:4a:69:ad:35:92:a6:ae:b3:43:98:40:
a4:26:5e:e6:4d:e0:96:93:b2:b4:83:b5:0f:38:eb:98:dd:11:
ab:99:8a:9f:e2:cd:c5:48:4c:fd:1a:7c:2e:37:c6:0f:1c:fd:
f0:82:88:af:22:98:bc:c0:5f:ba:cc:e9:f9:f2:4b:62:3e:91:
23:3b:6f:c3:a8:9e:ff:c9:fb:3a:56:59:02:fe:e0:99:d2:96:
9a:4b:84:a6:eb:a4:02:82:3b:f0:ee:9b:34:1e:54:65:08:3a:
18:ea:47:a0:53:5e:da:6c:0c:23:5c:0e:4f:9c:36:60:ec:90:
7b:b4:7c:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURD/NLvK/BZQqN2Y/cvtjlGXthZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwNDZaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyZGY2NWExMjdmOTEyZjRkNzIwMTViMDVlNzYzMjgzNWIzNjIzODZjMmNj
NzFkOGI4OWUyOTM3MWZmYzA5NzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoHpgSjjCevTrKNonvEGD6sWzt9wq5TNdHAfznKcJNaiH4D34pNp1xvM3wa
FWdep1br7Ut/ZnScCxONUZMQEZl6pFtERljhxNzPoFlQBnHzyzzcc//kCsjLIQb9
jkn6dD+7O6uzS8g8JYz+hs/hm4tffYAynJEzLQ7ChTZJ7ISU59K0cOzg6AYHvhxO
QFb1PhVGbc7nxxltg7immawR5+2M4gBob2IfwHETnMrqBgvI6r4/4rrXvUP1w0KO
RKLu/WWUk951QWZNdYPQAsf7tWwU6q6tEFuwJKO1jHtcRlTMFxPQrsWHaT4l6N2D
tK6HCYMrhoPJjQGYjCWoXlqwv+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVExWz
HjpC8GbHw/mZ2i98stafGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQBVWTpekSGZSIM3uAkH+4amJja6Z1CR7T19urZC3mkK
ycxCvCWMBd0oP5cbPbe6FOSqTpsUKhR595PFKpQcdGPueNT18CFUJb+2441VU62S
TkzcIXJxwDupBS2QuYQzGHNmYuY7udwuHqeeQQXLyCscYOC3eDB8ln37Zd0QIQuW
hN/xB87fSmmtNZKmrrNDmECkJl7mTeCWk7K0g7UPOOuY3RGrmYqf4s3FSEz9Gnwu
N8YPHP3wgoivIpi8wF+6zOn58ktiPpEjO2/DqJ7/yfs6VlkC/uCZ0paaS4Sm66QC
gjvw7ps0HlRlCDoY6kegU17abAwjXA5PnDZg7JB7tHzj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net