Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: 7yujfZk1wVr/nn4GaPIAikmP14jp0PLK/5Y7FPIbDAw=
Subject key identifier: D8:55:B5:CE:79:EA:4D:94:5B:55:80:1E:32:C8:03:4F:EC:B9:D8:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FFD5C2E91F7EB51CF08A40F4635523B03A3908F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Fri 11 Apr 2025 00:50:23 +0000
ROA not before: Fri 11 Apr 2025 00:50:23 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:fd:5c:2e:91:f7:eb:51:cf:08:a4:0f:46:35:52:3b:03:a3:90:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:23 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=aa40c66c9cf32e24e456b142736dc98b35e4834dc09a572e74a035d3f071ef20, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:be:b7:cf:3e:80:9c:8d:11:30:1b:24:10:9f:
0b:ec:91:4b:2e:59:c0:38:9e:72:5f:c6:2d:41:fb:
8b:a6:13:63:cc:94:63:0f:a1:b2:31:56:db:fe:5a:
ab:f8:e3:3c:0c:1b:c3:5a:e8:92:c3:92:1e:f4:22:
f7:66:6e:ec:b0:79:a9:77:c6:cd:39:c8:b6:9c:4a:
45:14:3f:33:84:b0:d8:72:cc:80:29:f7:e1:62:60:
c7:7b:af:df:ee:2e:36:57:d8:68:b9:35:67:73:30:
93:67:82:98:08:cb:96:9e:fa:96:0b:48:67:84:0d:
52:e0:7d:4d:84:e3:f8:ff:4d:9d:07:27:64:2b:05:
a9:ce:f9:eb:a5:a6:2c:32:fa:8a:94:c3:a3:27:d0:
a1:7f:2f:57:4c:1e:85:32:01:59:ee:1a:82:69:32:
7e:b2:40:fa:ce:c7:6b:aa:a1:c2:6a:0c:ef:3b:28:
fb:47:91:44:d2:f7:3d:9e:3f:53:44:e8:7e:41:ba:
8c:61:48:f3:2d:cc:9d:59:db:e4:43:15:b6:f3:54:
2a:6e:f8:a7:d7:c4:17:da:a0:63:7a:46:5b:9e:a6:
c0:49:ec:5e:54:00:80:d4:da:50:5f:c5:ff:3b:d8:
8b:54:f4:6d:af:4d:96:48:fd:2c:53:16:a5:4a:6d:
1b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:55:B5:CE:79:EA:4D:94:5B:55:80:1E:32:C8:03:4F:EC:B9:D8:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:3d:d4:b2:c8:eb:0b:c2:a8:4b:be:e6:d3:96:34:39:3f:57:
47:bc:b9:67:69:d4:0f:45:11:fc:7b:22:a7:ef:1c:9b:0b:4e:
5a:0d:80:7a:4b:46:0c:9d:2a:9e:e9:f1:f6:6a:14:14:5e:67:
7f:b6:5a:28:5f:e6:c9:db:dd:6d:10:8d:2b:a1:68:fb:a0:bc:
5f:54:55:e5:ad:d1:4d:cf:fc:c8:e5:2a:50:cc:a8:95:e9:d0:
98:f2:1e:c4:ec:ed:11:4f:ab:00:c2:4b:fc:d5:d7:f5:77:bb:
9e:1d:a3:d1:ca:71:91:cb:f3:e2:c9:7c:f9:3c:ba:1f:b7:1d:
b0:5d:a3:37:24:cc:3e:46:61:ab:1e:60:8b:50:be:2d:ad:c3:
15:0d:bb:99:b5:62:2a:3a:c9:b4:f4:76:ee:a9:2f:c9:b6:07:
b2:36:a0:68:4b:a0:45:20:71:05:86:09:de:26:6e:6c:c2:2d:
39:dd:1e:e1:99:4f:dc:d8:57:d8:b4:4b:2a:f4:0d:14:66:e9:
1e:bb:66:cf:34:59:6d:8e:e4:2f:05:f3:c4:4d:33:98:de:d9:
75:67:ed:81:27:4f:b2:51:ec:d6:bc:fb:2a:0c:53:bd:b1:31:
6d:9c:de:73:03:bb:04:21:d6:7b:6b:00:2a:68:ff:fd:43:c8:
7f:81:46:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf/1cLpH361HPCKQPRjVSOwOjkI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMjNaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNDBjNjZjOWNmMzJlMjRlNDU2YjE0MjczNmRjOThiMzVlNDgzNGRjMDlh
NTcyZTc0YTAzNWQzZjA3MWVmMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJa+t88+gJyNETAbJBCfC+yRSy5ZwDiecl/GLUH7i6YTY8yUYw+hsjFW2/5a
q/jjPAwbw1roksOSHvQi92Zu7LB5qXfGzTnItpxKRRQ/M4Sw2HLMgCn34WJgx3uv
3+4uNlfYaLk1Z3Mwk2eCmAjLlp76lgtIZ4QNUuB9TYTj+P9NnQcnZCsFqc7566Wm
LDL6ipTDoyfQoX8vV0wehTIBWe4agmkyfrJA+s7Ha6qhwmoM7zso+0eRRNL3PZ4/
U0TofkG6jGFI8y3MnVnb5EMVtvNUKm74p9fEF9qgY3pGW56mwEnsXlQAgNTaUF/F
/zvYi1T0ba9Nlkj9LFMWpUptG2UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTYVbXO
eepNlFtVgB4yyANP7LnYGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQDUPdSyyOsLwqhLvubTljQ5P1dHvLlnadQPRRH8eyKn
7xybC05aDYB6S0YMnSqe6fH2ahQUXmd/tlooX+bJ291tEI0roWj7oLxfVFXlrdFN
z/zI5SpQzKiV6dCY8h7E7O0RT6sAwkv81df1d7ueHaPRynGRy/PiyXz5PLoftx2w
XaM3JMw+RmGrHmCLUL4trcMVDbuZtWIqOsm09HbuqS/JtgeyNqBoS6BFIHEFhgne
Jm5swi053R7hmU/c2FfYtEsq9A0UZukeu2bPNFltjuQvBfPETTOY3tl1Z+2BJ0+y
UezWvPsqDFO9sTFtnN5zA7sEIdZ7awAqaP/9Q8h/gUb7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net