Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: tL/sHzhnp2O82XSyC1MPH/nAznjuGcUPCHpKK8c6SPM=
Subject key identifier: F1:E9:7B:B1:D9:AB:9E:91:B0:87:F4:F2:62:40:F8:20:DE:17:91:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B2D002596D2B60A0CA0392F7ACC00DC8DF5268D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Fri 11 Apr 2025 00:50:09 +0000
ROA not before: Fri 11 Apr 2025 00:50:09 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:2d:00:25:96:d2:b6:0a:0c:a0:39:2f:7a:cc:00:dc:8d:f5:26:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:09 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=f926f1429b0876f27487a0095a80f1ba802f34f527bdd7410c3e3a40838687fc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:cc:3b:12:61:21:00:f2:79:a9:5d:3f:22:b0:
e3:0b:27:3c:a6:c4:46:e0:5e:8a:30:66:b8:69:b9:
f4:7b:43:9d:8f:aa:92:ac:4c:e7:34:1e:a5:2c:86:
91:4c:18:27:dc:67:8b:a4:3d:8d:53:90:b0:18:21:
77:eb:94:4a:13:8e:d8:b5:64:b6:d8:9b:ac:6f:f9:
c5:cf:58:d7:38:99:cd:16:00:bd:e8:0a:a8:34:ec:
38:34:1f:5f:19:13:3c:73:73:bb:15:63:a1:3a:19:
a5:78:39:92:c4:58:81:91:55:9c:36:56:57:1b:34:
e0:b2:62:c5:16:47:99:40:36:40:04:f1:43:b5:13:
0e:d4:17:25:dd:81:85:10:02:e5:46:f1:2d:74:ed:
f6:39:5d:aa:86:af:12:2f:bd:0f:34:19:b6:68:03:
fa:6d:c6:7e:4a:d6:bd:5b:09:02:ea:e4:d6:f4:40:
82:35:38:26:cd:d5:8d:66:8b:6d:47:f2:6d:21:be:
6c:83:4a:e8:84:a2:3e:02:5a:94:84:e5:5a:cf:be:
68:15:5c:16:64:c7:c8:17:73:d2:98:81:14:c9:d2:
4b:d4:ef:5d:12:48:00:3c:52:49:e4:43:cd:08:ac:
51:38:f5:2a:4e:fa:6f:bf:df:d8:4f:f7:42:a4:3a:
90:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E9:7B:B1:D9:AB:9E:91:B0:87:F4:F2:62:40:F8:20:DE:17:91:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:3f:e8:ae:96:77:6e:b7:8e:69:49:3d:39:6f:e7:46:c1:11:
de:90:9d:63:ba:a8:ae:7e:3d:63:6c:2e:a2:3b:a7:27:2a:ec:
aa:e1:dd:6d:69:8c:cc:1a:57:ee:31:7c:5c:01:95:f9:e7:ff:
44:9e:ac:4a:c4:05:d6:49:b5:dd:be:a5:16:d1:73:10:88:3b:
e5:3a:ff:a0:08:9d:fe:1c:93:3d:ee:bf:82:44:78:aa:46:b3:
83:77:b6:f6:3b:03:dc:6c:88:71:12:db:40:54:c2:66:ad:3a:
48:e5:22:7a:cc:69:2d:02:5f:1c:f8:71:f3:d4:0e:d1:e8:5e:
c7:c9:0c:6b:0a:53:94:dc:57:06:88:2a:67:a6:b0:18:45:1b:
85:9c:a8:97:d5:f2:69:da:f5:9a:29:78:91:c0:bb:a9:04:74:
26:d6:3b:82:74:44:1d:07:77:af:67:f4:17:a4:30:fd:16:60:
fc:97:86:7d:10:a1:85:3e:6e:4d:db:20:03:5e:0b:3a:0b:78:
8c:f8:12:93:c3:31:18:5c:e6:ad:ab:55:6b:fd:84:07:e4:c8:
34:ed:98:05:66:c2:5e:69:59:cc:62:7a:57:71:9b:2b:fd:53:
37:bd:e4:13:c1:8f:a0:20:28:e2:a5:ba:43:85:5f:7b:ae:52:
b1:2d:3f:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOy0AJZbStgoMoDkveswA3I31Jo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMDlaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MjZmMTQyOWIwODc2ZjI3NDg3YTAwOTVhODBmMWJhODAyZjM0ZjUyN2Jk
ZDc0MTBjM2UzYTQwODM4Njg3ZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHMOxJhIQDyealdPyKw4wsnPKbERuBeijBmuGm59HtDnY+qkqxM5zQepSyG
kUwYJ9xni6Q9jVOQsBghd+uUShOO2LVkttibrG/5xc9Y1ziZzRYAvegKqDTsODQf
XxkTPHNzuxVjoToZpXg5ksRYgZFVnDZWVxs04LJixRZHmUA2QATxQ7UTDtQXJd2B
hRAC5UbxLXTt9jldqoavEi+9DzQZtmgD+m3GfkrWvVsJAurk1vRAgjU4Js3VjWaL
bUfybSG+bINK6ISiPgJalITlWs++aBVcFmTHyBdz0piBFMnSS9TvXRJIADxSSeRD
zQisUTj1Kk76b7/f2E/3QqQ6kMUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTx6Xux
2auekbCH9PJiQPgg3heR1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQBvP+iulndut45pST05b+dGwRHekJ1juqiufj1jbC6i
O6cnKuyq4d1taYzMGlfuMXxcAZX55/9EnqxKxAXWSbXdvqUW0XMQiDvlOv+gCJ3+
HJM97r+CRHiqRrODd7b2OwPcbIhxEttAVMJmrTpI5SJ6zGktAl8c+HHz1A7R6F7H
yQxrClOU3FcGiCpnprAYRRuFnKiX1fJp2vWaKXiRwLupBHQm1juCdEQdB3evZ/QX
pDD9FmD8l4Z9EKGFPm5N2yADXgs6C3iM+BKTwzEYXOatq1Vr/YQH5Mg07ZgFZsJe
aVnMYnpXcZsr/VM3veQTwY+gICjipbpDhV97rlKxLT8D
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net