Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: QcHjVcZG4UXc4revhERVPNNKArDdFJeDqTbUpuEnZXg=
Subject key identifier: DB:59:11:08:F8:7A:96:F8:68:7A:E4:E5:28:49:1E:AD:AC:79:2A:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18ED7909846596EA25CEEC7B0AAA0170CE119A20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Fri 11 Apr 2025 00:50:16 +0000
ROA not before: Fri 11 Apr 2025 00:50:16 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:ed:79:09:84:65:96:ea:25:ce:ec:7b:0a:aa:01:70:ce:11:9a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:16 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=27fe7aeddafb69e47b23efd464d134a2731500f919a2c535c88c99d38a6b15f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:42:34:a3:86:45:2f:26:13:c5:21:a3:cf:52:
02:5b:e9:3e:10:77:24:7f:b5:db:ed:f8:dc:48:48:
26:ed:3d:ad:ef:12:b5:92:f8:5a:45:63:68:09:2e:
8f:da:fb:64:ed:87:c2:c6:88:2e:fb:b2:b2:17:cf:
3d:46:2c:b3:93:94:c6:f0:83:7e:96:13:e9:1e:2a:
e6:0a:69:da:6d:dd:7e:3c:78:ed:87:2f:3e:ef:ef:
ae:c0:fd:fa:b6:a9:3b:58:57:2d:ac:5c:e1:f6:65:
3b:89:8c:22:56:22:58:63:16:92:11:c6:89:f2:fa:
66:56:0d:cd:19:dd:aa:ab:30:45:36:f3:b6:8a:4e:
b6:f3:0b:fa:c2:67:c6:44:6a:c6:6f:e5:86:a3:f5:
c0:9c:39:08:3d:a2:d7:be:c9:38:df:9e:c6:3c:1a:
13:74:df:a8:1b:07:51:ae:72:b2:29:45:df:1a:92:
9d:6e:45:ce:a4:bd:c0:36:00:f8:eb:06:29:10:bc:
81:c1:52:ea:26:27:ed:70:14:87:85:35:c5:19:f8:
3c:a3:a3:70:d3:7c:b1:02:ed:2a:dd:f8:6b:f5:89:
88:54:fb:6d:9f:99:7b:34:a8:2c:3a:d6:6c:13:66:
60:1f:f6:ec:9a:9f:42:a2:48:d1:dc:c4:34:f0:2a:
49:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:59:11:08:F8:7A:96:F8:68:7A:E4:E5:28:49:1E:AD:AC:79:2A:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:b7:82:db:00:85:7e:cf:89:08:7f:30:ae:a5:4b:87:89:f9:
b7:cb:50:7c:a7:4c:46:81:44:4d:70:f8:09:35:d1:8c:d8:18:
f6:f7:7b:da:98:db:d1:0e:ab:ed:d2:3e:8e:8c:e8:6e:5e:d1:
ff:23:9b:39:6e:8c:ec:7a:90:de:47:2f:f8:23:05:0e:38:1f:
43:64:f8:25:a5:96:30:bd:ab:64:ac:68:7b:6c:25:61:e8:68:
43:12:15:3f:db:a7:46:86:e6:da:54:8f:96:4d:29:42:fe:f5:
d1:51:94:8c:1f:af:82:49:4b:1d:68:a9:32:1a:ba:00:94:cf:
e1:86:1d:cd:2e:c6:1b:8c:09:b8:1e:d1:aa:3c:bb:5b:84:e4:
63:fa:59:ff:46:d8:33:c3:cd:89:1b:14:e3:f2:f4:1a:19:f7:
d5:09:db:93:1c:83:e8:a8:d4:eb:2c:d1:ca:6e:be:25:be:46:
b8:aa:c3:e2:ed:49:bf:24:1a:94:ef:3a:0c:dc:d1:be:3f:42:
49:ef:e0:93:a8:b9:fc:4c:d6:c1:5c:cb:f6:61:30:9c:57:2a:
0e:3a:35:4a:de:e4:81:7a:0c:87:81:60:9b:c7:46:d4:62:e9:
28:b8:d2:c8:92:15:23:9f:e3:17:03:70:76:57:7b:86:9a:49:
d7:19:a9:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGO15CYRlluolzux7CqoBcM4RmiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMTZaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ZmU3YWVkZGFmYjY5ZTQ3YjIzZWZkNDY0ZDEzNGEyNzMxNTAwZjkxOWEy
YzUzNWM4OGM5OWQzOGE2YjE1ZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPBCNKOGRS8mE8Uho89SAlvpPhB3JH+12+343EhIJu09re8StZL4WkVjaAku
j9r7ZO2HwsaILvuyshfPPUYss5OUxvCDfpYT6R4q5gpp2m3dfjx47YcvPu/vrsD9
+rapO1hXLaxc4fZlO4mMIlYiWGMWkhHGifL6ZlYNzRndqqswRTbztopOtvML+sJn
xkRqxm/lhqP1wJw5CD2i177JON+exjwaE3TfqBsHUa5ysilF3xqSnW5FzqS9wDYA
+OsGKRC8gcFS6iYn7XAUh4U1xRn4PKOjcNN8sQLtKt34a/WJiFT7bZ+ZezSoLDrW
bBNmYB/27JqfQqJI0dzENPAqSTUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTbWREI
+HqW+Gh65OUoSR6trHkquTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCzt4LbAIV+z4kIfzCupUuHifm3y1B8p0xGgURNcPgJ
NdGM2Bj293vamNvRDqvt0j6OjOhuXtH/I5s5bozsepDeRy/4IwUOOB9DZPglpZYw
vatkrGh7bCVh6GhDEhU/26dGhubaVI+WTSlC/vXRUZSMH6+CSUsdaKkyGroAlM/h
hh3NLsYbjAm4HtGqPLtbhORj+ln/Rtgzw82JGxTj8vQaGffVCduTHIPoqNTrLNHK
br4lvka4qsPi7Um/JBqU7zoM3NG+P0JJ7+CTqLn8TNbBXMv2YTCcVyoOOjVK3uSB
egyHgWCbx0bUYukouNLIkhUjn+MXA3B2V3uGmknXGakw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net