Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: vvCLw2BglxLLoA+3mVr54H3et66KVIs/Hq76uDyogGE=
Subject key identifier: 42:5E:72:A8:27:0B:6B:0F:8C:8D:54:38:FF:E2:18:D2:C9:12:7C:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3862EFE8A6C6441CDBAD7F1CF16BD93435DFF6CD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Tue 01 Apr 2025 15:11:03 +0000
ROA not before: Tue 01 Apr 2025 15:11:03 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:62:ef:e8:a6:c6:44:1c:db:ad:7f:1c:f1:6b:d9:34:35:df:f6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:11:03 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=f54326c07ca1e11a039ef7b6594dbdf55988533b27aa52ebd36ebfa57d137767, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:28:06:41:95:55:31:41:e8:ec:31:60:99:f3:
10:20:02:47:21:e4:f6:e9:81:ca:8b:19:45:db:d5:
6d:33:41:3f:03:58:94:9f:19:19:f2:ea:f0:c5:b0:
c8:14:8e:23:d3:39:3d:aa:04:f3:d2:7d:c2:a7:38:
59:13:73:64:ec:66:48:30:80:e5:0b:37:96:10:6f:
82:f5:77:9c:d4:20:8b:5b:f9:d5:f4:f4:25:75:9c:
35:c1:93:e1:30:e4:0f:8b:d0:4e:c2:b6:5a:c6:8d:
0b:19:03:14:00:02:f1:b7:56:3d:bf:59:8b:fa:0f:
a4:60:72:61:22:38:ee:37:65:9b:70:53:f5:68:72:
d3:84:a2:46:ff:e2:db:ee:a8:32:f6:a2:a9:ea:ab:
4b:c0:5c:4f:6b:6b:f7:94:19:6e:08:4c:22:4d:3e:
41:3c:fc:1a:ff:84:6e:b8:af:7a:99:56:36:2b:47:
b8:92:85:55:6c:78:86:1a:75:95:90:7c:8e:80:e5:
67:a0:98:00:60:8b:ee:07:81:30:a6:58:fd:ac:84:
86:89:b4:45:90:2f:ec:aa:55:94:c8:f4:74:76:72:
86:aa:02:bb:ee:52:0f:aa:c1:da:3b:96:24:9b:b4:
15:33:ca:4e:13:06:c0:50:21:06:37:bb:7a:30:ec:
1b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5E:72:A8:27:0B:6B:0F:8C:8D:54:38:FF:E2:18:D2:C9:12:7C:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:a1:0c:82:b6:71:e0:87:07:ea:b8:3b:c8:53:5f:b0:a2:80:
07:8b:b4:15:96:91:f6:a1:ad:b4:80:51:c3:18:76:4c:8c:01:
bf:9f:2f:89:ef:39:1f:e5:25:ff:5c:b0:a1:74:46:eb:bb:9c:
92:d3:a8:5a:65:4e:9a:a4:ca:07:52:56:d7:aa:36:8a:24:95:
ef:6c:5b:7e:54:2c:e8:44:b0:1d:d9:c5:0f:18:70:68:9b:f1:
01:f9:50:6d:06:8b:6b:fb:ad:8e:a0:14:6e:c6:c9:79:4a:c4:
80:74:41:31:d1:6f:38:9e:4a:77:eb:7d:a6:b3:66:bc:7b:ba:
89:ef:c3:a5:9e:27:5e:70:8f:41:a0:51:cb:4e:aa:d4:7c:b2:
24:37:7d:14:a4:e0:a9:a1:c7:87:e5:3a:1a:ef:69:0f:86:94:
8e:aa:86:62:b4:9e:97:aa:87:d4:e4:f6:0a:03:fa:0c:b7:d0:
21:e7:7c:12:66:bc:f3:d6:42:5b:35:d7:78:64:1f:c0:3a:62:
34:5e:63:4d:f2:aa:16:09:c9:36:4c:5f:c1:6c:1c:ed:47:5d:
67:8e:81:02:ca:ec:1d:e0:8c:e2:1e:ab:e6:85:ad:5f:38:bf:
50:c7:ac:61:46:52:b8:72:06:e1:6c:ff:4c:7b:54:65:44:01:
8c:c0:90:6d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOGLv6KbGRBzbrX8c8WvZNDXf9s0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTExMDNaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NDMyNmMwN2NhMWUxMWEwMzllZjdiNjU5NGRiZGY1NTk4ODUzM2IyN2Fh
NTJlYmQzNmViZmE1N2QxMzc3NjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8oBkGVVTFB6OwxYJnzECACRyHk9umByosZRdvVbTNBPwNYlJ8ZGfLq8MWw
yBSOI9M5PaoE89J9wqc4WRNzZOxmSDCA5Qs3lhBvgvV3nNQgi1v51fT0JXWcNcGT
4TDkD4vQTsK2WsaNCxkDFAAC8bdWPb9Zi/oPpGByYSI47jdlm3BT9Why04SiRv/i
2+6oMvaiqeqrS8BcT2tr95QZbghMIk0+QTz8Gv+EbriveplWNitHuJKFVWx4hhp1
lZB8joDlZ6CYAGCL7geBMKZY/ayEhom0RZAv7KpVlMj0dHZyhqoCu+5SD6rB2juW
JJu0FTPKThMGwFAhBje7ejDsGycCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRCXnKo
JwtrD4yNVDj/4hjSyRJ8mDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAbaEMgrZx4IcH6rg7yFNfsKKAB4u0FZaR9qGttIBR
wxh2TIwBv58vie85H+Ul/1ywoXRG67ucktOoWmVOmqTKB1JW16o2iiSV72xbflQs
6ESwHdnFDxhwaJvxAflQbQaLa/utjqAUbsbJeUrEgHRBMdFvOJ5Kd+t9prNmvHu6
ie/DpZ4nXnCPQaBRy06q1HyyJDd9FKTgqaHHh+U6Gu9pD4aUjqqGYrSel6qH1OT2
CgP6DLfQIed8Ema889ZCWzXXeGQfwDpiNF5jTfKqFgnJNkxfwWwc7UddZ46BAsrs
HeCM4h6r5oWtXzi/UMesYUZSuHIG4Wz/THtUZUQBjMCQbQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net