Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: psdtJ2W5r64b4EDcLSSnfxqctbBDrrc8pUi6iYEpJW0=
Subject key identifier: 7C:D3:F8:B5:AB:65:E9:2E:32:9E:09:A3:E3:3B:11:85:8B:1E:86:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54D6A3AE7F9A40DF034DCE6736D740AE02F1D8D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Mon 31 Mar 2025 21:30:12 +0000
ROA not before: Mon 31 Mar 2025 21:30:12 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:d6:a3:ae:7f:9a:40:df:03:4d:ce:67:36:d7:40:ae:02:f1:d8:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:12 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=9f987c0f4a6b8cbe6cdf3769039ebee7518faca432ffee5ac9a9d43c9014dca5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:76:3c:b8:61:79:e0:20:42:c4:87:59:34:c4:
90:66:ad:2c:37:0e:5a:83:89:9e:f0:75:23:db:92:
04:6f:b1:ba:82:aa:e0:a0:71:3e:d8:e7:f0:ce:a2:
72:69:dd:b8:6c:25:60:d0:a8:fa:36:3b:a5:14:51:
b9:93:98:57:75:0b:ed:20:1a:f2:f0:ae:94:33:a1:
03:10:c7:be:09:ba:2e:0d:8c:58:9f:27:ab:47:1b:
a1:66:f8:38:38:7c:b4:db:ae:f1:e7:fe:01:97:bd:
95:85:5e:df:d0:f4:12:6f:35:20:4e:19:d2:85:27:
0f:c5:8b:e7:d4:00:23:37:2d:86:0c:ef:dd:24:c8:
03:21:04:15:a1:62:8c:de:1f:80:98:1f:aa:11:29:
46:ba:93:bf:f9:96:2c:8c:70:bd:75:3d:0e:7a:b0:
ac:45:ce:7f:ad:51:f6:42:5f:96:e1:ee:a9:e2:2c:
ea:ce:52:5b:00:93:bf:a5:a1:0c:e8:98:44:c1:36:
cb:5b:16:0b:6a:e7:d7:e1:d1:6f:3b:1d:34:c4:07:
ce:2c:1a:b4:7f:08:ef:91:2c:0f:d6:01:c3:f0:1a:
28:e2:c3:d3:7b:ff:4e:4a:0e:27:a7:cf:bd:b6:59:
d2:ec:a8:c9:bc:93:37:c7:67:be:9e:91:9f:f5:1f:
b4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D3:F8:B5:AB:65:E9:2E:32:9E:09:A3:E3:3B:11:85:8B:1E:86:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:90:4e:42:bd:6d:c2:b9:c5:3d:c0:5b:5f:bf:1d:9a:8d:51:
eb:35:bd:a4:94:13:8d:07:e1:dc:f9:13:e7:ae:50:4b:ad:0a:
f3:d5:59:1d:c3:65:81:17:b5:9f:30:c9:41:1c:28:9e:89:aa:
09:5d:31:21:22:a7:5b:4a:b2:4a:1c:e8:54:9b:98:41:da:db:
79:b6:4d:20:cf:0d:dd:88:04:25:f9:b8:d8:e6:b0:38:38:57:
d0:0b:d3:65:41:69:f3:7d:84:5f:8c:6c:77:f7:ec:f0:86:71:
42:c5:04:44:db:dc:05:88:6c:07:ff:41:d3:65:30:a0:f3:bc:
6a:f6:af:cb:3d:4c:50:9e:f9:e3:7c:11:41:db:09:83:18:13:
85:aa:f8:cd:f8:92:2d:d4:36:6e:3f:d3:85:f9:79:14:99:c8:
2f:f0:34:3b:7c:d6:cb:4f:27:6f:68:1b:94:84:92:f1:bb:64:
1e:2e:c6:6c:73:80:7d:86:fc:62:ec:75:d3:da:7b:36:07:74:
38:ce:3b:8d:26:76:ec:ff:07:21:d9:56:44:21:2c:30:af:e0:
b0:57:47:ab:30:a0:dd:83:44:7b:69:64:7d:cd:be:c1:d2:d5:
cc:19:fe:14:50:1d:db:42:f0:fe:6c:1e:e5:2a:85:8e:35:8b:
ef:80:6a:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVNajrn+aQN8DTc5nNtdArgLx2NYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwMTJaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmOTg3YzBmNGE2YjhjYmU2Y2RmMzc2OTAzOWViZWU3NTE4ZmFjYTQzMmZm
ZWU1YWM5YTlkNDNjOTAxNGRjYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ12PLhheeAgQsSHWTTEkGatLDcOWoOJnvB1I9uSBG+xuoKq4KBxPtjn8M6i
cmnduGwlYNCo+jY7pRRRuZOYV3UL7SAa8vCulDOhAxDHvgm6Lg2MWJ8nq0cboWb4
ODh8tNuu8ef+AZe9lYVe39D0Em81IE4Z0oUnD8WL59QAIzcthgzv3STIAyEEFaFi
jN4fgJgfqhEpRrqTv/mWLIxwvXU9DnqwrEXOf61R9kJfluHuqeIs6s5SWwCTv6Wh
DOiYRME2y1sWC2rn1+HRbzsdNMQHziwatH8I75EsD9YBw/AaKOLD03v/TkoOJ6fP
vbZZ0uyoybyTN8dnvp6Rn/UftPECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR80/i1
q2XpLjKeCaPjOxGFix6GPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQAhkE5CvW3CucU9wFtfvx2ajVHrNb2klBONB+Hc+RPn
rlBLrQrz1Vkdw2WBF7WfMMlBHCieiaoJXTEhIqdbSrJKHOhUm5hB2tt5tk0gzw3d
iAQl+bjY5rA4OFfQC9NlQWnzfYRfjGx39+zwhnFCxQRE29wFiGwH/0HTZTCg87xq
9q/LPUxQnvnjfBFB2wmDGBOFqvjN+JIt1DZuP9OF+XkUmcgv8DQ7fNbLTydvaBuU
hJLxu2QeLsZsc4B9hvxi7HXT2ns2B3Q4zjuNJnbs/wch2VZEISwwr+CwV0erMKDd
g0R7aWR9zb7B0tXMGf4UUB3bQvD+bB7lKoWONYvvgGqm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net