Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: CrMYcrdSsvNlULyzGSeMqaQDPlDxbCusFyx+cyR1PxY=
Subject key identifier: E7:FE:CF:8B:FA:93:09:32:2A:3D:55:F9:B0:78:96:7A:9A:60:01:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60E8CBD85CB8BAC9F156E93DD48F6AEE8A0F5151
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Mon 31 Mar 2025 21:30:45 +0000
ROA not before: Mon 31 Mar 2025 21:30:45 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:e8:cb:d8:5c:b8:ba:c9:f1:56:e9:3d:d4:8f:6a:ee:8a:0f:51:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:30:45 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a991cd12f4dbf0cfe67b5b02f12459bdf01737d5e6170216576b46f398a3d43f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:dc:29:ae:8f:33:21:79:12:d7:cd:2b:d1:
ec:cf:0e:38:8f:b4:a0:f5:2f:21:b0:77:50:ea:4c:
47:33:de:a7:ff:91:18:54:71:58:8d:31:a7:f0:41:
04:26:69:4f:d9:f4:7b:5f:ed:ac:da:87:ed:91:7e:
e6:ae:6b:f7:18:75:65:e9:cb:a5:c5:3e:4f:76:2a:
f1:a2:07:34:92:56:ed:c0:4f:7b:5b:8c:87:f6:f4:
59:bd:49:7d:7f:20:60:4f:21:c6:61:7d:d2:56:4f:
e6:22:ab:19:3a:8f:84:9c:f7:b5:b4:c2:00:78:87:
49:a9:72:b5:4a:b6:62:31:22:b3:a5:4f:f3:28:60:
88:e6:58:41:5e:b1:ea:03:ab:b4:bf:e7:ae:8c:f4:
2f:18:f5:74:5e:8e:61:1f:4d:09:32:c4:42:43:fd:
97:25:03:8c:74:41:c7:4d:54:8f:be:85:a0:56:97:
14:da:45:13:51:5d:92:95:3a:7e:e0:1a:79:59:00:
ac:c3:11:67:f1:09:03:2d:ff:7f:a5:2c:bf:8c:5a:
b2:87:6d:52:20:fe:40:68:7d:1a:f9:74:b5:d2:a3:
99:a5:ad:af:da:73:2d:2a:e6:0e:a7:b7:9f:9e:8f:
71:7f:8a:3d:02:77:e5:aa:1c:5f:60:0f:dd:a7:da:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FE:CF:8B:FA:93:09:32:2A:3D:55:F9:B0:78:96:7A:9A:60:01:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3a:91:57:4a:d8:97:70:ac:d9:d6:a9:09:6a:03:4f:e3:3c:2d:
c4:ca:0e:20:77:ea:39:43:b1:2a:84:ab:e6:89:f3:a8:33:60:
d3:48:73:ca:a9:be:fc:98:e9:26:5a:fd:3d:85:b2:0a:06:bf:
66:4b:7c:ec:65:fa:d6:14:dc:0c:4e:d4:37:49:51:0b:5b:86:
df:90:00:c6:31:4d:a4:ce:84:23:f1:a5:f6:47:cb:29:d8:ac:
91:1f:44:9a:ba:15:cd:59:47:1d:96:2a:d8:3d:fa:cd:14:48:
3d:9f:05:c3:54:66:f2:3e:c8:2a:dd:98:34:61:3c:44:ed:35:
c7:37:90:27:e4:59:cd:9a:19:a7:b1:9b:0d:8e:eb:9c:e5:43:
62:17:af:46:fd:28:3f:ae:53:36:00:58:75:fb:7e:33:d5:c3:
d7:d8:27:a8:5c:86:58:f8:f8:55:84:88:9d:54:54:33:e9:d9:
a9:85:59:1a:b9:8a:42:42:8b:82:36:42:7f:25:e9:ed:87:37:
7c:91:dc:d2:88:a9:cb:0d:e5:5e:e4:de:ed:82:c0:ce:e2:c3:
60:9b:a8:cc:8b:91:fe:91:1c:62:3e:33:f6:69:8d:54:cb:cb:
57:a4:ac:d7:9f:ce:15:c3:ac:f4:65:7a:04:fb:5c:bb:99:f2:
58:30:94:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYOjL2Fy4usnxVuk91I9q7ooPUVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMwNDVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5OTFjZDEyZjRkYmYwY2ZlNjdiNWIwMmYxMjQ1OWJkZjAxNzM3ZDVlNjE3
MDIxNjU3NmI0NmYzOThhM2Q0M2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1G3CmujzMheRLXzSvR7M8OOI+0oPUvIbB3UOpMRzPep/+RGFRxWI0xp/BB
BCZpT9n0e1/trNqH7ZF+5q5r9xh1ZenLpcU+T3Yq8aIHNJJW7cBPe1uMh/b0Wb1J
fX8gYE8hxmF90lZP5iKrGTqPhJz3tbTCAHiHSalytUq2YjEis6VP8yhgiOZYQV6x
6gOrtL/nroz0Lxj1dF6OYR9NCTLEQkP9lyUDjHRBx01Uj76FoFaXFNpFE1FdkpU6
fuAaeVkArMMRZ/EJAy3/f6Usv4xasodtUiD+QGh9Gvl0tdKjmaWtr9pzLSrmDqe3
n56PcX+KPQJ35aocX2AP3afa6QsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTn/s+L
+pMJMio9VfmweJZ6mmABdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQA6kVdK2JdwrNnWqQlqA0/jPC3Eyg4gd+o5Q7EqhKvm
ifOoM2DTSHPKqb78mOkmWv09hbIKBr9mS3zsZfrWFNwMTtQ3SVELW4bfkADGMU2k
zoQj8aX2R8sp2KyRH0SauhXNWUcdlirYPfrNFEg9nwXDVGbyPsgq3Zg0YTxE7TXH
N5An5FnNmhmnsZsNjuuc5UNiF69G/Sg/rlM2AFh1+34z1cPX2CeoXIZY+PhVhIid
VFQz6dmphVkauYpCQouCNkJ/Jenthzd8kdzSiKnLDeVe5N7tgsDO4sNgm6jMi5H+
kRxiPjP2aY1Uy8tXpKzXn84Vw6z0ZXoE+1y7mfJYMJQ+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net