Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
File: 015f4a0b-cf81-407c-9b60-8f76998937f0.roa (raw, json)
Hash identifier: xp0wvx+CelWxcHjFUPN3WzQ+ixM+JB0ZA1MkXVC6ig8=
Subject key identifier: 38:DD:D4:61:5F:40:B8:FB:50:29:6F:A4:D0:32:F5:75:B4:F8:BE:30
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 71BCF142F68E835C06A9D978ACB244C9D807300B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
Signing time: Sat 05 Apr 2025 00:11:15 +0000
ROA not before: Sat 05 Apr 2025 00:11:15 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:bc:f1:42:f6:8e:83:5c:06:a9:d9:78:ac:b2:44:c9:d8:07:30:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:11:15 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=311ce5526cc8dbd60791ff00485092124301617a2456d1231751ac0251be5ed6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:ac:b2:78:14:f8:1e:f8:e6:2e:06:71:49:
99:32:45:1a:c6:df:03:ca:b0:c3:f4:b9:64:7f:92:
15:98:9b:55:01:12:3b:18:6b:3a:56:58:d7:8f:93:
26:ab:8c:90:0d:b8:99:44:de:e8:fa:7b:89:33:e9:
20:5f:fc:4f:50:d1:8d:0c:11:52:8f:50:5d:16:2e:
84:d4:55:aa:ea:48:e6:b8:7f:57:ab:aa:82:7f:b9:
eb:dd:c6:b6:58:6f:e8:3c:61:d5:54:5c:8d:13:27:
61:30:17:0b:98:d0:99:0a:f2:1a:82:fe:8d:6f:81:
c0:cf:b8:fc:09:a1:9a:6f:5d:32:3f:c8:0b:99:30:
39:69:19:3f:3b:d7:d8:7c:ff:43:b5:f2:2d:1b:47:
b2:3f:19:0b:6c:ee:e4:e9:5b:af:74:28:e0:f4:07:
6d:4f:d9:21:d9:4f:29:0d:8a:94:ac:e9:2e:c1:86:
6c:e9:97:4a:e1:2b:a6:3a:61:3d:d3:25:dd:83:64:
8a:64:f3:d3:37:d3:4e:1e:98:4d:89:73:d5:57:44:
b9:c5:7e:97:8b:17:9e:7e:fa:7b:7a:89:2b:0d:1f:
fa:aa:be:b4:7e:9c:d2:98:fe:b4:81:d5:98:46:8c:
72:f9:2e:be:28:2e:d4:7a:b9:84:3b:b8:40:12:70:
2d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DD:D4:61:5F:40:B8:FB:50:29:6F:A4:D0:32:F5:75:B4:F8:BE:30
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b800::/40
Signature Algorithm: sha256WithRSAEncryption
9c:9f:2a:f3:f0:33:ba:2a:16:e6:e8:1b:62:d0:d4:3c:10:f7:
73:a7:53:24:58:7c:a1:ac:0d:d4:8a:6e:29:f7:1e:3f:89:18:
76:45:65:3d:7c:2b:7a:6b:1c:74:1e:9e:99:82:2e:49:d1:64:
5a:7c:67:c2:78:df:cb:08:a2:59:2e:a9:ee:08:61:80:58:4c:
58:e1:01:ad:78:cd:c6:6f:29:95:0f:ea:aa:ac:58:ac:5c:c3:
5d:74:38:9a:8d:0e:34:fb:a1:24:72:75:20:b3:bd:b0:62:42:
83:f8:66:c1:cb:c6:cb:b0:39:25:46:c6:c5:51:61:90:e4:43:
0b:2d:dd:89:a1:4f:5f:fd:b0:2a:0b:37:92:7e:ad:76:6e:15:
33:63:33:ce:45:d9:20:e2:cf:00:8f:f8:3e:84:66:a0:fb:61:
4e:c2:59:a5:03:56:84:70:a8:22:fa:17:9d:43:f5:9c:6d:30:
51:aa:7d:c0:4e:da:a4:8c:e9:2f:fb:df:56:6c:95:48:ff:16:
1c:fc:01:1a:02:14:f4:1e:1e:b2:ac:49:eb:4a:0d:15:c9:89:
ee:64:dd:f2:96:4a:67:70:4b:8a:9a:d0:c7:7b:37:b0:c9:b5:
ce:ec:be:48:5f:be:28:af:bc:8f:33:f7:0b:c7:b6:fc:a1:53:
36:1e:f1:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcbzxQvaOg1wGqdl4rLJEydgHMAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDExMTVaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMWNlNTUyNmNjOGRiZDYwNzkxZmYwMDQ4NTA5MjEyNDMwMTYxN2EyNDU2
ZDEyMzE3NTFhYzAyNTFiZTVlZDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIWrLJ4FPge+OYuBnFJmTJFGsbfA8qww/S5ZH+SFZibVQESOxhrOlZY14+T
JquMkA24mUTe6Pp7iTPpIF/8T1DRjQwRUo9QXRYuhNRVqupI5rh/V6uqgn+5693G
tlhv6Dxh1VRcjRMnYTAXC5jQmQryGoL+jW+BwM+4/Amhmm9dMj/IC5kwOWkZPzvX
2Hz/Q7XyLRtHsj8ZC2zu5Olbr3Qo4PQHbU/ZIdlPKQ2KlKzpLsGGbOmXSuErpjph
PdMl3YNkimTz0zfTTh6YTYlz1VdEucV+l4sXnn76e3qJKw0f+qq+tH6c0pj+tIHV
mEaMcvkuvigu1Hq5hDu4QBJwLY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ43dRh
X0C4+1Apb6TQMvV1tPi+MDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDE1ZjRhMGItY2Y4MS00MDdjLTliNjAtOGY3Njk5ODkzN2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8e4
MA0GCSqGSIb3DQEBCwUAA4IBAQCcnyrz8DO6Khbm6Bti0NQ8EPdzp1MkWHyhrA3U
im4p9x4/iRh2RWU9fCt6axx0Hp6Zgi5J0WRafGfCeN/LCKJZLqnuCGGAWExY4QGt
eM3GbymVD+qqrFisXMNddDiajQ40+6EkcnUgs72wYkKD+GbBy8bLsDklRsbFUWGQ
5EMLLd2JoU9f/bAqCzeSfq12bhUzYzPORdkg4s8Aj/g+hGag+2FOwlmlA1aEcKgi
+hedQ/WcbTBRqn3ATtqkjOkv+99WbJVI/xYc/AEaAhT0Hh6yrEnrSg0VyYnuZN3y
lkpncEuKmtDHezewybXO7L5IX74or7yPM/cLx7b8oVM2HvED
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net