Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
File: 0869fd21-e07d-44bc-b068-73be998c5028.roa (raw, json)
Hash identifier: NNiNuwuXvm7UCqGqA5dNt8Fvak+B7mwiEyL8qfPUTrQ=
Subject key identifier: B9:1A:1A:D9:48:AC:D8:2A:25:54:66:B8:12:DD:48:04:46:3C:2E:18
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5ECB6DB43E48AF483DE6B2FB1E076C022778CAA9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
Signing time: Sat 05 Apr 2025 00:11:06 +0000
ROA not before: Sat 05 Apr 2025 00:11:06 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:cb:6d:b4:3e:48:af:48:3d:e6:b2:fb:1e:07:6c:02:27:78:ca:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:11:06 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=9925843318aa34ccdb724fd479ebab234718af630241db894cfde3c346c922a8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:af:09:61:c1:46:0e:1f:9d:9f:5c:82:da:39:
52:b1:67:9c:f6:f1:1f:0f:f7:c5:6a:51:07:0a:8f:
fb:0c:99:36:16:1e:c9:47:30:c4:56:b8:87:63:5d:
b4:f7:91:83:4f:d7:97:38:1f:b3:11:d7:f7:73:d9:
bd:43:f9:34:f0:87:32:28:2a:fd:ff:bc:2b:b2:99:
77:89:28:6d:0c:2f:f1:a6:d0:87:63:01:7c:03:3c:
d5:7b:b5:37:f2:ac:53:93:0e:60:98:03:52:8a:a8:
1a:05:de:5e:27:58:63:d9:1b:22:1f:9f:30:05:db:
9a:5b:5a:1f:1e:6f:bd:cf:7c:b4:cc:43:c1:6c:c3:
31:ef:1b:53:f7:93:ce:5a:1e:77:a3:9d:3c:c8:ec:
4e:60:dd:24:e0:b7:33:f8:e6:2e:36:41:43:3d:43:
a6:d0:3c:44:24:bc:39:25:16:08:a4:78:4f:a8:00:
bd:26:94:ce:c1:de:0b:ca:a3:15:da:aa:7d:17:2a:
77:2d:0c:c6:01:dd:e5:0a:6c:a8:ce:7b:88:de:3a:
c8:36:8a:64:69:34:92:74:56:67:20:4c:6c:98:cf:
76:b0:89:27:ae:ce:83:55:fb:cb:cf:0a:08:fb:4e:
c4:5f:d3:77:02:cd:03:eb:ff:46:0c:da:02:2b:c6:
44:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1A:1A:D9:48:AC:D8:2A:25:54:66:B8:12:DD:48:04:46:3C:2E:18
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f800::/40
Signature Algorithm: sha256WithRSAEncryption
a4:be:02:fd:4c:92:b7:4b:fd:e7:8e:eb:68:b4:db:52:a8:b6:
f5:ff:c4:59:6f:a4:92:a2:8c:99:c6:5c:36:ca:25:94:e4:51:
11:df:7a:bd:bf:e6:18:22:9f:fe:7c:da:43:d0:f5:6d:86:b7:
03:d7:30:78:5b:83:da:a3:51:be:30:f8:66:d7:bf:0f:d7:cf:
1d:a6:67:e0:8c:34:95:6c:84:13:44:39:28:70:7d:e4:df:20:
92:a5:d0:9f:b5:21:79:1b:2a:f2:08:06:f3:2c:cd:90:35:2d:
c8:57:c0:eb:60:bc:96:1c:ef:51:36:c5:32:d3:79:58:9b:d8:
e0:69:7d:cc:21:9a:4b:ce:0e:ae:14:cc:16:6f:fc:bd:ca:f9:
8a:b6:88:2b:12:7e:b9:fd:91:f2:47:48:ad:94:b5:b6:47:c3:
2a:a3:6f:08:49:64:bf:60:bc:2d:78:51:1e:09:98:d9:5a:94:
c4:76:61:db:d0:c9:67:64:70:55:7f:4f:f8:ca:61:83:00:ad:
52:96:88:dd:88:8f:d6:b2:04:8b:68:56:59:f3:3d:d4:f3:74:
d8:2b:75:8b:bf:4c:e8:54:3c:e5:86:36:8b:98:69:b8:39:f6:
67:b8:8a:f8:d3:df:d9:6f:1b:05:b2:2a:63:33:1c:f1:bf:40:
63:df:67:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXstttD5Ir0g95rL7HgdsAid4yqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDExMDZaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5MjU4NDMzMThhYTM0Y2NkYjcyNGZkNDc5ZWJhYjIzNDcxOGFmNjMwMjQx
ZGI4OTRjZmRlM2MzNDZjOTIyYTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmvCWHBRg4fnZ9cgto5UrFnnPbxHw/3xWpRBwqP+wyZNhYeyUcwxFa4h2Nd
tPeRg0/XlzgfsxHX93PZvUP5NPCHMigq/f+8K7KZd4kobQwv8abQh2MBfAM81Xu1
N/KsU5MOYJgDUoqoGgXeXidYY9kbIh+fMAXbmltaHx5vvc98tMxDwWzDMe8bU/eT
zloed6OdPMjsTmDdJOC3M/jmLjZBQz1DptA8RCS8OSUWCKR4T6gAvSaUzsHeC8qj
FdqqfRcqdy0MxgHd5QpsqM57iN46yDaKZGk0knRWZyBMbJjPdrCJJ67Og1X7y88K
CPtOxF/TdwLNA+v/RgzaAivGRNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5GhrZ
SKzYKiVUZrgS3UgERjwuGDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDg2OWZkMjEtZTA3ZC00NGJjLWIwNjgtNzNiZTk5OGM1MDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4
MA0GCSqGSIb3DQEBCwUAA4IBAQCkvgL9TJK3S/3njutotNtSqLb1/8RZb6SSooyZ
xlw2yiWU5FER33q9v+YYIp/+fNpD0PVthrcD1zB4W4Pao1G+MPhm178P188dpmfg
jDSVbIQTRDkocH3k3yCSpdCftSF5GyryCAbzLM2QNS3IV8DrYLyWHO9RNsUy03lY
m9jgaX3MIZpLzg6uFMwWb/y9yvmKtogrEn65/ZHyR0itlLW2R8Mqo28ISWS/YLwt
eFEeCZjZWpTEdmHb0MlnZHBVf0/4ymGDAK1SlojdiI/WsgSLaFZZ8z3U83TYK3WL
v0zoVDzlhjaLmGm4OfZnuIr409/ZbxsFsipjMxzxv0Bj32ft
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net