Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
File: 1d757286-8eda-42c2-aecf-19a8c013dc64.roa (raw, json)
Hash identifier: 0wm+mtHS6odgYKikTeTTV/v1cmpETm3dkDah4xOyZDU=
Subject key identifier: 90:02:7F:B3:4A:FF:D4:A2:55:D3:77:29:B6:6D:F5:0F:65:97:9A:14
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 74BA550B12408E0B4789FB9B16F7353E1DD7DB25
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
Signing time: Sat 05 Apr 2025 00:21:19 +0000
ROA not before: Sat 05 Apr 2025 00:21:19 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:ba:55:0b:12:40:8e:0b:47:89:fb:9b:16:f7:35:3e:1d:d7:db:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:21:19 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=bd27e31b1dd66b2dcb52e737623bbb055b9ee8181a0a53bec2d27b26a84e224f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:20:7d:e4:80:5a:ad:b4:09:d5:26:d9:55:b3:
34:ee:e7:39:63:79:06:8d:e5:72:dc:ca:0c:6a:5a:
59:50:e1:8e:0f:4b:bd:98:6d:64:45:24:1f:ed:24:
dd:b1:5b:98:23:86:a1:8b:b0:88:17:aa:67:d7:6b:
b0:8b:2d:52:1f:7a:d1:b3:3b:ed:d9:bb:df:67:02:
fd:f8:bd:c9:35:69:a0:0e:58:a1:c8:50:0f:50:33:
25:cc:c0:43:0e:5d:db:51:61:e3:5a:9a:d8:4e:dc:
fc:3c:07:37:f3:71:37:48:7f:91:24:9b:84:f2:73:
1a:b4:a9:9e:df:44:42:5a:dd:8d:02:19:db:16:9f:
d6:ed:b7:6e:7c:76:f7:04:16:8f:b2:0a:ec:94:d4:
09:33:a7:1f:8f:56:cd:71:1a:40:e6:23:75:55:dd:
a5:b2:11:73:e3:99:58:0f:15:51:77:03:ce:96:7f:
f4:2a:01:a4:32:d4:bc:38:2f:dc:c1:2d:61:c5:2e:
8a:62:47:1a:33:79:19:5e:22:d3:3f:7a:c0:1a:eb:
04:ea:68:7f:70:ea:f9:26:3d:42:25:c6:86:01:f0:
7b:dc:8d:9e:37:50:51:4e:88:12:46:f3:4e:b1:72:
e7:de:29:4b:d9:1c:9f:bf:c5:1a:d2:cb:89:07:66:
de:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:02:7F:B3:4A:FF:D4:A2:55:D3:77:29:B6:6D:F5:0F:65:97:9A:14
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8400::/38
Signature Algorithm: sha256WithRSAEncryption
3c:61:9f:2e:dc:b3:4b:2a:09:d5:f8:88:a2:09:a2:16:b2:3b:
c8:da:1f:b3:a9:33:fd:f9:52:5e:f4:fa:6b:c6:a3:50:85:54:
6b:ec:22:b3:6c:51:39:e4:f3:ff:3d:19:fa:f3:e8:b9:b3:3a:
48:8c:f3:6f:47:e7:ce:05:e5:6d:9a:7b:a6:e0:08:ff:ad:15:
07:ae:52:00:a1:d2:0e:a1:69:47:37:b9:ea:8f:7b:12:e5:e9:
17:1c:12:e7:38:83:35:c7:c6:51:75:a0:af:a0:9b:f1:14:76:
0b:99:b4:dd:01:9c:36:5f:e3:9a:80:42:96:f7:5e:b0:16:ce:
ec:09:9f:06:5c:56:4c:51:f7:62:e9:11:af:25:a2:73:ff:80:
1a:e7:a0:e6:0b:9e:32:28:86:bb:f7:0c:fc:f3:5d:15:3b:bd:
0c:ea:f2:8b:b1:19:e6:04:bb:f1:9d:72:da:7b:b1:37:0d:52:
c4:ae:ed:09:07:22:a0:b8:8a:09:52:b5:64:2f:64:a6:e5:45:
0a:57:6f:12:c8:55:6c:75:d0:d0:2b:c0:29:d5:0a:0a:0d:97:
55:2a:ae:28:da:ba:03:3f:3e:3c:1a:ee:b7:d5:3f:88:07:c8:
c2:9e:b1:96:53:44:52:8c:d3:03:4a:06:e6:93:cc:f7:80:70:
6c:fb:de:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdLpVCxJAjgtHifubFvc1Ph3X2yUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIxMTlaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMjdlMzFiMWRkNjZiMmRjYjUyZTczNzYyM2JiYjA1NWI5ZWU4MTgxYTBh
NTNiZWMyZDI3YjI2YTg0ZTIyNGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIgfeSAWq20CdUm2VWzNO7nOWN5Bo3lctzKDGpaWVDhjg9LvZhtZEUkH+0k
3bFbmCOGoYuwiBeqZ9drsIstUh960bM77dm732cC/fi9yTVpoA5YochQD1AzJczA
Qw5d21Fh41qa2E7c/DwHN/NxN0h/kSSbhPJzGrSpnt9EQlrdjQIZ2xaf1u23bnx2
9wQWj7IK7JTUCTOnH49WzXEaQOYjdVXdpbIRc+OZWA8VUXcDzpZ/9CoBpDLUvDgv
3MEtYcUuimJHGjN5GV4i0z96wBrrBOpof3Dq+SY9QiXGhgHwe9yNnjdQUU6IEkbz
TrFy594pS9kcn7/FGtLLiQdm3v8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQAn+z
Sv/UolXTdym2bfUPZZeaFDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWQ3NTcyODYtOGVkYS00MmMyLWFlY2YtMTlhOGMwMTNkYzY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GE
MA0GCSqGSIb3DQEBCwUAA4IBAQA8YZ8u3LNLKgnV+IiiCaIWsjvI2h+zqTP9+VJe
9PprxqNQhVRr7CKzbFE55PP/PRn68+i5szpIjPNvR+fOBeVtmnum4Aj/rRUHrlIA
odIOoWlHN7nqj3sS5ekXHBLnOIM1x8ZRdaCvoJvxFHYLmbTdAZw2X+OagEKW916w
Fs7sCZ8GXFZMUfdi6RGvJaJz/4Aa56DmC54yKIa79wz8810VO70M6vKLsRnmBLvx
nXLae7E3DVLEru0JByKguIoJUrVkL2Sm5UUKV28SyFVsddDQK8Ap1QoKDZdVKq4o
2roDPz48Gu631T+IB8jCnrGWU0RSjNMDSgbmk8z3gHBs+961
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net