Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: TX8WfoHJFMxl2Gry/kkTxUUuTWhT8ijPVo22lTPCaek=
Subject key identifier: D3:23:95:DB:B9:80:70:3D:20:72:24:61:AE:D2:77:18:FD:38:C4:C1
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 627BA3B295B44E8A604A3A60590956E59DB4059F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Sat 05 Apr 2025 00:21:00 +0000
ROA not before: Sat 05 Apr 2025 00:21:00 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:7b:a3:b2:95:b4:4e:8a:60:4a:3a:60:59:09:56:e5:9d:b4:05:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:21:00 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=b460edc28ff61b37cb3d7832d3626ec18d47f0b718aaa78fa1455f61b04ee822, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:26:53:04:98:79:f6:54:bb:70:57:b4:a0:c4:
00:34:d4:15:47:b1:65:e9:3d:e4:70:ca:6b:42:89:
c9:f7:0f:9b:a5:e6:00:41:8b:12:2a:d5:a6:a5:e1:
a0:be:3b:46:15:84:05:a6:1e:b1:c1:bd:26:a7:16:
b3:9f:86:ef:fc:62:ed:5d:73:52:db:fa:e0:b8:64:
51:12:63:5d:03:e4:c3:65:de:c2:42:51:9e:6e:bb:
aa:51:52:59:b6:b0:b4:b4:27:08:1d:4c:a1:d6:0b:
83:4e:eb:b3:14:6f:46:13:93:ef:e6:bd:fa:bd:60:
01:56:71:ec:50:30:75:b4:ee:ea:85:8f:8c:ef:24:
b4:65:76:1e:cc:55:fc:f6:e0:12:21:24:62:48:87:
06:93:54:8c:d5:1b:40:e8:ac:33:b7:8b:d0:a4:80:
0b:17:3d:b1:d1:53:67:1a:30:a7:73:39:f1:3a:b9:
4e:74:f0:f3:b4:59:f1:02:e3:7f:0f:c9:e2:2b:98:
c6:1d:67:f2:43:85:3f:0a:be:85:86:87:a1:67:8a:
d4:bb:12:cf:46:ee:8c:7c:aa:27:26:61:91:bc:fb:
ae:c4:a3:62:43:e1:fb:b8:66:e7:0e:71:86:31:e6:
a9:1c:7d:46:23:96:f8:dd:e7:56:f6:44:31:54:76:
a1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:23:95:DB:B9:80:70:3D:20:72:24:61:AE:D2:77:18:FD:38:C4:C1
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
72:21:d4:32:ac:73:2a:95:e6:12:ce:88:6a:9c:18:8b:e5:1e:
89:cd:b9:4c:9d:a7:1d:e3:ad:13:c6:30:cf:5d:95:28:cc:f9:
98:f6:73:1b:02:21:42:39:84:21:f5:ca:46:fb:09:e2:0c:b9:
1d:16:ce:a4:51:0a:0d:00:e4:43:59:c7:f9:a8:76:16:51:14:
f9:7e:1b:4e:17:d2:73:b4:f1:ab:fc:aa:ad:21:f8:76:b6:ca:
16:36:d8:8c:dc:1a:3d:ed:71:52:11:e9:dc:d6:ac:a2:97:eb:
5a:9a:4a:14:ed:87:dd:58:b0:86:5b:5f:c2:6d:bf:9f:59:68:
f5:89:0e:1a:1e:b7:f9:3c:87:cf:d1:49:01:c6:5a:c9:30:4d:
99:a6:20:23:5c:81:36:46:92:a5:ff:ab:b1:b4:1a:09:90:6a:
36:ff:00:25:f0:33:75:dc:e4:fd:22:70:b8:5e:47:10:de:be:
a7:6f:49:6e:54:7d:a2:66:ea:1e:22:49:9d:06:9b:4d:97:cc:
81:a5:3a:a2:38:58:4c:fd:d1:a1:c4:83:98:87:34:da:e6:71:
da:c5:52:9c:15:c1:52:c4:37:f2:00:fa:5d:09:3c:53:1b:36:
3a:3a:01:d5:aa:0e:63:bd:12:e6:26:6a:5b:8c:18:81:51:fd:
a4:d2:a3:a8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUYnujspW0TopgSjpgWQlW5Z20BZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIxMDBaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NjBlZGMyOGZmNjFiMzdjYjNkNzgzMmQzNjI2ZWMxOGQ0N2YwYjcxOGFh
YTc4ZmExNDU1ZjYxYjA0ZWU4MjIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANomUwSYefZUu3BXtKDEADTUFUexZek95HDKa0KJyfcPm6XmAEGLEirVpqXh
oL47RhWEBaYescG9JqcWs5+G7/xi7V1zUtv64LhkURJjXQPkw2XewkJRnm67qlFS
WbawtLQnCB1ModYLg07rsxRvRhOT7+a9+r1gAVZx7FAwdbTu6oWPjO8ktGV2HsxV
/PbgEiEkYkiHBpNUjNUbQOisM7eL0KSACxc9sdFTZxowp3M58Tq5TnTw87RZ8QLj
fw/J4iuYxh1n8kOFPwq+hYaHoWeK1LsSz0bujHyqJyZhkbz7rsSjYkPh+7hm5w5x
hjHmqRx9RiOW+N3nVvZEMVR2oZMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTTI5Xb
uYBwPSByJGGu0ncY/TjEwTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAHIh1DKscyqV5hLOiGqcGIvlHonNuUydpx3jrRPG
MM9dlSjM+Zj2cxsCIUI5hCH1ykb7CeIMuR0WzqRRCg0A5ENZx/modhZRFPl+G04X
0nO08av8qq0h+Ha2yhY22IzcGj3tcVIR6dzWrKKX61qaShTth91YsIZbX8Jtv59Z
aPWJDhoet/k8h8/RSQHGWskwTZmmICNcgTZGkqX/q7G0GgmQajb/ACXwM3Xc5P0i
cLheRxDevqdvSW5UfaJm6h4iSZ0Gm02XzIGlOqI4WEz90aHEg5iHNNrmcdrFUpwV
wVLEN/IA+l0JPFMbNjo6AdWqDmO9EuYmaluMGIFR/aTSo6g=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net