Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: GVR197FMFysT2XKjcqWA/YafbkYTmYBhBbe3EouzTJA=
Subject key identifier: 3C:17:5B:DD:E8:28:17:F2:8E:B3:24:0B:13:05:89:8C:3A:95:46:85
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7E39DD6E6538043471359E9A55CCBFAAAC78138E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Sat 05 Apr 2025 00:20:41 +0000
ROA not before: Sat 05 Apr 2025 00:20:41 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:39:dd:6e:65:38:04:34:71:35:9e:9a:55:cc:bf:aa:ac:78:13:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:20:41 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=f0f194e841814b6b2901dcb62f2c680eeb21cf95c8db90d679b7d7ea0231b997, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5c:8d:a2:4e:56:fa:75:fc:fb:3e:7b:65:8f:
27:13:4b:2e:20:a5:2f:bd:c4:55:a8:f6:db:cf:24:
d2:18:fb:e3:2e:c8:a4:bc:9e:01:e6:51:e5:cc:cd:
ac:42:e7:97:7f:48:77:47:a5:2f:67:d6:8f:1f:9f:
5a:a0:59:68:fe:d0:b8:b4:0f:0b:00:23:4f:c8:b8:
ba:81:82:87:ad:e2:f9:a8:f9:e4:ee:f1:38:66:d4:
35:ef:b1:e2:c6:7c:4c:30:82:50:fd:0c:1c:23:b5:
5a:4a:b8:3c:77:b0:62:80:f1:47:02:5d:98:04:38:
76:11:8e:7e:6e:ce:68:b2:9b:39:0f:40:ea:92:3c:
d6:1b:13:ba:71:45:3b:bd:4c:7d:f2:1a:4c:de:08:
76:b9:ed:50:23:32:93:87:f0:5b:a4:48:5f:d1:28:
8d:00:0f:06:c0:81:b3:bc:3b:78:32:3c:c0:fb:eb:
37:63:0e:98:06:28:e9:b5:3d:ed:b6:90:4d:3d:89:
e6:5a:2b:44:9f:b7:7b:bd:c7:63:6b:55:9e:4a:77:
be:45:99:ca:9e:04:3a:b2:ee:46:5b:a6:fd:a3:c0:
33:4b:c4:04:3d:f8:07:81:86:2e:e3:ee:5b:3a:b4:
57:c8:b2:d2:76:40:2d:4d:91:29:7d:a5:c2:c1:14:
a8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:17:5B:DD:E8:28:17:F2:8E:B3:24:0B:13:05:89:8C:3A:95:46:85
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
49:28:95:b2:c0:24:9d:56:4c:07:55:e7:54:4d:ff:b7:69:e6:
7f:f8:be:6e:5e:4c:e6:79:98:c5:b3:14:cf:8c:e4:cc:29:9a:
93:02:8a:32:74:08:f3:0b:e5:03:d9:0b:6c:62:cb:59:cd:4e:
4c:97:b2:8b:34:42:2b:0d:e3:e9:da:33:2f:65:fe:c6:cb:e8:
29:1b:39:1a:bb:82:c8:b9:b8:fe:81:a7:a5:3d:31:4e:17:d9:
0d:61:0c:e3:da:8a:2e:cd:bd:de:8e:04:ec:72:e7:2d:2c:52:
13:c2:e4:10:e5:0f:15:ff:9d:6e:61:7b:51:d6:c7:de:19:5b:
b6:96:52:2b:d9:4d:85:02:2c:0b:8a:35:41:9f:2b:e7:d8:23:
20:f6:4b:97:1f:ab:a7:cc:5b:48:ef:6c:e0:41:ec:2e:24:5b:
66:3f:f0:e5:f6:d2:05:bf:a5:f7:21:42:73:ab:58:f7:42:24:
a2:cc:8d:e1:60:7b:97:ed:6b:e5:bd:0c:2d:3b:48:75:5f:f9:
63:f7:15:52:5a:e8:2d:49:88:c6:e2:8e:a5:db:79:58:a3:26:
e1:af:8b:e4:f3:53:b8:4e:d3:1e:a5:e1:f8:a1:aa:60:c4:e5:
75:e3:53:f3:be:24:c9:c8:5c:f0:ba:56:a3:2a:50:89:09:4a:
59:af:16:38
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfjndbmU4BDRxNZ6aVcy/qqx4E44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIwNDFaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZjE5NGU4NDE4MTRiNmIyOTAxZGNiNjJmMmM2ODBlZWIyMWNmOTVjOGRi
OTBkNjc5YjdkN2VhMDIzMWI5OTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxcjaJOVvp1/Ps+e2WPJxNLLiClL73EVaj2288k0hj74y7IpLyeAeZR5czN
rELnl39Id0elL2fWjx+fWqBZaP7QuLQPCwAjT8i4uoGCh63i+aj55O7xOGbUNe+x
4sZ8TDCCUP0MHCO1Wkq4PHewYoDxRwJdmAQ4dhGOfm7OaLKbOQ9A6pI81hsTunFF
O71MffIaTN4IdrntUCMyk4fwW6RIX9EojQAPBsCBs7w7eDI8wPvrN2MOmAYo6bU9
7baQTT2J5lorRJ+3e73HY2tVnkp3vkWZyp4EOrLuRlum/aPAM0vEBD34B4GGLuPu
Wzq0V8iy0nZALU2RKX2lwsEUqNsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ8F1vd
6CgX8o6zJAsTBYmMOpVGhTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBAEkolbLAJJ1WTAdV51RN/7dp5n/4vm5eTOZ5mMWz
FM+M5MwpmpMCijJ0CPML5QPZC2xiy1nNTkyXsos0QisN4+naMy9l/sbL6CkbORq7
gsi5uP6Bp6U9MU4X2Q1hDOPaii7Nvd6OBOxy5y0sUhPC5BDlDxX/nW5he1HWx94Z
W7aWUivZTYUCLAuKNUGfK+fYIyD2S5cfq6fMW0jvbOBB7C4kW2Y/8OX20gW/pfch
QnOrWPdCJKLMjeFge5fta+W9DC07SHVf+WP3FVJa6C1JiMbijqXbeVijJuGvi+Tz
U7hO0x6l4fihqmDE5XXjU/O+JMnIXPC6VqMqUIkJSlmvFjg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net