Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
File: 3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa (raw, json)
Hash identifier: 0Ty035ShM/omAOvLiKYSVlPv1FfSfQX1m0oK32bpAus=
Subject key identifier: FE:61:D7:BE:D1:5F:59:93:46:B1:4F:34:02:B8:DC:01:38:EC:68:3D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5EACD903AB7EFFCF78AFF239C2EE877B74F6EC90
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
Signing time: Sat 05 Apr 2025 00:10:33 +0000
ROA not before: Sat 05 Apr 2025 00:10:33 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ac:d9:03:ab:7e:ff:cf:78:af:f2:39:c2:ee:87:7b:74:f6:ec:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:10:33 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=ea0f2371c997d1c7b237d77f9ca505769e0f20908012f3bc34ab1546833d8e2c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:f5:72:93:86:53:4f:89:1d:e2:d0:00:77:
64:29:d7:cf:50:d3:b3:ee:84:bd:9e:11:6a:fa:94:
09:eb:8e:9e:0a:21:d0:70:df:f3:84:10:cd:12:77:
02:ee:ad:3b:29:10:64:5e:53:a1:a2:c3:0b:30:8f:
fb:b7:e4:a5:8f:ce:a1:9f:04:33:40:25:78:57:a7:
3d:96:20:9d:82:3e:f2:9c:5f:93:66:57:ff:c6:1b:
4b:5e:04:f9:41:f9:fe:fe:a9:d9:b9:9b:28:d4:eb:
da:c7:da:d7:e9:e0:a6:6b:ed:c3:f8:4f:e5:93:9e:
aa:d0:77:3c:5f:33:a1:f4:aa:a3:1a:95:dd:e3:5e:
07:c0:cd:43:f7:ba:dd:28:6f:7f:b5:8d:45:c0:1e:
17:0d:81:a5:d7:0d:c7:20:7b:b9:a1:92:25:ed:c2:
d1:fc:79:70:e9:96:c4:69:ba:e8:2a:1a:c7:8d:54:
83:1d:41:88:15:5a:4f:d2:2b:56:49:25:19:33:cc:
92:52:f0:c6:a0:7a:ba:35:1b:0f:4f:a4:86:01:6d:
f4:52:6a:ac:52:e5:be:d9:c9:dc:68:7c:74:02:5e:
da:dc:1b:7a:08:37:0a:cd:f0:ee:1b:f0:f0:40:0c:
cf:97:4f:1b:7d:fb:30:3d:2f:90:52:17:b8:81:c7:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:61:D7:BE:D1:5F:59:93:46:B1:4F:34:02:B8:DC:01:38:EC:68:3D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5840::/46
Signature Algorithm: sha256WithRSAEncryption
38:52:69:3f:13:31:13:50:c2:93:eb:c0:a1:4e:cf:d5:17:3b:
21:6d:52:be:96:54:50:0e:08:5c:04:dc:1d:96:a9:55:df:81:
df:d6:31:dc:62:17:cd:96:ac:5e:0d:02:ff:3c:5c:8c:54:db:
32:db:c5:e3:1e:15:81:52:89:58:aa:ab:42:2a:d7:c8:90:73:
bf:b8:33:f9:af:ec:fd:6c:a0:62:60:b9:d2:02:4e:06:d3:16:
28:f8:56:32:8c:b4:e7:b3:70:f8:98:05:f0:90:27:b2:cc:8a:
f1:09:69:3c:9f:bb:91:56:0a:69:29:75:89:b9:61:09:84:ec:
ee:7e:90:60:dd:62:c0:0a:e7:b7:9b:2f:82:24:ab:9c:ca:19:
2a:91:47:a1:e6:22:0c:5a:c5:7e:10:41:91:3b:bf:c1:70:e0:
98:42:da:c6:7b:77:b7:8c:ab:69:f6:bf:6c:cf:b1:74:89:81:
f7:fe:d7:60:92:2f:0b:20:64:90:15:2a:06:7e:19:c0:88:e9:
f0:4b:a4:f0:6d:1b:5a:ef:d7:4d:2b:a6:f8:4c:23:a5:a2:c7:
a5:93:1a:ad:f2:54:22:7f:c8:45:dc:d7:b4:95:3e:c9:74:d1:
cb:f1:b8:2e:6b:64:bd:23:89:a9:a3:c5:84:69:63:38:c8:53:
23:ab:ed:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXqzZA6t+/894r/I5wu6He3T27JAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDEwMzNaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMGYyMzcxYzk5N2QxYzdiMjM3ZDc3ZjljYTUwNTc2OWUwZjIwOTA4MDEy
ZjNiYzM0YWIxNTQ2ODMzZDhlMmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW09XKThlNPiR3i0AB3ZCnXz1DTs+6EvZ4RavqUCeuOngoh0HDf84QQzRJ3
Au6tOykQZF5ToaLDCzCP+7fkpY/OoZ8EM0AleFenPZYgnYI+8pxfk2ZX/8YbS14E
+UH5/v6p2bmbKNTr2sfa1+ngpmvtw/hP5ZOeqtB3PF8zofSqoxqV3eNeB8DNQ/e6
3Shvf7WNRcAeFw2BpdcNxyB7uaGSJe3C0fx5cOmWxGm66Coax41Ugx1BiBVaT9Ir
VkklGTPMklLwxqB6ujUbD0+khgFt9FJqrFLlvtnJ3Gh8dAJe2twbegg3Cs3w7hvw
8EAMz5dPG337MD0vkFIXuIHHWXsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+Yde+
0V9Zk0axTzQCuNwBOOxoPTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzcxMDY1NGEtMzhlZS00ZmMyLThmNjgtOTYxMmFiNDViYmMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
QDANBgkqhkiG9w0BAQsFAAOCAQEAOFJpPxMxE1DCk+vAoU7P1Rc7IW1SvpZUUA4I
XATcHZapVd+B39Yx3GIXzZasXg0C/zxcjFTbMtvF4x4VgVKJWKqrQirXyJBzv7gz
+a/s/WygYmC50gJOBtMWKPhWMoy057Nw+JgF8JAnssyK8QlpPJ+7kVYKaSl1iblh
CYTs7n6QYN1iwArnt5svgiSrnMoZKpFHoeYiDFrFfhBBkTu/wXDgmELaxnt3t4yr
afa/bM+xdImB9/7XYJIvCyBkkBUqBn4ZwIjp8Euk8G0bWu/XTSum+EwjpaLHpZMa
rfJUIn/IRdzXtJU+yXTRy/G4LmtkvSOJqaPFhGljOMhTI6vtWQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net