Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: jSDxo6AO51HISYVaFotrhxgxFSbC477a3v99WD0SaII=
Subject key identifier: E7:E5:14:02:4D:9B:E7:1C:FA:0D:1A:6E:44:98:92:47:61:DA:44:26
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 61E4DF2E52D376AB119CA4C97C7FAEC2E174EB3F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Sat 05 Apr 2025 00:11:04 +0000
ROA not before: Sat 05 Apr 2025 00:11:04 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:e4:df:2e:52:d3:76:ab:11:9c:a4:c9:7c:7f:ae:c2:e1:74:eb:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:11:04 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=4770eea233ed1233fe12cd8f15f1a750971aaa11f07c0456b26a346560084a9c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:28:0a:6d:4c:32:cd:3e:84:f5:f8:f0:43:0e:
f8:31:8d:07:2c:43:94:88:1a:bb:12:86:4f:79:32:
d3:36:11:d3:da:81:b7:cb:3c:dd:70:b6:61:7c:57:
7b:d9:58:16:8e:27:7d:6e:4a:39:76:c9:6a:b8:4a:
57:43:fa:45:ab:f6:17:01:21:b4:fe:f7:70:a5:22:
df:d4:d6:76:98:a8:8d:99:5e:d5:e3:80:75:5d:31:
4d:b4:6c:80:d5:9a:88:d8:b4:f1:c1:63:91:29:f0:
21:c3:95:18:32:be:df:99:42:b6:42:4e:3d:e4:64:
e0:92:99:f9:1b:ed:77:75:80:f8:f5:d8:5a:67:71:
40:b6:cd:eb:96:4a:21:64:e8:01:02:ce:c7:e6:d6:
09:fa:c7:74:82:b3:3e:40:b8:27:af:d2:56:f8:17:
83:f5:f2:db:fe:97:21:67:c3:a4:fa:e0:27:e7:a5:
11:d2:2a:f7:91:82:fc:07:34:f7:2a:b6:c2:b0:90:
37:cd:85:22:ed:f9:c0:f3:a7:a9:6b:e2:62:dc:57:
74:34:f8:42:b1:e6:ea:25:06:20:63:4b:00:67:01:
df:15:bd:bf:8f:ca:f4:24:53:a9:57:9a:a8:0a:1f:
12:a2:8f:e4:2f:95:06:67:ef:a4:38:35:83:cc:0f:
d7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E5:14:02:4D:9B:E7:1C:FA:0D:1A:6E:44:98:92:47:61:DA:44:26
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
14:e1:50:c3:f8:1a:56:fb:a8:68:22:ab:df:2d:c4:32:2d:3a:
68:10:a5:dc:d5:f8:52:3d:4e:e6:2d:80:20:e2:3d:d2:2f:54:
8b:75:53:89:37:d6:f7:b2:af:11:63:3c:00:5a:01:10:5e:26:
97:1f:ae:f4:17:d4:22:e2:33:c8:47:f5:89:ff:75:87:44:ab:
34:5a:a1:d0:7a:39:c3:ad:e0:dc:58:ab:3e:25:86:2c:f8:b0:
1b:04:86:4e:bb:d8:54:d8:e5:82:8d:66:7d:53:e4:5f:23:d4:
2a:36:22:c0:31:4e:ca:e0:6f:10:f2:55:e9:7e:46:a0:71:c8:
e3:78:37:c5:28:5b:76:51:2c:19:3e:5f:63:1b:3c:5f:98:3e:
b4:ab:95:f1:b8:19:98:48:2a:6e:26:4c:77:11:e0:46:86:e4:
c3:38:1c:fd:63:94:36:3c:0b:7d:ab:d9:cb:e5:f8:2b:f3:60:
98:78:63:dc:a3:79:cc:65:c1:aa:be:10:2b:92:0a:eb:15:07:
f5:6e:24:55:ec:b3:a2:33:56:d6:8f:23:b9:25:73:bb:7d:44:
40:71:43:be:ec:c1:a8:93:b6:45:74:9b:8b:89:10:3e:d5:08:
03:84:cf:d2:fc:cc:1e:3e:94:59:81:e8:10:ff:4b:a8:2d:bf:
af:d0:a9:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYeTfLlLTdqsRnKTJfH+uwuF06z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDExMDRaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NzBlZWEyMzNlZDEyMzNmZTEyY2Q4ZjE1ZjFhNzUwOTcxYWFhMTFmMDdj
MDQ1NmIyNmEzNDY1NjAwODRhOWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0oCm1MMs0+hPX48EMO+DGNByxDlIgauxKGT3ky0zYR09qBt8s83XC2YXxX
e9lYFo4nfW5KOXbJarhKV0P6Rav2FwEhtP73cKUi39TWdpiojZle1eOAdV0xTbRs
gNWaiNi08cFjkSnwIcOVGDK+35lCtkJOPeRk4JKZ+Rvtd3WA+PXYWmdxQLbN65ZK
IWToAQLOx+bWCfrHdIKzPkC4J6/SVvgXg/Xy2/6XIWfDpPrgJ+elEdIq95GC/Ac0
9yq2wrCQN82FIu35wPOnqWviYtxXdDT4QrHm6iUGIGNLAGcB3xW9v4/K9CRTqVea
qAofEqKP5C+VBmfvpDg1g8wP1y8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTn5RQC
TZvnHPoNGm5EmJJHYdpEJjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQAU4VDD+BpW+6hoIqvfLcQyLTpoEKXc1fhSPU7m
LYAg4j3SL1SLdVOJN9b3sq8RYzwAWgEQXiaXH670F9Qi4jPIR/WJ/3WHRKs0WqHQ
ejnDreDcWKs+JYYs+LAbBIZOu9hU2OWCjWZ9U+RfI9QqNiLAMU7K4G8Q8lXpfkag
ccjjeDfFKFt2USwZPl9jGzxfmD60q5XxuBmYSCpuJkx3EeBGhuTDOBz9Y5Q2PAt9
q9nL5fgr82CYeGPco3nMZcGqvhArkgrrFQf1biRV7LOiM1bWjyO5JXO7fURAcUO+
7MGok7ZFdJuLiRA+1QgDhM/S/MwePpRZgegQ/0uoLb+v0Km2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net