Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: DlVpbZ/AR3VMFVDpfVdo4plwxrw+oN2JUzqkh043omQ=
Subject key identifier: 57:2A:3C:B3:C0:D4:8A:53:53:A0:A7:69:4A:62:4C:36:D7:2B:CC:D7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7D284C4FAB86463B7811585B5346EAE3B89C36AA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Sat 05 Apr 2025 00:20:33 +0000
ROA not before: Sat 05 Apr 2025 00:20:33 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:28:4c:4f:ab:86:46:3b:78:11:58:5b:53:46:ea:e3:b8:9c:36:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:20:33 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=2c764f6b58fcd62889e8e741d1640d62723811c4324265b3949932f88077fbab, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:d6:05:4b:9f:ca:ea:ae:75:33:c9:2e:00:
4c:a7:99:eb:fe:b0:8e:2f:7b:d1:e2:fe:0a:3e:b4:
82:50:f0:41:66:58:27:59:e5:fc:fb:d3:36:a1:fd:
f1:47:71:3f:28:3c:97:1b:5f:c5:b1:fe:26:46:e2:
42:d4:4e:c9:31:76:b6:e6:44:74:8e:e1:38:43:c1:
3d:d7:30:81:0c:8a:74:fc:3f:11:f7:69:46:ee:37:
66:b7:28:aa:77:1c:48:76:a9:7f:36:dc:d8:6c:69:
29:1b:97:8e:1a:f3:4b:27:37:82:89:15:a8:2e:f6:
78:8d:ad:b2:d5:1f:3b:a9:b7:e3:26:3b:93:0b:a1:
96:4a:7e:40:5b:32:52:63:fa:b8:50:44:6a:42:44:
6c:b7:d2:4d:d7:0c:9b:d4:3d:55:f7:f6:76:e5:c6:
3f:84:3a:6e:32:bd:3e:12:df:4f:e7:47:85:02:3c:
60:a9:2c:40:50:1c:cc:4b:20:ef:11:be:03:1d:85:
18:ff:7f:c2:f4:1f:58:ea:1f:95:7f:23:72:4c:88:
bc:31:ea:a1:d2:4a:6b:61:e9:a6:59:fe:85:3f:03:
f4:34:c1:5e:37:fd:f2:85:b7:44:b5:e7:cd:65:af:
6e:68:30:77:f9:3c:5c:a5:5c:5a:db:a3:c2:5d:5e:
ce:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2A:3C:B3:C0:D4:8A:53:53:A0:A7:69:4A:62:4C:36:D7:2B:CC:D7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
33:e1:e6:19:5a:96:4b:9e:0e:27:6d:cb:53:56:7f:b3:fb:e5:
18:0e:c1:19:fe:ea:80:d7:2f:f3:2a:59:0e:30:a4:c9:02:cd:
a7:71:04:2e:35:a1:b3:da:ff:7f:a7:43:4f:f1:ab:ba:ba:41:
1e:e9:bf:81:c0:64:ab:1e:e9:22:45:22:f4:95:7c:85:fe:76:
eb:99:d8:c6:f8:e1:23:5f:9f:47:41:f2:95:7f:d2:f0:69:31:
7a:35:ba:33:ba:3d:ff:24:d6:5b:fc:29:ee:b3:d7:8d:5c:2e:
81:ed:a1:ec:b7:19:3d:66:26:cf:5b:34:52:f0:a2:b2:4d:03:
a4:6a:50:27:57:3e:8d:6a:3b:9a:bd:90:12:91:f5:88:41:69:
5e:48:0d:be:24:ee:a5:16:74:fe:e9:3e:a2:e7:38:93:d7:f1:
55:08:d6:d9:a4:57:4a:ba:a0:cf:68:2f:e1:99:fe:d1:58:f4:
e7:35:65:e4:64:3c:bf:8f:79:c8:26:5a:d2:cb:74:c9:6c:e2:
bb:e7:e3:f6:4e:9d:0b:b1:be:92:31:aa:f4:c5:6d:4a:83:2c:
93:e5:eb:a4:fe:cc:50:6d:bd:43:eb:27:2f:64:97:02:30:b0:
f8:fc:94:6c:64:e5:65:ef:a6:ce:42:13:13:b9:29:d3:83:3f:
3a:82:e1:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfShMT6uGRjt4EVhbU0bq47icNqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIwMzNaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNzY0ZjZiNThmY2Q2Mjg4OWU4ZTc0MWQxNjQwZDYyNzIzODExYzQzMjQy
NjViMzk0OTkzMmY4ODA3N2ZiYWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR31gVLn8rqrnUzyS4ATKeZ6/6wji970eL+Cj60glDwQWZYJ1nl/PvTNqH9
8UdxPyg8lxtfxbH+JkbiQtROyTF2tuZEdI7hOEPBPdcwgQyKdPw/EfdpRu43Zrco
qnccSHapfzbc2GxpKRuXjhrzSyc3gokVqC72eI2tstUfO6m34yY7kwuhlkp+QFsy
UmP6uFBEakJEbLfSTdcMm9Q9Vff2duXGP4Q6bjK9PhLfT+dHhQI8YKksQFAczEsg
7xG+Ax2FGP9/wvQfWOoflX8jckyIvDHqodJKa2Hppln+hT8D9DTBXjf98oW3RLXn
zWWvbmgwd/k8XKVcWtujwl1ezpECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXKjyz
wNSKU1Ogp2lKYkw21yvM1zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQAz4eYZWpZLng4nbctTVn+z++UYDsEZ/uqA1y/z
KlkOMKTJAs2ncQQuNaGz2v9/p0NP8au6ukEe6b+BwGSrHukiRSL0lXyF/nbrmdjG
+OEjX59HQfKVf9LwaTF6Nbozuj3/JNZb/Cnus9eNXC6B7aHstxk9ZibPWzRS8KKy
TQOkalAnVz6NajuavZASkfWIQWleSA2+JO6lFnT+6T6i5ziT1/FVCNbZpFdKuqDP
aC/hmf7RWPTnNWXkZDy/j3nIJlrSy3TJbOK75+P2Tp0Lsb6SMar0xW1KgyyT5euk
/sxQbb1D6ycvZJcCMLD4/JRsZOVl76bOQhMTuSnTgz86guHJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net