Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ab79adfe-f7aa-409f-9455-78c2f2264124.roa
File: ab79adfe-f7aa-409f-9455-78c2f2264124.roa (raw, json)
Hash identifier: ltjpTUEZQLivo3IJQVgtufoZreq/WZgcMZzIPkKqX1U=
Subject key identifier: 31:06:ED:E3:E8:78:8B:7C:6B:6A:7E:E4:B5:E6:A1:59:50:D5:86:CB
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3B153D32717EC1E16E7CAD4D68827D92CF8CD08C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ab79adfe-f7aa-409f-9455-78c2f2264124.roa
Signing time: Sat 05 Apr 2025 00:10:39 +0000
ROA not before: Sat 05 Apr 2025 00:10:39 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5880::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:15:3d:32:71:7e:c1:e1:6e:7c:ad:4d:68:82:7d:92:cf:8c:d0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:10:39 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=96b7a5de0a735e27b9f5b707206cb905d68aa86b472f4d93c93908ffbacb7f54, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:69:8a:a1:c9:89:93:cf:99:7b:2e:fd:79:ae:
36:ad:76:b4:cb:74:cf:62:39:12:0e:44:b1:54:9a:
94:2c:60:a6:32:f4:cb:c7:c8:f6:55:ac:5e:3e:e1:
4b:69:2c:d3:54:2f:43:b6:7d:57:07:8b:52:77:c1:
08:cd:9f:d1:3f:f8:f6:0c:c1:89:52:72:db:f3:a9:
bd:f6:bd:95:1f:6f:04:bf:7c:01:57:94:ba:c4:8e:
bc:bf:f7:54:ea:71:a4:03:f1:6b:c8:43:94:1f:41:
f7:fa:d8:a2:84:e5:34:f4:ff:c2:8a:12:82:fc:0c:
52:40:c8:c4:fb:7d:d7:57:8b:5a:a3:bc:b4:15:20:
d9:69:77:e8:d9:28:d5:24:b3:60:1e:85:c4:4c:e6:
2f:01:90:1c:22:f5:d2:60:ce:1d:90:21:fa:34:14:
23:5a:44:46:64:fb:0f:d0:a4:3e:7b:fb:4f:6a:a7:
5e:31:98:9f:90:e9:dd:f9:0a:57:1c:ca:77:75:52:
76:db:91:41:1f:c1:61:ca:52:ce:10:f6:10:83:e7:
78:05:bc:59:da:b1:1d:38:b3:a6:3f:9a:72:ab:83:
eb:39:e1:8a:db:2d:7e:18:4b:7e:97:fd:54:ac:4a:
05:fc:b3:60:52:67:04:b4:d7:13:48:1e:87:71:4d:
12:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:06:ED:E3:E8:78:8B:7C:6B:6A:7E:E4:B5:E6:A1:59:50:D5:86:CB
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ab79adfe-f7aa-409f-9455-78c2f2264124.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5880::/46
Signature Algorithm: sha256WithRSAEncryption
32:27:9b:5f:6b:f8:8e:7d:1e:49:a8:3a:50:e9:46:42:c3:dc:
c1:f8:3a:a3:ee:32:19:27:63:7b:70:30:19:28:3f:eb:8f:ba:
95:fb:bb:c1:45:f9:28:7e:0f:1b:e6:8d:bc:4c:ce:88:45:10:
82:a2:1b:54:63:f1:d3:e8:21:51:0f:4d:23:df:f4:d4:cd:22:
6f:b0:bd:db:05:6e:04:6c:4f:98:d2:e8:70:4e:5e:ed:96:79:
ec:c2:8e:63:b8:6e:dc:e7:56:93:de:83:33:ce:55:b1:05:27:
78:d4:19:5f:74:e5:a1:76:da:1c:ab:a9:12:48:33:c4:2e:07:
45:25:95:e2:c7:5a:5e:0a:b6:b2:0d:0a:b0:ff:96:a1:38:f3:
34:36:85:f2:37:19:21:50:5e:9b:f7:df:3e:59:8f:c0:d3:04:
10:0b:50:0b:25:98:25:7a:c0:28:b3:10:6c:ea:51:77:28:91:
a3:47:04:bc:6f:3c:24:0c:db:a4:82:51:0d:8a:ef:7a:e3:3f:
50:13:10:52:f1:85:f3:f9:76:fc:1a:1e:96:96:12:c7:9e:a9:
a5:57:b3:c9:45:60:b5:dc:28:5d:2d:a4:8a:8c:6b:57:6d:6e:
3c:05:78:ef:e6:04:e6:a3:83:1a:34:32:10:04:f1:59:31:c2:
d4:01:35:6f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOxU9MnF+weFufK1NaIJ9ks+M0IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDEwMzlaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2YjdhNWRlMGE3MzVlMjdiOWY1YjcwNzIwNmNiOTA1ZDY4YWE4NmI0NzJm
NGQ5M2M5MzkwOGZmYmFjYjdmNTQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlpiqHJiZPPmXsu/XmuNq12tMt0z2I5Eg5EsVSalCxgpjL0y8fI9lWsXj7h
S2ks01QvQ7Z9VweLUnfBCM2f0T/49gzBiVJy2/Opvfa9lR9vBL98AVeUusSOvL/3
VOpxpAPxa8hDlB9B9/rYooTlNPT/wooSgvwMUkDIxPt911eLWqO8tBUg2Wl36Nko
1SSzYB6FxEzmLwGQHCL10mDOHZAh+jQUI1pERmT7D9CkPnv7T2qnXjGYn5Dp3fkK
VxzKd3VSdtuRQR/BYcpSzhD2EIPneAW8WdqxHTizpj+acquD6znhitstfhhLfpf9
VKxKBfyzYFJnBLTXE0geh3FNEmMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQxBu3j
6HiLfGtqfuS15qFZUNWGyzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWI3OWFkZmUtZjdhYS00MDlmLTk0NTUtNzhjMmYyMjY0MTI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
gDANBgkqhkiG9w0BAQsFAAOCAQEAMiebX2v4jn0eSag6UOlGQsPcwfg6o+4yGSdj
e3AwGSg/64+6lfu7wUX5KH4PG+aNvEzOiEUQgqIbVGPx0+ghUQ9NI9/01M0ib7C9
2wVuBGxPmNLocE5e7ZZ57MKOY7hu3OdWk96DM85VsQUneNQZX3TloXbaHKupEkgz
xC4HRSWV4sdaXgq2sg0KsP+WoTjzNDaF8jcZIVBem/ffPlmPwNMEEAtQCyWYJXrA
KLMQbOpRdyiRo0cEvG88JAzbpIJRDYrveuM/UBMQUvGF8/l2/BoelpYSx56ppVez
yUVgtdwoXS2kioxrV21uPAV47+YE5qODGjQyEATxWTHC1AE1bw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net