Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
File: afb29442-cb58-4fe7-9319-202c1646019f.roa (raw, json)
Hash identifier: ibewJMVYI1kw1hTwI0l7aXYr1BFkA2rfNjMIrpCi3do=
Subject key identifier: FA:F5:98:4C:22:90:17:3F:C4:16:22:FF:03:33:8B:83:89:A4:9A:29
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6AD5D7CD8B7AB77783BF84CA84523811255BBF9D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
Signing time: Sat 05 Apr 2025 00:21:15 +0000
ROA not before: Sat 05 Apr 2025 00:21:15 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d5:d7:cd:8b:7a:b7:77:83:bf:84:ca:84:52:38:11:25:5b:bf:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:21:15 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=3277ddee779983523243b6856459d0d0097098693cc468a458e073cb7ea1d290, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b8:e1:bc:38:41:2a:32:7e:95:27:e0:34:7c:
8c:1f:56:88:3e:56:16:55:68:8c:47:b2:d1:0f:5b:
7d:bd:18:62:d2:58:45:f1:db:3a:d4:f1:a6:66:e3:
53:d6:bc:6d:0f:e8:25:98:cb:ee:16:50:66:63:43:
a5:21:1d:b0:cf:07:a2:b4:77:df:c5:17:f7:e4:2a:
db:52:80:8d:5a:ce:6c:bf:13:9c:03:c6:62:14:28:
59:62:bf:e0:52:35:6f:dd:a1:62:5c:4f:d9:e9:bc:
1c:98:0b:92:53:eb:1d:4e:e1:f7:14:24:b1:18:c7:
14:19:dd:fa:cc:ab:b1:0f:0d:d4:cd:cf:a2:10:7d:
a3:de:27:fa:d3:c1:39:a5:62:28:0b:37:09:d5:c7:
c3:75:e8:d0:e5:b8:a4:7f:ae:fd:82:16:e9:2a:c6:
2c:e9:a7:07:87:72:ce:69:e4:20:fb:d8:c8:19:84:
ec:a2:ef:bf:f8:ea:c0:45:01:4d:f7:96:be:8a:68:
24:e5:62:2e:c7:6f:ce:45:23:62:2b:d5:c0:41:84:
38:54:72:df:81:a0:fe:06:63:c1:87:75:c4:3d:82:
4c:5f:c9:36:62:b5:02:79:42:27:08:be:2d:62:a4:
aa:5b:81:a4:af:d1:7d:a4:d5:a3:e4:3a:83:1c:56:
d6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F5:98:4C:22:90:17:3F:C4:16:22:FF:03:33:8B:83:89:A4:9A:29
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6::/40
Signature Algorithm: sha256WithRSAEncryption
6a:65:7d:c7:1d:82:1b:7b:9f:fc:7e:20:7e:7f:b6:30:39:fc:
fd:c7:58:45:49:da:64:f3:c6:e7:a8:60:62:83:c9:f9:94:57:
70:d3:49:e0:ff:57:5d:e7:65:4b:9b:f7:06:43:75:b3:80:cb:
74:35:2b:11:ce:77:d7:47:b9:bc:3a:8c:f9:45:cc:2c:42:07:
16:94:f8:41:4b:6a:c3:1f:63:ff:e9:55:6f:82:e1:dd:31:e4:
5e:8e:e1:87:8f:ff:53:48:16:4e:19:de:32:1b:ea:5d:0b:bb:
5c:bb:69:17:25:71:9e:c4:dc:99:db:2c:8d:6e:4a:17:72:ec:
fa:23:69:92:d2:a8:7d:f1:fc:1a:5d:86:0c:b2:8a:cc:09:c6:
f9:f5:aa:b5:70:ff:8e:a8:b3:05:f3:dc:8d:b8:3b:29:96:58:
6f:41:e4:4c:a0:6a:34:05:5e:7b:92:25:0f:33:84:cd:83:b1:
4c:64:c9:7c:40:f2:28:dd:01:fe:80:31:c4:86:0c:82:7a:e7:
ed:1e:60:b1:76:c6:34:d9:c6:ac:70:31:b2:7a:b7:c0:51:c1:
f0:8f:19:e4:cc:c7:0d:58:50:16:df:c5:bc:7a:20:18:e0:b6:
f3:d3:18:91:e0:46:13:11:50:fb:b2:20:72:7e:c1:eb:c9:86:
30:ef:b5:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUatXXzYt6t3eDv4TKhFI4ESVbv50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIxMTVaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyNzdkZGVlNzc5OTgzNTIzMjQzYjY4NTY0NTlkMGQwMDk3MDk4NjkzY2M0
NjhhNDU4ZTA3M2NiN2VhMWQyOTAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALG44bw4QSoyfpUn4DR8jB9WiD5WFlVojEey0Q9bfb0YYtJYRfHbOtTxpmbj
U9a8bQ/oJZjL7hZQZmNDpSEdsM8HorR338UX9+Qq21KAjVrObL8TnAPGYhQoWWK/
4FI1b92hYlxP2em8HJgLklPrHU7h9xQksRjHFBnd+syrsQ8N1M3PohB9o94n+tPB
OaViKAs3CdXHw3Xo0OW4pH+u/YIW6SrGLOmnB4dyzmnkIPvYyBmE7KLvv/jqwEUB
TfeWvopoJOViLsdvzkUjYivVwEGEOFRy34Gg/gZjwYd1xD2CTF/JNmK1AnlCJwi+
LWKkqluBpK/RfaTVo+Q6gxxW1ncCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT69ZhM
IpAXP8QWIv8DM4uDiaSaKTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWZiMjk0NDItY2I1OC00ZmU3LTkzMTktMjAyYzE2NDYwMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqZX3HHYIbe5/8fiB+f7YwOfz9x1hFSdpk88bn
qGBig8n5lFdw00ng/1dd52VLm/cGQ3WzgMt0NSsRznfXR7m8Ooz5RcwsQgcWlPhB
S2rDH2P/6VVvguHdMeRejuGHj/9TSBZOGd4yG+pdC7tcu2kXJXGexNyZ2yyNbkoX
cuz6I2mS0qh98fwaXYYMsorMCcb59aq1cP+OqLMF89yNuDspllhvQeRMoGo0BV57
kiUPM4TNg7FMZMl8QPIo3QH+gDHEhgyCeuftHmCxdsY02cascDGyerfAUcHwjxnk
zMcNWFAW38W8eiAY4Lbz0xiR4EYTEVD7siByfsHryYYw77U6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net