Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
File: bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa (raw, json)
Hash identifier: 7kSXOLBVNeXPDXx6IaR+raNV6JoLpfRCBPvPzgPdcDU=
Subject key identifier: 01:69:9B:9F:40:D6:6B:09:F7:DC:A4:4F:DA:54:5C:8F:40:2A:4D:6C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5DEA215ED97D610F2C1D0BAB24FDE6B5397F0902
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
Signing time: Sat 05 Apr 2025 00:20:42 +0000
ROA not before: Sat 05 Apr 2025 00:20:42 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ea:21:5e:d9:7d:61:0f:2c:1d:0b:ab:24:fd:e6:b5:39:7f:09:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:20:42 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=503e9aa972677ddb49a43f7e8cb98470463acfa74ce208e6063e95675662b947, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f8:52:97:72:8d:ae:7a:9e:cf:f9:57:2e:89:
45:20:c7:3c:25:4d:df:93:b7:14:73:f6:5b:61:de:
7a:3f:ee:3c:67:50:d2:50:8d:6c:de:c7:29:b2:47:
40:d9:a0:b7:de:03:26:b4:60:3b:a5:bc:42:e7:f2:
36:98:df:96:e0:96:b6:30:e2:9b:9b:57:bb:c2:c6:
02:f2:36:9b:84:d9:d2:b6:5b:cd:6b:c0:66:94:bb:
ce:31:31:1a:95:65:d6:06:80:f8:9c:79:f3:8d:4c:
71:ee:d3:a0:c4:22:c4:1d:7d:a0:01:83:9e:a5:ca:
8b:25:47:35:04:eb:86:a6:86:b3:62:0a:b9:61:c8:
52:8c:2a:66:cc:58:a0:8d:32:81:48:bd:d5:2d:65:
db:2f:96:a4:9f:83:9a:b6:2e:59:9a:bf:79:ee:83:
cf:f5:03:32:a3:59:23:8f:9e:2d:64:38:8a:d8:03:
0c:9b:4d:58:4b:bb:a0:ab:8e:92:9e:0e:46:02:13:
5d:e4:b0:b4:45:0f:1b:ec:71:08:3b:b7:b0:77:9d:
4c:de:c7:a7:43:c8:b5:58:58:b9:47:69:67:de:3f:
d3:56:41:9e:b3:c3:08:49:b8:92:a5:33:cf:42:b4:
eb:76:ca:9b:2d:75:5d:b3:39:7f:e1:18:36:fa:ae:
b7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:69:9B:9F:40:D6:6B:09:F7:DC:A4:4F:DA:54:5C:8F:40:2A:4D:6C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
3a:75:a2:c4:25:b7:f2:cd:1e:d9:99:60:2f:4f:8a:5e:3e:ea:
91:7d:41:04:8d:39:47:80:0b:ab:af:60:2c:df:33:b7:4a:c5:
f3:83:f3:8c:38:64:6d:65:4d:9a:f8:9b:13:00:00:98:30:10:
73:5d:cc:c5:9b:d0:be:bc:24:0b:e6:bb:49:e4:bb:96:3f:36:
bb:f5:b5:60:e2:2d:7a:6a:8b:08:d6:ce:d3:4b:f8:76:5f:c6:
51:90:39:7b:d8:10:8f:2f:61:e1:1a:e4:24:27:1c:fd:66:23:
09:1b:e7:0e:a3:a4:37:af:a1:1c:fe:d3:f5:4a:38:bd:63:83:
7e:1a:00:60:1d:81:a3:ea:21:34:12:32:dc:10:37:2a:2b:45:
72:39:42:3d:14:a9:1f:e6:4c:27:46:e6:87:c5:d9:95:17:3b:
a0:2e:f2:e6:8a:87:ca:0c:34:6f:a2:47:86:69:0a:2e:e3:31:
f8:1e:38:b1:e6:b6:90:30:85:0c:30:71:44:56:3f:35:50:a2:
6b:45:4e:3c:4c:d7:e9:cb:75:77:5a:de:13:17:3a:e5:0b:76:
99:56:2e:31:9b:01:da:6e:2a:a0:f4:5d:c5:ab:39:43:79:5f:
aa:aa:49:bb:33:67:49:29:c2:80:aa:9d:5d:b7:d6:7c:a8:f2:
1d:b5:2b:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXeohXtl9YQ8sHQurJP3mtTl/CQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIwNDJaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwM2U5YWE5NzI2NzdkZGI0OWE0M2Y3ZThjYjk4NDcwNDYzYWNmYTc0Y2Uy
MDhlNjA2M2U5NTY3NTY2MmI5NDcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKH4Updyja56ns/5Vy6JRSDHPCVN35O3FHP2W2Heej/uPGdQ0lCNbN7HKbJH
QNmgt94DJrRgO6W8QufyNpjfluCWtjDim5tXu8LGAvI2m4TZ0rZbzWvAZpS7zjEx
GpVl1gaA+Jx5841Mce7ToMQixB19oAGDnqXKiyVHNQTrhqaGs2IKuWHIUowqZsxY
oI0ygUi91S1l2y+WpJ+DmrYuWZq/ee6Dz/UDMqNZI4+eLWQ4itgDDJtNWEu7oKuO
kp4ORgITXeSwtEUPG+xxCDu3sHedTN7Hp0PItVhYuUdpZ94/01ZBnrPDCEm4kqUz
z0K063bKmy11XbM5f+EYNvqut/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBaZuf
QNZrCffcpE/aVFyPQCpNbDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmZkNDYyYmQtMmUxZi00ODVmLWFhOWMtZTdlMGMwYmNiNjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6daLEJbfyzR7ZmWAvT4pePuqRfUEEjTlHgAur
r2As3zO3SsXzg/OMOGRtZU2a+JsTAACYMBBzXczFm9C+vCQL5rtJ5LuWPza79bVg
4i16aosI1s7TS/h2X8ZRkDl72BCPL2HhGuQkJxz9ZiMJG+cOo6Q3r6Ec/tP1Sji9
Y4N+GgBgHYGj6iE0EjLcEDcqK0VyOUI9FKkf5kwnRuaHxdmVFzugLvLmiofKDDRv
okeGaQou4zH4Hjix5raQMIUMMHFEVj81UKJrRU48TNfpy3V3Wt4TFzrlC3aZVi4x
mwHabiqg9F3FqzlDeV+qqkm7M2dJKcKAqp1dt9Z8qPIdtSty
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net