Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
File: cb8e2b63-db40-4825-9c5a-943662c198a5.roa (raw, json)
Hash identifier: YPl6G9Xc1bFOL+vpUKNwxuqGe8rI5z7kyTuw58AAd4E=
Subject key identifier: FB:D5:8C:F0:21:07:BB:7A:52:68:82:1F:1B:86:9F:36:E4:7A:14:5F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5388474AF1E19FAB5DF679E020D663CF1FA6747E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
Signing time: Sat 05 Apr 2025 00:10:40 +0000
ROA not before: Sat 05 Apr 2025 00:10:40 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:88:47:4a:f1:e1:9f:ab:5d:f6:79:e0:20:d6:63:cf:1f:a6:74:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:10:40 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=0618e53ee7c82717fccb6d2b6d6322ee7e6d3f26e431738adabea1a7d905cb16, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:ee:8b:6d:9b:39:e4:e4:dd:a0:06:62:c9:
b1:ac:16:71:a5:cd:1d:6c:f6:72:c7:bd:48:39:a3:
e9:0b:86:9b:ad:d8:53:44:5a:e0:45:21:c8:31:40:
73:4e:73:aa:ba:36:f4:a6:60:93:a2:3a:f8:15:f4:
40:a2:43:08:24:7b:7b:64:32:03:ff:4a:fa:fa:d5:
cd:94:bd:36:8f:34:f0:e0:65:a3:41:f7:71:58:1e:
18:e2:56:0e:11:92:4c:41:82:38:07:49:41:96:3b:
7b:07:4c:52:93:2c:69:b0:0a:5b:b9:cf:8e:ca:58:
9a:be:c3:f2:91:62:e8:c8:ed:5e:f3:0b:70:17:8a:
99:c0:cb:43:32:b6:4a:74:9c:bd:eb:48:bf:0c:51:
e1:52:71:08:fe:b3:20:1b:57:47:97:fd:79:5c:9a:
d1:03:ca:a0:e5:e1:83:b8:3a:f4:ee:bd:52:ea:d3:
2e:bf:62:d4:70:57:41:94:f7:e2:96:88:83:c7:d9:
fd:92:ff:f8:71:e8:02:a3:28:30:62:03:f2:ce:d5:
05:94:01:1c:f8:93:88:2d:96:e8:35:1f:4c:4b:d6:
9b:a7:8b:35:f6:3a:67:cc:c6:b6:4c:d0:08:cd:b6:
e0:5b:26:09:ab:5d:69:9a:94:87:3f:85:2a:aa:28:
90:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D5:8C:F0:21:07:BB:7A:52:68:82:1F:1B:86:9F:36:E4:7A:14:5F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7840::/46
Signature Algorithm: sha256WithRSAEncryption
40:44:95:0e:47:bd:99:18:2f:93:19:11:18:fe:cf:6e:4e:a6:
b3:5c:8e:cf:86:c4:c0:3e:4a:49:3f:22:68:00:85:f1:5c:41:
16:69:ef:1a:06:ef:5f:46:70:0d:ae:2f:35:40:5f:1f:05:a3:
c5:05:6f:55:98:29:45:44:12:86:46:cb:38:42:6e:00:06:29:
c1:a2:91:13:cc:15:1f:9a:c6:4f:8f:39:fc:a7:0b:fb:e5:2b:
59:36:45:ae:bf:b7:c8:5d:03:7e:0c:f3:11:60:10:7e:d3:ee:
1e:f6:c3:59:56:a8:fa:e5:1c:38:dd:74:cc:ef:6f:bb:53:aa:
b2:5e:95:49:64:99:57:e2:bd:9e:ed:89:b3:d3:ea:f3:e5:f7:
cb:78:02:9a:bf:5e:e3:8f:bb:f0:de:c9:91:b3:fc:f5:40:d7:
29:6d:62:cf:4b:89:b1:25:1a:71:2d:7d:bf:2e:25:c4:4f:b5:
c3:a3:f6:91:ef:95:84:6b:7c:f8:2f:2a:d2:92:b4:55:4e:ca:
b1:57:f1:a2:80:45:5f:f8:4e:22:c9:b6:9b:02:3c:5c:8c:5a:
3b:a1:ac:dc:8c:12:31:e8:7e:8d:9e:68:f3:11:83:ff:3e:dd:
7c:77:d9:ff:83:3f:1b:d8:5e:6a:d3:f2:41:de:06:71:59:24:
e1:62:3c:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU4hHSvHhn6td9nngINZjzx+mdH4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDEwNDBaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MThlNTNlZTdjODI3MTdmY2NiNmQyYjZkNjMyMmVlN2U2ZDNmMjZlNDMx
NzM4YWRhYmVhMWE3ZDkwNWNiMTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW97ottmznk5N2gBmLJsawWcaXNHWz2cse9SDmj6QuGm63YU0Ra4EUhyDFA
c05zqro29KZgk6I6+BX0QKJDCCR7e2QyA/9K+vrVzZS9No808OBlo0H3cVgeGOJW
DhGSTEGCOAdJQZY7ewdMUpMsabAKW7nPjspYmr7D8pFi6MjtXvMLcBeKmcDLQzK2
SnScvetIvwxR4VJxCP6zIBtXR5f9eVya0QPKoOXhg7g69O69UurTLr9i1HBXQZT3
4paIg8fZ/ZL/+HHoAqMoMGID8s7VBZQBHPiTiC2W6DUfTEvWm6eLNfY6Z8zGtkzQ
CM224FsmCatdaZqUhz+FKqookMECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT71Yzw
IQe7elJogh8bhp825HoUXzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2I4ZTJiNjMtZGI0MC00ODI1LTljNWEtOTQzNjYyYzE5OGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
QDANBgkqhkiG9w0BAQsFAAOCAQEAQESVDke9mRgvkxkRGP7Pbk6ms1yOz4bEwD5K
ST8iaACF8VxBFmnvGgbvX0ZwDa4vNUBfHwWjxQVvVZgpRUQShkbLOEJuAAYpwaKR
E8wVH5rGT485/KcL++UrWTZFrr+3yF0DfgzzEWAQftPuHvbDWVao+uUcON10zO9v
u1Oqsl6VSWSZV+K9nu2Js9Pq8+X3y3gCmr9e44+78N7JkbP89UDXKW1iz0uJsSUa
cS19vy4lxE+1w6P2ke+VhGt8+C8q0pK0VU7KsVfxooBFX/hOIsm2mwI8XIxaO6Gs
3IwSMeh+jZ5o8xGD/z7dfHfZ/4M/G9heatPyQd4GcVkk4WI85A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net