Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
File: f4581009-959f-4805-904e-a85043ac559b.roa (raw, json)
Hash identifier: tuM5yX9exrBVu2cb4TIMKlWt5e9mX2cOEEmzJR5jX9k=
Subject key identifier: 15:49:26:4D:50:85:E2:0F:67:FF:04:FD:92:43:8F:C0:21:CF:2A:A9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 43116B864774649F75928D5B62F4FD27D6562787
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
Signing time: Sat 05 Apr 2025 00:21:17 +0000
ROA not before: Sat 05 Apr 2025 00:21:17 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:11:6b:86:47:74:64:9f:75:92:8d:5b:62:f4:fd:27:d6:56:27:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:21:17 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=f06d51f2429fc2769151cdf8ba2c5b4ddb9b290b43a96ea4b4d945e9a9e05b6c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:19:29:a8:6e:75:c9:c9:62:89:de:17:ea:f0:
97:20:db:3f:be:11:ce:ee:2d:62:13:e4:97:3d:5f:
b9:be:af:27:7f:ce:1b:5e:67:33:53:e5:99:49:ea:
74:dc:db:e8:85:84:26:f7:94:cb:30:a2:d3:60:55:
1e:45:fc:fd:1a:18:a2:77:29:94:4a:41:b9:9f:cc:
2f:1f:aa:bc:48:e9:68:6c:90:62:b6:de:7c:d5:3f:
eb:ef:ea:9b:1d:92:9f:c9:c7:d0:04:4b:b8:e5:2b:
a6:83:ef:45:58:0a:48:c0:2d:75:1a:a7:e0:cd:2f:
ee:77:e5:d9:03:1d:84:0b:3e:ae:b8:47:a1:59:f4:
41:b3:af:25:0d:3c:c6:5f:79:ba:76:d9:61:dd:65:
9a:8d:ed:7b:f9:f0:c3:4e:92:1d:27:c4:ae:9b:d4:
b9:9e:32:51:16:b6:70:62:53:e8:41:df:8c:74:35:
f5:7a:4f:d7:2d:74:1a:4d:f6:b6:25:f6:a5:c4:9d:
d2:c3:54:3a:c5:37:df:66:6d:0d:8d:98:28:cb:9d:
57:a2:ab:c5:39:40:00:f9:a9:0b:1d:b4:96:69:12:
ce:90:b5:80:54:a2:2d:e9:fd:c7:a1:7a:85:52:1b:
f1:1d:9f:c1:01:a3:66:cd:db:d1:9d:18:dd:c0:73:
57:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:49:26:4D:50:85:E2:0F:67:FF:04:FD:92:43:8F:C0:21:CF:2A:A9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a800::/40
Signature Algorithm: sha256WithRSAEncryption
19:4c:91:21:ea:4c:3d:3a:fc:f9:f2:27:13:c3:d1:14:0c:e3:
9c:2b:4b:5e:9b:0a:01:b2:e5:87:0f:65:ba:85:1b:e1:8e:d9:
e7:d7:eb:cd:65:ad:37:d7:53:97:80:f3:9a:c4:a5:a5:65:f5:
48:71:43:71:68:6b:d3:2f:29:84:d9:9f:c1:d0:a0:33:d3:1c:
07:87:6b:de:cd:21:27:76:6d:23:c9:1b:52:50:88:1c:77:3a:
b2:f3:e3:c1:d1:37:d2:84:5e:c1:99:cd:fb:b2:b0:50:b5:96:
1f:7f:8a:45:a1:7e:b3:f3:08:57:fd:b4:1c:16:2b:0d:90:42:
a4:9d:73:c4:19:e6:3e:71:4e:63:2d:3d:54:e5:70:5c:33:43:
b1:3e:47:47:cc:87:c2:de:b3:2e:09:71:5e:a5:6d:1a:63:34:
9a:ea:2d:df:16:2e:47:14:28:7b:83:97:48:81:a5:a1:b8:49:
35:6a:bb:a4:98:0d:7c:82:1d:c9:d0:d8:70:f6:9c:f9:9b:b9:
0f:6b:1b:1b:3b:67:1e:f0:05:c0:88:2b:53:fe:e2:d5:0d:4d:
a2:29:21:f2:d7:1d:e4:dd:ab:c9:1d:80:38:21:3c:a4:c4:d4:
7b:c7:f6:f4:bb:cf:b8:0e:c7:42:6a:69:b1:ae:70:fa:89:e8:
9b:91:cb:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQxFrhkd0ZJ91ko1bYvT9J9ZWJ4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIxMTdaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNmQ1MWYyNDI5ZmMyNzY5MTUxY2RmOGJhMmM1YjRkZGI5YjI5MGI0M2E5
NmVhNGI0ZDk0NWU5YTllMDViNmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEZKahudcnJYoneF+rwlyDbP74Rzu4tYhPklz1fub6vJ3/OG15nM1PlmUnq
dNzb6IWEJveUyzCi02BVHkX8/RoYoncplEpBuZ/MLx+qvEjpaGyQYrbefNU/6+/q
mx2Sn8nH0ARLuOUrpoPvRVgKSMAtdRqn4M0v7nfl2QMdhAs+rrhHoVn0QbOvJQ08
xl95unbZYd1lmo3te/nww06SHSfErpvUuZ4yURa2cGJT6EHfjHQ19XpP1y10Gk32
tiX2pcSd0sNUOsU332ZtDY2YKMudV6KrxTlAAPmpCx20lmkSzpC1gFSiLen9x6F6
hVIb8R2fwQGjZs3b0Z0Y3cBzV4ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVSSZN
UIXiD2f/BP2SQ4/AIc8qqTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZjQ1ODEwMDktOTU5Zi00ODA1LTkwNGUtYTg1MDQzYWM1NTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Oo
MA0GCSqGSIb3DQEBCwUAA4IBAQAZTJEh6kw9Ovz58icTw9EUDOOcK0temwoBsuWH
D2W6hRvhjtnn1+vNZa0311OXgPOaxKWlZfVIcUNxaGvTLymE2Z/B0KAz0xwHh2ve
zSEndm0jyRtSUIgcdzqy8+PB0TfShF7Bmc37srBQtZYff4pFoX6z8whX/bQcFisN
kEKknXPEGeY+cU5jLT1U5XBcM0OxPkdHzIfC3rMuCXFepW0aYzSa6i3fFi5HFCh7
g5dIgaWhuEk1arukmA18gh3J0Nhw9pz5m7kPaxsbO2ce8AXAiCtT/uLVDU2iKSHy
1x3k3avJHYA4ITykxNR7x/b0u8+4DsdCammxrnD6ieibkctr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net