Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: rEeZ10JofecKyIzB8dkrjY7LT9koHeAeIFNyd9XxLzE=
Subject key identifier: 9B:A6:F4:14:EE:87:85:E6:0B:D3:40:36:3D:0D:37:FB:E9:60:90:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FA943D31BF2294F331661AEA937DAEE47C05301
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Fri 11 Apr 2025 00:50:03 +0000
ROA not before: Fri 11 Apr 2025 00:50:03 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a9:43:d3:1b:f2:29:4f:33:16:61:ae:a9:37:da:ee:47:c0:53:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 11 00:50:03 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=d32bf056b9d330bb04e5d969ae7ded456bfd71349e1371cb02056d703634f62f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:63:fa:af:ab:b6:c4:07:12:98:36:21:a2:
69:a6:f8:63:fd:05:50:4d:9a:3f:67:0a:74:ba:f3:
be:47:6b:50:ca:5b:99:da:f5:a2:3a:8c:c1:e5:8b:
fe:36:4f:61:33:bb:7b:fa:77:f8:61:a1:58:93:e0:
d4:58:f8:64:5b:0c:40:50:d8:2e:ef:01:25:16:3c:
2f:02:fd:62:4e:d6:2b:7e:91:ee:52:1d:0d:27:95:
a9:a0:22:6b:59:08:dd:b5:a4:12:c5:81:77:2d:d7:
ac:37:81:b6:48:b6:a4:eb:a8:5b:cb:1e:16:de:c9:
92:2f:82:9d:29:a8:3e:4e:fa:a5:bc:fc:b9:e3:7e:
1b:ec:21:1c:97:e5:e2:7d:70:3a:96:50:3b:06:96:
cd:d9:39:bf:58:fb:13:6c:55:f9:fc:e8:89:1d:a7:
01:67:f2:69:24:8e:cc:2a:a6:38:75:55:18:9c:bc:
89:be:20:cc:35:c0:b4:3b:7b:21:9f:5b:2e:a0:5c:
1c:be:f6:03:5e:a1:cd:74:07:6e:41:15:07:0c:52:
fa:7f:5e:d4:97:5e:02:82:64:c6:06:f1:2c:7e:0d:
04:52:90:aa:5a:a3:35:3d:ea:5a:4f:ce:53:fe:d8:
45:38:3a:45:bd:fa:44:9b:31:45:72:75:ca:c1:47:
a9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A6:F4:14:EE:87:85:E6:0B:D3:40:36:3D:0D:37:FB:E9:60:90:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:5c:d4:fc:8f:3f:8c:97:8e:02:cc:bc:40:7d:77:a7:74:2b:
a9:45:c8:cc:4d:c4:0c:1c:c1:3d:38:38:4b:7a:f5:a1:07:2b:
9c:99:0b:36:e4:72:0c:5a:d7:44:8b:a7:3f:5b:44:6a:2f:dd:
1a:9c:6a:59:64:41:97:a5:36:61:b7:da:b6:c0:12:c8:9c:23:
35:74:57:4a:6a:0f:66:ee:ab:47:34:1b:07:c8:b6:fe:90:73:
36:00:bd:1b:73:ab:18:7d:2b:fc:a1:73:cd:33:61:f4:6f:a0:
fa:56:9a:0c:34:69:c9:e3:a1:31:5d:fe:b9:13:39:4a:db:93:
d4:33:d2:55:ee:40:03:f9:3c:3c:c9:d5:3b:c9:ab:fd:7f:5f:
87:28:8a:e7:f3:92:5c:8d:b0:ba:03:06:0a:85:81:55:a5:32:
1c:67:34:a4:12:47:30:b9:90:d8:01:0f:b7:58:8d:59:02:a1:
b5:33:d3:e7:72:b3:d0:99:8e:b9:2b:58:d8:9e:7f:2f:60:21:
ef:b8:dd:ac:98:cb:9d:92:68:23:99:57:70:4c:bc:81:05:e6:
c5:aa:50:c8:f6:dc:0e:58:85:fd:34:18:17:91:81:07:b5:69:
00:c9:a3:50:00:85:25:3a:10:78:cf:7c:48:cc:bd:15:5d:e4:
38:b6:a1:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb6lD0xvyKU8zFmGuqTfa7kfAUwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTEwMDUwMDNaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzMmJmMDU2YjlkMzMwYmIwNGU1ZDk2OWFlN2RlZDQ1NmJmZDcxMzQ5ZTEz
NzFjYjAyMDU2ZDcwMzYzNGY2MmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEgY/qvq7bEBxKYNiGiaab4Y/0FUE2aP2cKdLrzvkdrUMpbmdr1ojqMweWL
/jZPYTO7e/p3+GGhWJPg1Fj4ZFsMQFDYLu8BJRY8LwL9Yk7WK36R7lIdDSeVqaAi
a1kI3bWkEsWBdy3XrDeBtki2pOuoW8seFt7Jki+CnSmoPk76pbz8ueN+G+whHJfl
4n1wOpZQOwaWzdk5v1j7E2xV+fzoiR2nAWfyaSSOzCqmOHVVGJy8ib4gzDXAtDt7
IZ9bLqBcHL72A16hzXQHbkEVBwxS+n9e1JdeAoJkxgbxLH4NBFKQqlqjNT3qWk/O
U/7YRTg6Rb36RJsxRXJ1ysFHqVECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbpvQU
7oeF5gvTQDY9DTf76WCQWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQB0XNT8jz+Ml44CzLxAfXendCupRcjMTcQMHME9ODhL
evWhByucmQs25HIMWtdEi6c/W0RqL90anGpZZEGXpTZht9q2wBLInCM1dFdKag9m
7qtHNBsHyLb+kHM2AL0bc6sYfSv8oXPNM2H0b6D6VpoMNGnJ46ExXf65EzlK25PU
M9JV7kAD+Tw8ydU7yav9f1+HKIrn85JcjbC6AwYKhYFVpTIcZzSkEkcwuZDYAQ+3
WI1ZAqG1M9PncrPQmY65K1jYnn8vYCHvuN2smMudkmgjmVdwTLyBBebFqlDI9twO
WIX9NBgXkYEHtWkAyaNQAIUlOhB4z3xIzL0VXeQ4tqFM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net