Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: p+epRgxvYC6aZdCCIXBrpsMf9HcPAyhpRbHnF43fKl0=
Subject key identifier: A2:9A:10:5C:77:03:F6:6C:25:D1:FB:86:75:D8:4D:EA:E3:78:5A:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 211F609B3CA1C735A32BB1175415E6D95E2C2996
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Mon 31 Mar 2025 21:20:08 +0000
ROA not before: Mon 31 Mar 2025 21:20:08 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:1f:60:9b:3c:a1:c7:35:a3:2b:b1:17:54:15:e6:d9:5e:2c:29:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:08 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=1dc944491246c081bc986d4990c0eb0bb10e62ba6af1cbab6bbefd5be756d1c2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:48:59:f8:4d:6b:e1:89:eb:a6:a1:7d:84:fa:
b1:30:a4:19:a4:25:f3:5b:91:74:2b:3b:7b:b1:73:
1c:3c:7e:9b:00:17:e1:8e:82:58:c3:56:fa:f7:86:
be:75:f7:58:ed:99:74:8b:e9:4b:d0:08:e7:eb:48:
1b:5e:11:d4:fd:20:1c:3e:15:ba:78:bd:2d:c5:78:
6c:ab:09:a0:ae:bd:d8:ca:9c:37:46:db:0e:99:63:
21:ef:5e:67:b3:6d:ff:3e:61:c5:94:f9:5c:a1:d1:
db:30:1d:a0:b9:82:98:40:c8:4e:c7:a2:cc:35:aa:
09:c4:49:0f:1e:4d:fe:8b:f8:ff:29:4d:5d:5e:bc:
7e:ae:4c:79:52:d8:0d:fa:8e:30:44:d5:30:ef:0e:
b1:ea:f3:c3:f6:87:21:bb:5a:f9:21:36:ae:50:38:
8d:9e:d9:19:3e:26:1f:e6:e9:97:2e:1d:0b:74:38:
e6:e4:bc:e3:b8:97:6e:40:03:67:8c:33:07:33:05:
97:3b:97:64:23:5a:a4:b5:fe:28:49:cb:5c:6a:5e:
89:0b:9f:60:c3:c9:13:b1:fa:50:44:81:07:35:c8:
f2:79:fc:8e:2b:a9:13:8e:0d:f9:a2:13:68:29:38:
19:98:c1:57:d8:87:97:e9:df:87:c6:86:44:1f:a3:
0d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9A:10:5C:77:03:F6:6C:25:D1:FB:86:75:D8:4D:EA:E3:78:5A:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:41:ee:37:24:08:3a:db:51:34:59:54:43:ff:96:67:d5:f2:
d4:31:64:d5:4b:5c:98:95:e7:f6:2f:53:26:5a:b0:4e:e5:cd:
a2:97:9a:e7:b7:92:12:93:7b:7a:42:3a:9f:ee:20:09:d7:86:
a7:3d:3a:e4:42:fb:d0:64:3b:50:a1:d3:0b:f9:cb:0a:17:61:
87:a3:b6:8d:89:09:b6:73:9d:3e:24:cd:50:ac:50:98:95:dd:
7e:d9:57:c8:a4:bb:03:8f:8d:7d:2e:a5:2c:22:d4:85:ef:7a:
18:0b:3f:10:3a:76:c5:f9:1c:99:e8:c6:5b:94:0a:b2:6d:8e:
66:63:2d:d5:6a:27:51:20:fb:f3:2a:1c:25:24:d1:9b:6b:c9:
74:ea:3e:03:6c:02:ff:54:e9:2d:f2:96:ec:64:a5:2b:15:59:
28:a1:57:dd:66:59:c3:a3:58:88:f3:98:6b:07:1d:18:3b:7b:
7d:1d:6f:57:8e:d6:f3:81:18:64:78:22:39:5d:76:ba:5a:45:
fa:cb:f8:fd:68:1e:67:3b:a1:02:96:c3:d8:6a:50:68:b5:5a:
dd:a8:24:95:6f:e0:60:71:f0:86:3c:3c:fc:d6:c3:ce:0a:5c:
14:26:e3:72:55:1f:18:24:2e:f6:fc:92:56:23:f3:56:c1:e6:
76:c8:36:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIR9gmzyhxzWjK7EXVBXm2V4sKZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDhaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkYzk0NDQ5MTI0NmMwODFiYzk4NmQ0OTkwYzBlYjBiYjEwZTYyYmE2YWYx
Y2JhYjZiYmVmZDViZTc1NmQxYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNIWfhNa+GJ66ahfYT6sTCkGaQl81uRdCs7e7FzHDx+mwAX4Y6CWMNW+veG
vnX3WO2ZdIvpS9AI5+tIG14R1P0gHD4Vuni9LcV4bKsJoK692MqcN0bbDpljIe9e
Z7Nt/z5hxZT5XKHR2zAdoLmCmEDITseizDWqCcRJDx5N/ov4/ylNXV68fq5MeVLY
DfqOMETVMO8Oserzw/aHIbta+SE2rlA4jZ7ZGT4mH+bply4dC3Q45uS847iXbkAD
Z4wzBzMFlzuXZCNapLX+KEnLXGpeiQufYMPJE7H6UESBBzXI8nn8jiupE44N+aIT
aCk4GZjBV9iHl+nfh8aGRB+jDacCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSimhBc
dwP2bCXR+4Z12E3q43haijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQBbQe43JAg621E0WVRD/5Zn1fLUMWTVS1yYlef2L1Mm
WrBO5c2il5rnt5ISk3t6Qjqf7iAJ14anPTrkQvvQZDtQodML+csKF2GHo7aNiQm2
c50+JM1QrFCYld1+2VfIpLsDj419LqUsItSF73oYCz8QOnbF+RyZ6MZblAqybY5m
Yy3VaidRIPvzKhwlJNGba8l06j4DbAL/VOkt8pbsZKUrFVkooVfdZlnDo1iI85hr
Bx0YO3t9HW9XjtbzgRhkeCI5XXa6WkX6y/j9aB5nO6EClsPYalBotVrdqCSVb+Bg
cfCGPDz81sPOClwUJuNyVR8YJC72/JJWI/NWweZ2yDbJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net