Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: mRRMkezNDUBuXwWn28dkEQaq5lVgEhOwDncDzwGE7qg=
Subject key identifier: CD:FA:51:1F:47:C4:74:90:3E:20:8A:2A:59:BB:DC:A0:BC:8C:70:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07966F12607952691FF42F11E36E67DDC8FC7535
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Mon 31 Mar 2025 21:20:08 +0000
ROA not before: Mon 31 Mar 2025 21:20:08 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:96:6f:12:60:79:52:69:1f:f4:2f:11:e3:6e:67:dd:c8:fc:75:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:08 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a4e680044f00f23e0959b21ad7cc2ef80a1df293ee8eda9362a07ff526890fc5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:56:59:9b:16:42:57:63:1d:67:56:32:4c:27:
1a:e8:81:b6:6f:a5:32:ff:cf:26:fa:fa:2b:49:f8:
0e:37:dc:50:4c:2b:e5:8c:56:75:30:a7:cb:c0:93:
bc:77:2a:7d:4c:e3:5f:d7:48:bd:48:66:3a:9d:3e:
e3:3f:5c:d0:0c:06:ef:71:b2:f2:99:dd:d4:23:2d:
26:c6:e7:c7:9b:89:b6:43:a4:42:c1:f1:ce:2f:54:
8b:e5:16:a3:f9:18:e7:fe:7e:c9:f8:28:95:f8:0a:
57:98:7c:b8:14:71:41:66:1d:cc:88:26:34:d4:9a:
b5:54:ab:bc:4a:b8:89:57:6d:f6:fb:70:ad:f7:20:
a1:4b:20:42:d6:4a:a7:68:8d:bb:35:6f:43:5f:f1:
77:d6:67:e0:5d:65:f2:74:ac:4a:86:da:a9:97:f6:
16:54:04:1f:c0:c9:eb:8f:be:3e:1f:cc:3b:77:6e:
07:ca:02:bc:75:8f:ee:ea:03:0f:96:7b:b1:64:f3:
bb:c1:4f:c6:f3:0d:fa:12:0e:50:aa:f2:e6:c9:79:
13:22:b7:3c:84:e8:d3:88:a0:32:6f:7b:6a:f0:56:
4b:13:61:0e:ad:b8:98:0d:d8:1b:72:fc:27:cd:23:
4f:65:6f:45:87:97:ed:b6:33:9b:82:69:24:ad:5f:
bd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FA:51:1F:47:C4:74:90:3E:20:8A:2A:59:BB:DC:A0:BC:8C:70:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:19:63:e1:b4:dd:4e:00:e4:e6:c3:41:e3:e4:ce:d5:44:76:
a9:44:82:ea:6e:a9:63:6e:47:a2:09:80:d3:de:cb:b1:0c:52:
41:2a:63:0b:bb:72:3a:7e:6a:31:10:b3:df:1d:9c:02:8a:82:
39:50:b8:45:14:89:17:b0:04:cc:ab:2f:c0:a7:49:14:b7:fb:
54:06:1a:c1:b9:5c:10:b4:85:fc:82:cb:6b:4b:5b:60:3c:fb:
e9:42:d8:67:ea:84:20:36:f1:29:43:6b:a5:cc:54:2b:e4:ba:
5e:d9:77:c4:ff:0c:62:73:7d:61:3d:3c:1d:38:59:d5:53:c0:
31:bb:f9:b0:4e:11:f1:e1:48:b5:48:e3:7e:ed:17:f2:e9:07:
66:da:44:f2:8c:b1:9c:a8:45:d2:2d:d8:50:05:e1:c3:25:8c:
8f:17:79:21:a1:55:eb:d8:12:6d:29:4d:f4:db:ce:a0:65:a9:
00:f4:f2:e5:9a:4e:e2:43:4a:1a:02:43:e9:28:3e:80:36:1c:
50:f4:ec:9f:e9:a1:91:05:7c:26:38:22:b6:68:8a:e4:68:b1:
57:a0:54:94:db:98:06:39:61:ee:c5:04:76:ca:ef:5c:2d:c6:
a9:92:80:8e:f1:4d:e5:c5:4e:a2:72:9a:5d:99:90:e8:fd:1d:
01:48:d7:02
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB5ZvEmB5Umkf9C8R425n3cj8dTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDhaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ZTY4MDA0NGYwMGYyM2UwOTU5YjIxYWQ3Y2MyZWY4MGExZGYyOTNlZThl
ZGE5MzYyYTA3ZmY1MjY4OTBmYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtWWZsWQldjHWdWMkwnGuiBtm+lMv/PJvr6K0n4DjfcUEwr5YxWdTCny8CT
vHcqfUzjX9dIvUhmOp0+4z9c0AwG73Gy8pnd1CMtJsbnx5uJtkOkQsHxzi9Ui+UW
o/kY5/5+yfgolfgKV5h8uBRxQWYdzIgmNNSatVSrvEq4iVdt9vtwrfcgoUsgQtZK
p2iNuzVvQ1/xd9Zn4F1l8nSsSobaqZf2FlQEH8DJ64++Ph/MO3duB8oCvHWP7uoD
D5Z7sWTzu8FPxvMN+hIOUKry5sl5EyK3PITo04igMm97avBWSxNhDq24mA3YG3L8
J80jT2VvRYeX7bYzm4JpJK1fvSECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTN+lEf
R8R0kD4giipZu9ygvIxwijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQBiGWPhtN1OAOTmw0Hj5M7VRHapRILqbqljbkeiCYDT
3suxDFJBKmMLu3I6fmoxELPfHZwCioI5ULhFFIkXsATMqy/Ap0kUt/tUBhrBuVwQ
tIX8gstrS1tgPPvpQthn6oQgNvEpQ2ulzFQr5Lpe2XfE/wxic31hPTwdOFnVU8Ax
u/mwThHx4Ui1SON+7Rfy6Qdm2kTyjLGcqEXSLdhQBeHDJYyPF3khoVXr2BJtKU30
286gZakA9PLlmk7iQ0oaAkPpKD6ANhxQ9Oyf6aGRBXwmOCK2aIrkaLFXoFSU25gG
OWHuxQR2yu9cLcapkoCO8U3lxU6icppdmZDo/R0BSNcC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net