Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json)
Hash identifier: ZxS84aiEyTB4DJxYCbf7IZQm82Iw3Q8AffEnMpp6c5A=
Subject key identifier: B0:50:F4:70:6C:7F:A4:53:AD:7B:2A:39:E5:4D:22:EC:81:A8:BD:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C3ECAFF0E16D41BA8853815B9CE0CD7929D9AF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
Signing time: Mon 31 Mar 2025 21:40:15 +0000
ROA not before: Mon 31 Mar 2025 21:40:15 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:3e:ca:ff:0e:16:d4:1b:a8:85:38:15:b9:ce:0c:d7:92:9d:9a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:40:15 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=b8a09292c1e5692b31b30410ee33ed5a7c53e3e5aec3e639a64bf56d7dbac35d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:32:b5:c9:30:ab:e7:ef:d7:e4:0e:05:ac:e6:
65:e1:ac:ab:df:c3:4d:ec:00:01:ff:7b:96:ad:7b:
a0:fa:9b:95:35:fe:5c:72:40:e8:6b:3f:48:a3:f2:
bd:61:6a:16:0c:62:f1:9e:c3:25:9e:58:7c:0c:d6:
15:da:06:d0:55:99:d6:46:1d:fe:1b:ce:c0:83:b7:
30:a7:41:47:67:d8:9b:2f:51:d9:a5:84:c5:8e:89:
48:85:d7:e5:4d:4b:76:90:8b:fb:09:ac:bb:02:4d:
21:82:04:98:ea:d6:3b:2e:3f:33:b1:49:ea:79:44:
9a:f7:e7:47:3d:9b:91:f7:6f:e0:b7:2b:ff:b8:b6:
74:65:25:88:a7:a8:74:9d:ed:2f:58:1e:63:f4:e5:
ca:1b:e9:fb:d5:31:6a:53:74:ee:2d:0d:cb:af:07:
30:a0:61:ea:ee:31:cc:3a:ac:b1:3b:60:00:8a:d5:
61:66:21:cd:22:4d:3c:e8:16:e3:aa:3b:3a:b9:4b:
36:25:40:b6:b0:73:e2:18:95:c3:37:5a:ee:1c:11:
62:28:b7:bd:9e:0f:45:d0:ed:5d:37:bb:5b:c2:4f:
7d:ea:fb:2b:b0:3a:54:11:8e:7d:39:e1:01:55:6f:
02:8a:36:2f:3f:b4:cd:b3:17:37:f0:99:af:0e:b2:
60:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:50:F4:70:6C:7F:A4:53:AD:7B:2A:39:E5:4D:22:EC:81:A8:BD:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:d1:4d:f1:2e:42:77:0f:2b:f9:69:80:67:cb:9b:7c:59:0a:
51:5a:9b:e9:56:be:34:86:ab:96:14:ff:75:53:1f:9a:10:cb:
fd:ae:5c:be:0a:8f:c7:75:58:0f:d1:f9:5d:c9:32:fb:1f:d7:
b7:81:2b:ba:11:39:3c:1d:80:79:76:76:2c:24:e6:4a:4f:cf:
8d:21:f0:61:d4:83:b6:b6:26:83:74:bb:0e:a6:34:d7:6d:7e:
41:99:32:5b:ce:ab:f6:10:ba:72:01:3b:c7:37:ef:ca:a9:68:
79:83:b4:26:b0:97:1d:fd:1e:9e:62:c0:d3:ac:ba:4e:8a:50:
d1:b6:8f:c5:6a:ca:f8:ab:d1:1b:07:77:8a:57:fe:a7:c2:e8:
ad:37:3e:18:98:f7:d0:f1:5f:a2:0b:ff:06:16:79:0c:bb:a6:
58:c6:da:f2:66:45:ff:d6:fa:0f:88:04:7c:c0:a5:18:55:b6:
0c:bd:f2:59:e8:35:64:9d:b9:e9:6d:6d:2b:15:d6:43:82:c5:
7e:80:99:6f:30:ef:91:94:16:7e:ee:f4:78:82:ae:c9:fb:e9:
34:a9:f4:2f:8e:f4:8d:1f:fd:0e:4a:72:af:95:af:a6:5d:1e:
c2:dd:f6:86:a0:1f:ca:78:1c:60:9c:9c:22:bd:a7:76:93:f9:
29:b2:b7:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHD7K/w4W1BuohTgVuc4M15KdmvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTQwMTVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4YTA5MjkyYzFlNTY5MmIzMWIzMDQxMGVlMzNlZDVhN2M1M2UzZTVhZWMz
ZTYzOWE2NGJmNTZkN2RiYWMzNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPIytckwq+fv1+QOBazmZeGsq9/DTewAAf97lq17oPqblTX+XHJA6Gs/SKPy
vWFqFgxi8Z7DJZ5YfAzWFdoG0FWZ1kYd/hvOwIO3MKdBR2fYmy9R2aWExY6JSIXX
5U1LdpCL+wmsuwJNIYIEmOrWOy4/M7FJ6nlEmvfnRz2bkfdv4Lcr/7i2dGUliKeo
dJ3tL1geY/Tlyhvp+9UxalN07i0Ny68HMKBh6u4xzDqssTtgAIrVYWYhzSJNPOgW
46o7OrlLNiVAtrBz4hiVwzda7hwRYii3vZ4PRdDtXTe7W8JPfer7K7A6VBGOfTnh
AVVvAoo2Lz+0zbMXN/CZrw6yYBMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSwUPRw
bH+kU617KjnlTSLsgai9bDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQAP0U3xLkJ3Dyv5aYBny5t8WQpRWpvpVr40hquWFP91
Ux+aEMv9rly+Co/HdVgP0fldyTL7H9e3gSu6ETk8HYB5dnYsJOZKT8+NIfBh1IO2
tiaDdLsOpjTXbX5BmTJbzqv2ELpyATvHN+/KqWh5g7QmsJcd/R6eYsDTrLpOilDR
to/Fasr4q9EbB3eKV/6nwuitNz4YmPfQ8V+iC/8GFnkMu6ZYxtryZkX/1voPiAR8
wKUYVbYMvfJZ6DVknbnpbW0rFdZDgsV+gJlvMO+RlBZ+7vR4gq7J++k0qfQvjvSN
H/0OSnKvla+mXR7C3faGoB/KeBxgnJwivad2k/kpsrc8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net