Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: zKCL+lMkZdPPWjlHcuqlmxXq7RE8nYjJau55TeBCyqg=
Subject key identifier: 5A:E7:29:5A:59:AC:0F:05:D4:5F:79:27:C1:2A:B2:AD:E5:2B:8F:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 186A8AA0C71A19E4BE612B37405F06D28828DE22
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Mon 17 Mar 2025 15:40:45 +0000
ROA not before: Mon 17 Mar 2025 15:40:45 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:6a:8a:a0:c7:1a:19:e4:be:61:2b:37:40:5f:06:d2:88:28:de:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:45 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8a:a4:32:c2:81:cf:22:c0:c9:df:7c:6b:cf:
4e:e7:b8:85:eb:b2:24:da:90:c9:51:1b:52:3d:5a:
f6:7b:05:35:59:19:b8:4d:7c:e6:a2:9f:87:56:0f:
88:38:a5:d8:ab:e1:dc:9c:44:cd:1f:20:9c:79:e9:
38:03:5e:cb:f6:7a:4e:e8:8f:fc:a5:58:fe:a0:13:
9e:34:8e:47:f9:6d:78:39:1b:0f:a6:47:e2:2c:46:
2d:5e:dc:f0:81:3c:62:f9:43:93:f7:b9:4f:bc:f6:
bb:92:bd:75:d5:4f:f0:dd:50:b8:d8:91:53:71:09:
73:3d:5e:95:b0:8b:1f:db:05:5d:44:30:4f:fb:ef:
24:2c:3a:cf:8e:d5:87:13:95:cc:cd:9a:cd:9e:a5:
ee:a2:c5:42:df:15:db:46:7f:83:59:56:6e:52:43:
b6:30:3a:9e:a0:25:17:89:c8:84:9d:9e:11:3f:a4:
15:31:92:87:57:fd:e4:48:4f:78:03:e8:5f:66:11:
3b:65:d3:4f:99:4c:92:51:70:51:9a:94:cf:22:73:
3d:47:5f:b8:5b:f2:9d:3d:ee:a3:99:64:9a:8d:3b:
0c:e4:8b:e7:51:17:81:6f:11:2b:f2:bd:d2:f6:a8:
f8:d9:f1:81:00:eb:3d:26:60:34:c5:ce:10:78:ee:
6f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E7:29:5A:59:AC:0F:05:D4:5F:79:27:C1:2A:B2:AD:E5:2B:8F:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:4c:a8:b9:df:fa:97:8b:8d:91:ce:fd:c2:6f:74:08:1a:c9:
71:e0:87:78:d2:84:d0:d9:39:82:19:a0:c8:f8:56:90:a2:14:
e5:35:c6:67:aa:6c:4a:4a:2c:47:f8:79:cb:22:8e:0d:d6:98:
bf:7a:af:fb:14:34:a7:84:6e:50:6e:44:66:2a:c1:3e:25:b7:
15:42:cd:34:98:38:47:f8:fe:c0:f5:a4:9c:0c:e3:73:b0:b1:
f9:c5:da:b2:c4:41:de:d9:64:4d:f1:6d:54:eb:86:bd:9d:05:
3f:dd:ec:ee:b0:0a:67:04:77:fc:2c:4f:82:d8:72:ee:08:a0:
50:73:a2:d0:0c:63:90:65:e0:ad:e7:5b:de:d3:30:76:b0:9e:
79:c1:a3:9e:db:69:58:3e:64:c5:40:99:94:00:cb:c6:83:46:
f1:24:cb:4f:46:cd:a9:c7:ac:bb:02:e4:f8:89:d5:13:cc:82:
fb:b2:5e:39:f0:4b:ea:aa:60:d7:84:3a:75:74:cb:28:c0:56:
82:37:a3:80:b9:57:bb:13:47:50:0d:61:00:b5:0f:1a:a6:0b:
67:11:92:24:69:d0:57:93:9b:b9:cc:24:50:d3:17:d9:06:0e:
ff:07:73:04:7a:46:5f:50:e6:48:ec:b4:d7:05:e3:7c:23:58:
49:9a:44:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGGqKoMcaGeS+YSs3QF8G0ogo3iIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwNDVaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkNWI2MzdlMDk0ZDRmZDUyMWJiMTNlMGJiNjAxZGU5ZWM2N2YwMjAyZTFh
OWI1ZTU4ZjNiODFlMDNiZTE4NTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+KpDLCgc8iwMnffGvPTue4heuyJNqQyVEbUj1a9nsFNVkZuE185qKfh1YP
iDil2Kvh3JxEzR8gnHnpOANey/Z6TuiP/KVY/qATnjSOR/lteDkbD6ZH4ixGLV7c
8IE8YvlDk/e5T7z2u5K9ddVP8N1QuNiRU3EJcz1elbCLH9sFXUQwT/vvJCw6z47V
hxOVzM2azZ6l7qLFQt8V20Z/g1lWblJDtjA6nqAlF4nIhJ2eET+kFTGSh1f95EhP
eAPoX2YRO2XTT5lMklFwUZqUzyJzPUdfuFvynT3uo5lkmo07DOSL51EXgW8RK/K9
0vao+NnxgQDrPSZgNMXOEHjub5kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRa5yla
WawPBdRfeSfBKrKt5SuPTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQBfTKi53/qXi42Rzv3Cb3QIGslx4Id40oTQ2TmCGaDI
+FaQohTlNcZnqmxKSixH+HnLIo4N1pi/eq/7FDSnhG5QbkRmKsE+JbcVQs00mDhH
+P7A9aScDONzsLH5xdqyxEHe2WRN8W1U64a9nQU/3ezusApnBHf8LE+C2HLuCKBQ
c6LQDGOQZeCt51ve0zB2sJ55waOe22lYPmTFQJmUAMvGg0bxJMtPRs2px6y7AuT4
idUTzIL7sl458EvqqmDXhDp1dMsowFaCN6OAuVe7E0dQDWEAtQ8apgtnEZIkadBX
k5u5zCRQ0xfZBg7/B3MEekZfUOZI7LTXBeN8I1hJmkRv
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:06:33 2025 by rpki-client