Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: DVsYlreLg7iniGpCcwsPx6XDsOIuy7XIUjgXqMeCBBA=
Subject key identifier: E8:16:18:96:62:9B:5A:F9:19:9D:2D:10:F0:B0:BE:2E:19:61:3A:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D26AB757CCE0DFC1247DD4A661E5A77D2C5ADD4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:26:ab:75:7c:ce:0d:fc:12:47:dd:4a:66:1e:5a:77:d2:c5:ad:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=5446c1db7def187f7baf2cd402e0d05a85b6f05b56581ff1afcf9dafeeadd166, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f4:23:4f:15:28:b7:c9:6a:6a:e4:2e:07:4c:
7d:53:c5:ab:a6:19:15:0e:93:c4:8c:d3:8b:b1:c7:
a6:40:2c:37:d0:83:19:01:40:fc:d1:19:62:2a:2a:
3d:07:ab:2a:a2:67:61:b3:c0:31:23:6f:63:cd:dd:
48:45:b6:1c:e2:f4:ff:ef:9c:85:5c:46:1e:f7:0f:
30:8f:8c:a8:01:58:2d:f1:4f:96:0b:96:ae:ad:93:
52:93:59:e7:cb:c6:a3:b1:7e:bd:7c:16:13:c9:27:
53:ba:5a:c6:37:a2:aa:ee:1f:fe:fc:7e:4b:c4:80:
97:00:85:87:a8:aa:8d:b0:c8:ba:2a:5a:03:a3:e7:
81:da:c8:6a:dc:a7:09:a8:5e:a4:c1:7d:b8:63:29:
9f:cf:30:06:e8:15:37:82:bf:e6:30:df:49:b4:3a:
55:9c:e1:28:9f:05:63:fa:9e:59:7c:84:1f:63:5e:
99:a9:4c:85:f9:57:3e:95:43:05:32:3c:75:5f:9a:
41:8e:2f:f7:bc:ed:c8:f8:f0:4d:06:30:16:6b:e7:
c2:27:5b:38:d4:18:ab:8b:a8:0c:9f:55:f0:ec:72:
9e:a6:1f:66:87:de:a8:c2:cc:5d:90:c9:68:50:00:
91:4a:31:09:5a:bf:c7:55:48:c1:ac:91:ed:66:f2:
97:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:16:18:96:62:9B:5A:F9:19:9D:2D:10:F0:B0:BE:2E:19:61:3A:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:43:f9:f6:3d:62:59:02:2c:e2:c2:53:de:6c:45:40:e7:2a:
75:93:b1:67:15:03:3a:fb:17:bf:c9:8a:90:c2:7c:83:b9:2f:
15:c8:e5:32:13:43:e1:be:a0:ea:e7:83:25:07:0a:f3:9c:a9:
20:76:86:54:6d:97:2a:85:d3:f2:e7:c6:32:dd:6e:8f:64:4e:
46:c8:78:75:ec:17:7f:31:04:17:34:9d:b6:79:bd:6d:0d:77:
5c:b6:f9:a5:df:95:19:ea:2a:1b:e0:1e:23:13:55:93:13:55:
ed:2d:78:49:f8:74:b5:38:21:d5:38:d9:d2:95:79:08:e9:55:
45:7e:f5:42:6a:fb:f1:28:79:d6:67:fd:15:fc:3f:f4:46:29:
09:86:ca:8e:e9:6e:13:15:37:af:78:34:18:3e:6d:a8:a6:b3:
45:bb:5c:aa:78:5c:14:8e:ec:d4:cb:1a:09:b8:fc:3c:bc:6b:
74:f1:bd:7c:fe:98:80:92:d2:df:1d:3a:83:22:cb:42:ec:00:
3a:c7:4b:11:be:62:5a:b3:60:62:5b:06:82:08:53:1f:cf:ab:
7d:d0:3d:a3:71:97:c7:a2:46:d5:2d:9d:70:4c:1b:d9:51:0a:
57:e2:21:b0:92:9b:02:44:fa:b2:41:16:dd:af:b0:94:5b:8f:
84:e0:d5:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXSardXzODfwSR91KZh5ad9LFrdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NDZjMWRiN2RlZjE4N2Y3YmFmMmNkNDAyZTBkMDVhODViNmYwNWI1NjU4
MWZmMWFmY2Y5ZGFmZWVhZGQxNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJH0I08VKLfJamrkLgdMfVPFq6YZFQ6TxIzTi7HHpkAsN9CDGQFA/NEZYioq
PQerKqJnYbPAMSNvY83dSEW2HOL0/++chVxGHvcPMI+MqAFYLfFPlguWrq2TUpNZ
58vGo7F+vXwWE8knU7paxjeiqu4f/vx+S8SAlwCFh6iqjbDIuipaA6PngdrIatyn
CahepMF9uGMpn88wBugVN4K/5jDfSbQ6VZzhKJ8FY/qeWXyEH2NemalMhflXPpVD
BTI8dV+aQY4v97ztyPjwTQYwFmvnwidbONQYq4uoDJ9V8OxynqYfZofeqMLMXZDJ
aFAAkUoxCVq/x1VIwayR7Wbyl1kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToFhiW
Ypta+RmdLRDwsL4uGWE6PDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQA2Q/n2PWJZAiziwlPebEVA5yp1k7FnFQM6+xe/yYqQ
wnyDuS8VyOUyE0PhvqDq54MlBwrznKkgdoZUbZcqhdPy58Yy3W6PZE5GyHh17Bd/
MQQXNJ22eb1tDXdctvml35UZ6iob4B4jE1WTE1XtLXhJ+HS1OCHVONnSlXkI6VVF
fvVCavvxKHnWZ/0V/D/0RikJhsqO6W4TFTeveDQYPm2oprNFu1yqeFwUjuzUyxoJ
uPw8vGt08b18/piAktLfHTqDIstC7AA6x0sRvmJas2BiWwaCCFMfz6t90D2jcZfH
okbVLZ1wTBvZUQpX4iGwkpsCRPqyQRbdr7CUW4+E4NU5
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:27 2025 by rpki-client