Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
File: 06aca655-45be-4c1b-a8aa-1f048326385e.roa (raw, json)
Hash identifier: AI0rYuCYZ4jvBVZa7AR1Vttes5gWNLLAfwTnaCqozS4=
Subject key identifier: 62:CA:2C:C7:34:C5:DF:4F:0E:51:C1:B3:C8:5A:34:FD:B1:07:7A:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D516301E1188E232D34EE4CA6DD1E236A301D2C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
Signing time: Fri 06 Dec 2024 00:00:00 +0000
ROA not before: Fri 06 Dec 2024 00:00:00 +0000
ROA not after: Fri 10 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:51:63:01:e1:18:8e:23:2d:34:ee:4c:a6:dd:1e:23:6a:30:1d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 6 00:00:00 2024 GMT
Not After : Jan 10 23:59:59 2025 GMT
Subject: serialNumber=02033c7c777dd1b2218f1c8af0f33bb05d1e575fada4293822d7686091e8824a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4a:45:87:98:55:cd:31:d1:57:86:b0:b4:cc:
e8:4d:f2:0f:a4:3a:13:0c:c1:9f:b6:79:f1:20:40:
ee:e9:a7:c0:f0:62:18:be:b7:d1:fc:0a:48:7b:89:
f3:03:ec:54:c7:bb:31:7f:26:9e:a7:43:ac:ad:b2:
5c:69:6e:28:a9:a0:8e:c9:ca:83:97:4e:eb:7c:3e:
ed:f7:23:79:c0:fe:35:80:c6:10:5d:07:b8:fb:e6:
70:e4:6b:5d:97:ec:00:60:8f:40:06:cf:7a:70:32:
7d:ba:31:cb:84:ac:78:b7:de:51:c4:07:f8:de:63:
81:35:49:89:bd:87:d7:4d:d1:a9:2f:0d:35:9d:5e:
df:8a:fc:85:b1:0e:17:11:55:cb:56:73:e2:9c:f4:
8c:6f:11:ae:2f:de:66:a8:d6:c5:1a:e8:72:c7:08:
a7:0f:14:e1:27:1f:22:21:12:71:ca:f3:42:4d:34:
0c:d7:0a:7c:1b:b8:88:42:a6:73:10:d6:40:60:b4:
8a:a4:f3:b4:76:e5:3b:63:28:32:8a:ad:28:86:db:
57:86:40:dd:59:fa:e3:87:08:4f:6f:f3:4c:31:a7:
0b:15:b3:71:bf:ff:fa:6c:41:1b:a7:de:27:24:22:
36:13:ec:01:9f:ad:e9:ff:54:e3:d0:75:37:02:77:
b5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:CA:2C:C7:34:C5:DF:4F:0E:51:C1:B3:C8:5A:34:FD:B1:07:7A:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
70:20:5d:57:00:ed:4f:e2:9e:69:54:d7:a0:50:3a:68:03:bd:
2a:71:e6:4c:79:7d:63:05:99:cd:33:13:23:67:af:9f:50:33:
05:9b:b9:6e:7e:25:7a:a8:68:c6:2b:8a:cd:c8:5b:ec:78:5a:
21:a8:45:09:82:58:ca:ae:78:dc:fe:34:11:b4:fc:92:33:c7:
77:ed:5e:42:70:3d:fd:28:d6:0c:d5:d8:92:8f:51:31:5e:97:
25:f2:b9:85:63:66:35:54:a8:c4:36:54:2c:35:8f:1b:be:1d:
97:9f:87:3e:42:e2:1f:0f:bb:de:23:fa:91:ac:b7:7a:ad:25:
e4:08:c6:28:6c:1f:c2:27:94:1e:a8:0c:9f:5f:aa:d0:77:5f:
c8:f9:2f:3d:ed:98:ef:31:c3:74:67:f4:1a:02:ed:f3:fb:1d:
55:1f:f6:4d:47:dc:5b:72:d0:79:2a:51:9f:08:af:c3:b9:2f:
d8:b2:57:00:9f:2b:26:14:c5:97:1f:86:ab:cf:ef:e4:a0:2d:
45:34:e3:e3:84:95:c8:4e:9f:26:50:9e:5d:24:6f:61:99:83:
d6:bb:00:dc:dc:4c:53:6f:2a:a2:c6:2e:56:fd:39:ec:79:b0:
b2:19:e5:c4:d1:f4:d7:ed:1b:46:31:8f:6d:b1:57:f0:3c:de:
86:52:28:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULVFjAeEYjiMtNO5Mpt0eI2owHSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDYwMDAwMDBaFw0yNTAxMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMDMzYzdjNzc3ZGQxYjIyMThmMWM4YWYwZjMzYmIwNWQxZTU3NWZhZGE0
MjkzODIyZDc2ODYwOTFlODgyNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdKRYeYVc0x0VeGsLTM6E3yD6Q6EwzBn7Z58SBA7umnwPBiGL630fwKSHuJ
8wPsVMe7MX8mnqdDrK2yXGluKKmgjsnKg5dO63w+7fcjecD+NYDGEF0HuPvmcORr
XZfsAGCPQAbPenAyfboxy4SseLfeUcQH+N5jgTVJib2H103RqS8NNZ1e34r8hbEO
FxFVy1Zz4pz0jG8Rri/eZqjWxRrocscIpw8U4ScfIiESccrzQk00DNcKfBu4iEKm
cxDWQGC0iqTztHblO2MoMoqtKIbbV4ZA3Vn644cIT2/zTDGnCxWzcb//+mxBG6fe
JyQiNhPsAZ+t6f9U49B1NwJ3teMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRiyizH
NMXfTw5RwbPIWjT9sQd6EDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZhY2E2NTUtNDViZS00YzFiLWE4YWEtMWYwNDgzMjYzODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQBwIF1XAO1P4p5pVNegUDpoA70qceZMeX1jBZnNMxMj
Z6+fUDMFm7lufiV6qGjGK4rNyFvseFohqEUJgljKrnjc/jQRtPySM8d37V5CcD39
KNYM1diSj1ExXpcl8rmFY2Y1VKjENlQsNY8bvh2Xn4c+QuIfD7veI/qRrLd6rSXk
CMYobB/CJ5QeqAyfX6rQd1/I+S897ZjvMcN0Z/QaAu3z+x1VH/ZNR9xbctB5KlGf
CK/DuS/YslcAnysmFMWXH4arz+/koC1FNOPjhJXITp8mUJ5dJG9hmYPWuwDc3ExT
byqixi5W/TnsebCyGeXE0fTX7RtGMY9tsVfwPN6GUih2
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net