Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
File: 1dff7204-d968-4bb7-8e61-2db8925bf33e.roa (raw, json)
Hash identifier: UuNOKmErMS76eTd3OD5essf9+CzV2fDd4VTt1CSWj84=
Subject key identifier: 42:CF:AF:79:8C:6F:FE:A8:6E:4D:16:E3:72:FB:19:40:C7:0D:A3:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 783C900EB7687C575E7E09753184AA76D7333149
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:3c:90:0e:b7:68:7c:57:5e:7e:09:75:31:84:aa:76:d7:33:31:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=35c8b07073db72ab8ef12e170c41aa4adfb0ef77f96c9b53e4c78be2b9bd4bd2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:01:2a:3b:e8:31:20:d2:fc:4a:01:d4:d8:fc:
c3:6a:65:c4:2d:af:b8:48:ba:a7:3d:c4:59:7a:f6:
b2:35:14:18:b0:ac:2b:1a:e5:57:98:3c:24:c8:87:
fa:fe:dd:86:57:0c:8c:2a:09:93:9c:a7:eb:d8:ea:
07:eb:0c:af:82:a5:00:c4:3a:cf:97:e2:97:00:8a:
43:18:12:14:e5:89:7d:c1:7a:93:33:97:5b:b0:10:
72:79:25:4e:21:ae:1d:23:b3:a4:df:9d:36:b3:95:
11:6f:38:4f:33:2c:c2:8b:d3:9b:ba:d0:64:05:33:
9a:0e:7f:04:68:71:dd:72:67:b9:4c:f6:d8:fc:c3:
8a:47:a7:a6:1a:df:57:84:c3:37:d5:a2:ac:d0:af:
0e:41:88:2a:3d:c4:9e:4d:57:56:a9:84:fd:ea:ad:
a1:fa:0b:f7:98:da:7a:64:be:13:3f:c2:f0:6d:ba:
28:01:0d:08:b5:b1:ec:34:51:cd:c4:b4:de:4d:a9:
92:c2:85:c2:0a:46:54:5b:6d:3c:76:91:a4:66:fd:
f4:b3:6b:d3:20:99:1a:a2:22:ed:40:d0:1b:26:72:
50:e9:5b:c3:93:07:7b:fb:fe:35:57:8b:c3:9c:73:
61:a5:85:0c:52:a0:76:54:05:b8:94:9b:6b:89:fc:
38:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CF:AF:79:8C:6F:FE:A8:6E:4D:16:E3:72:FB:19:40:C7:0D:A3:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:35:c6:fa:d3:0e:41:99:6a:a7:93:fe:e9:81:64:95:e9:96:
2e:87:e9:40:12:2d:9b:c8:7a:9c:ec:da:cf:4c:d2:cb:b0:08:
78:3b:78:63:dc:b9:6e:bd:43:9f:60:9f:2a:27:e6:df:55:a3:
0c:43:dc:e7:5d:76:ed:9a:ef:37:36:7d:cb:e1:08:fe:2f:c5:
ee:b3:05:3f:36:95:9a:0e:9d:5d:7e:c2:91:6d:63:ff:f0:ef:
35:6c:65:85:b3:09:1b:91:a2:2b:f6:38:a6:ee:bc:fa:09:c4:
c0:6c:76:d1:25:bd:74:9b:6b:6b:14:f4:12:17:15:4a:d3:f7:
6f:e3:b5:f1:e3:89:96:49:cb:42:f4:81:6e:6d:55:2a:9f:85:
5e:3d:71:aa:b1:e2:14:22:f4:47:6d:af:0f:28:2b:61:ae:e7:
d9:d8:8b:f1:29:8f:9a:62:3c:a8:8e:99:13:36:5a:5a:0a:f7:
21:24:60:f4:9b:c0:d6:02:8e:62:e8:3b:05:ae:f4:ab:b8:3e:
fe:be:fa:cc:1f:b7:cd:d6:f6:41:5b:0c:4b:45:35:3a:38:55:
51:3e:06:83:36:bd:14:f7:07:4a:5f:58:09:76:21:d2:61:bf:
d1:c3:4b:f0:d2:e7:15:cb:66:0f:cc:db:6e:3b:2e:02:36:d6:
62:08:ea:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeDyQDrdofFdefgl1MYSqdtczMUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YzhiMDcwNzNkYjcyYWI4ZWYxMmUxNzBjNDFhYTRhZGZiMGVmNzdmOTZj
OWI1M2U0Yzc4YmUyYjliZDRiZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMBKjvoMSDS/EoB1Nj8w2plxC2vuEi6pz3EWXr2sjUUGLCsKxrlV5g8JMiH
+v7dhlcMjCoJk5yn69jqB+sMr4KlAMQ6z5filwCKQxgSFOWJfcF6kzOXW7AQcnkl
TiGuHSOzpN+dNrOVEW84TzMswovTm7rQZAUzmg5/BGhx3XJnuUz22PzDikenphrf
V4TDN9WirNCvDkGIKj3Enk1XVqmE/eqtofoL95jaemS+Ez/C8G26KAENCLWx7DRR
zcS03k2pksKFwgpGVFttPHaRpGb99LNr0yCZGqIi7UDQGyZyUOlbw5MHe/v+NVeL
w5xzYaWFDFKgdlQFuJSba4n8ODkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRCz695
jG/+qG5NFuNy+xlAxw2jkzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRmZjcyMDQtZDk2OC00YmI3LThlNjEtMmRiODkyNWJmMzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAPNcb60w5BmWqnk/7pgWSV6ZYuh+lAEi2byHqc7NrP
TNLLsAh4O3hj3LluvUOfYJ8qJ+bfVaMMQ9znXXbtmu83Nn3L4Qj+L8XuswU/NpWa
Dp1dfsKRbWP/8O81bGWFswkbkaIr9jim7rz6CcTAbHbRJb10m2trFPQSFxVK0/dv
47Xx44mWSctC9IFubVUqn4VePXGqseIUIvRHba8PKCthrufZ2IvxKY+aYjyojpkT
NlpaCvchJGD0m8DWAo5i6DsFrvSruD7+vvrMH7fN1vZBWwxLRTU6OFVRPgaDNr0U
9wdKX1gJdiHSYb/Rw0vw0ucVy2YPzNtuOy4CNtZiCOp7
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net