Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
File: 1fa4e984-a5f7-4c42-8d75-506f4844be77.roa (raw, json)
Hash identifier: JmcHr1ZhwbXumAYNCZoMV+h9biVVdxRY5aKoi/t+GPM=
Subject key identifier: AF:67:A5:6F:FF:26:D0:28:53:56:FB:2E:F2:C8:F1:1B:17:FD:7A:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 367AED7230977437F05B1EF6E5D7E85CDA818847
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:7a:ed:72:30:97:74:37:f0:5b:1e:f6:e5:d7:e8:5c:da:81:88:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=09b2c705987d1b785c4d14e225376e6efebf6b2afb11746e9bf42995b77c1c5f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0b:97:fe:01:ba:93:c4:6d:f0:82:db:f5:61:
ed:b3:95:55:0e:8b:56:85:a3:b8:ca:11:0a:a3:23:
8f:f9:5d:13:1c:46:09:59:eb:75:f9:00:0d:e5:fd:
7e:0d:76:f1:43:d5:53:09:0e:81:fe:30:40:c1:14:
ea:dc:3a:92:68:53:3c:53:ee:74:f4:ca:dd:16:e7:
54:3c:c2:73:02:f9:86:5a:33:17:c0:1d:47:7d:91:
6d:bc:f8:1c:19:a3:83:7f:ec:cc:02:3c:87:58:7e:
f4:4c:86:fd:fd:a6:83:84:ca:98:20:e0:b5:79:c5:
ad:4a:98:b6:57:fe:e4:94:68:c3:f5:03:40:cb:10:
e3:bc:02:2c:e4:16:c2:c8:ce:8e:ee:03:95:59:b2:
c9:23:12:bf:bd:09:8e:21:77:6c:4d:f8:9d:1d:a4:
a3:8a:c2:f4:4b:a0:ba:f5:9c:ba:cc:96:35:3c:33:
37:2d:99:c8:db:e4:9b:08:e1:e1:e7:a5:7c:17:ff:
14:72:64:ce:31:fd:f8:dd:84:f7:51:74:d5:68:62:
66:64:fb:5c:ec:5a:57:a1:14:88:dc:34:c6:b0:e3:
48:e9:af:75:9d:7c:03:29:bf:a9:1d:7a:84:20:86:
52:f7:a5:d9:38:48:d7:29:ba:e4:75:4e:72:00:f9:
7b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:67:A5:6F:FF:26:D0:28:53:56:FB:2E:F2:C8:F1:1B:17:FD:7A:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ac:94:fb:91:f0:4c:4f:63:c7:40:09:90:6a:64:71:4c:fd:9a:
52:9e:d4:65:83:5a:15:c1:84:1a:e3:4c:e1:be:9b:e2:2b:7c:
2a:74:c0:34:33:8b:3e:4d:72:ea:b5:fd:97:ef:c4:90:e6:7d:
bc:e6:2c:f6:ba:46:e1:da:55:eb:23:01:a6:b9:94:6d:aa:bf:
77:72:32:69:e4:a2:ec:c8:93:64:64:ae:ba:b5:1a:23:6c:35:
10:3f:b8:55:ad:63:59:5c:c2:76:5c:fa:43:f0:5d:ea:12:b1:
a1:7b:23:0a:f2:fa:f5:72:f3:5a:93:28:e2:1b:1d:cd:cc:fa:
08:ad:ac:b9:0a:c8:12:e5:12:07:98:e1:b0:4c:c6:9c:96:92:
cf:4c:b7:cf:a7:d3:7a:fa:d0:2b:8d:1f:03:88:95:78:06:50:
b5:dd:ed:14:43:41:ef:7d:cf:f3:db:25:41:12:23:f6:9b:b6:
7b:af:e5:a2:f5:ad:36:61:70:65:8d:7f:da:d9:16:a8:9c:02:
78:9d:a0:65:bc:74:1d:c6:84:42:e8:91:65:e5:dd:c7:6f:87:
18:1f:13:98:85:40:9e:e9:4d:2e:d8:f3:87:47:22:f7:64:5a:
f0:86:17:be:35:d5:46:54:12:d7:6f:65:3c:67:f3:a9:e4:06:
a0:fd:28:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNnrtcjCXdDfwWx725dfoXNqBiEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5YjJjNzA1OTg3ZDFiNzg1YzRkMTRlMjI1Mzc2ZTZlZmViZjZiMmFmYjEx
NzQ2ZTliZjQyOTk1Yjc3YzFjNWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkLl/4BupPEbfCC2/Vh7bOVVQ6LVoWjuMoRCqMjj/ldExxGCVnrdfkADeX9
fg128UPVUwkOgf4wQMEU6tw6kmhTPFPudPTK3RbnVDzCcwL5hlozF8AdR32Rbbz4
HBmjg3/szAI8h1h+9EyG/f2mg4TKmCDgtXnFrUqYtlf+5JRow/UDQMsQ47wCLOQW
wsjOju4DlVmyySMSv70JjiF3bE34nR2ko4rC9EuguvWcusyWNTwzNy2ZyNvkmwjh
4eelfBf/FHJkzjH9+N2E91F01WhiZmT7XOxaV6EUiNw0xrDjSOmvdZ18Aym/qR16
hCCGUvel2ThI1ym65HVOcgD5e+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvZ6Vv
/ybQKFNW+y7yyPEbF/16xzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNGU5ODQtYTVmNy00YzQyLThkNzUtNTA2ZjQ4NDRiZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQCslPuR8ExPY8dACZBqZHFM/ZpSntRlg1oVwYQa40zh
vpviK3wqdMA0M4s+TXLqtf2X78SQ5n285iz2ukbh2lXrIwGmuZRtqr93cjJp5KLs
yJNkZK66tRojbDUQP7hVrWNZXMJ2XPpD8F3qErGheyMK8vr1cvNakyjiGx3NzPoI
ray5CsgS5RIHmOGwTMaclpLPTLfPp9N6+tArjR8DiJV4BlC13e0UQ0Hvfc/z2yVB
EiP2m7Z7r+Wi9a02YXBljX/a2RaonAJ4naBlvHQdxoRC6JFl5d3Hb4cYHxOYhUCe
6U0u2POHRyL3ZFrwhhe+NdVGVBLXb2U8Z/Op5Aag/Six
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net