Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa
File: 220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa (raw, json)
Hash identifier: D5lLzdB0qWc1Sn9H3E/cvay7U9cEAUTwDfor+d074zU=
Subject key identifier: 6A:F4:7C:BD:56:DE:D1:7B:FD:D0:4D:8A:85:12:4E:6B:C4:A0:3B:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66B10A7D04C619CF09FD46C2CB1C609E3223E0BF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:b1:0a:7d:04:c6:19:cf:09:fd:46:c2:cb:1c:60:9e:32:23:e0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=9149e4ce967aa99ec426e52f144c977474e4deb564ecb5db16e82082f9019cf8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:61:c5:af:14:e8:1a:eb:0a:cb:e9:7d:bb:37:
9b:23:9a:09:56:16:94:15:73:ac:c4:73:53:88:9f:
94:76:5d:2a:01:43:f3:99:6a:14:91:2f:32:53:07:
ae:70:9e:9a:a3:cb:b2:1d:c1:29:ff:56:25:19:1a:
d8:43:4f:67:db:37:2c:e9:47:c5:d8:20:1c:7c:15:
38:cd:43:09:ce:a6:e3:39:1b:0b:25:ac:55:00:11:
50:7a:10:14:14:84:9f:cc:01:1b:48:be:8d:30:d6:
65:3d:a4:08:46:a9:5c:58:ff:2b:e2:91:e5:e1:bd:
1b:8d:bc:a5:42:53:89:67:a5:26:d5:67:d8:2f:79:
5b:4a:e0:35:9c:9d:e3:e8:c2:2c:6e:2a:f4:a4:fd:
5d:c2:1c:1b:c6:c2:f4:82:3b:ec:5b:dc:ea:a9:b1:
50:b8:79:a0:66:e2:b0:39:a9:b1:57:21:3e:e3:a9:
d8:f9:82:48:50:a7:95:72:03:49:bc:12:52:36:db:
15:e1:27:89:77:3a:61:01:f5:a8:80:73:73:d6:4b:
e5:9e:62:16:37:6d:01:1e:fd:62:f6:85:4b:6e:b1:
31:7b:ae:e6:15:67:f0:88:80:45:46:3f:bf:f1:0c:
a5:b0:06:55:d7:fa:9d:5e:24:49:e9:29:05:19:ee:
2b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F4:7C:BD:56:DE:D1:7B:FD:D0:4D:8A:85:12:4E:6B:C4:A0:3B:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:f7:3e:90:f3:dd:db:95:51:c0:d3:fc:53:7f:8c:7c:12:65:
7b:60:a5:81:bf:64:f0:02:f0:9f:41:59:5c:7f:19:b8:86:54:
2e:87:ad:f5:e9:3c:4c:17:c9:c1:45:89:85:48:64:9f:ae:f7:
eb:7b:ac:84:5e:65:05:e7:53:23:ce:2e:ad:b4:d5:dc:19:21:
03:e3:cb:14:84:17:f7:0c:45:aa:89:c2:16:2c:b5:7a:91:b6:
71:06:db:14:25:d1:cb:99:74:8e:29:59:a1:82:82:e8:19:6d:
15:b1:4f:a2:38:d7:b1:14:67:7b:e7:2d:22:a3:a3:af:9d:55:
fd:d3:24:c4:1f:4b:c1:9d:b6:11:71:79:6f:2c:39:46:85:25:
02:3a:a6:cb:73:92:6b:dd:69:da:25:f4:fd:cc:c1:2f:fd:35:
a1:37:ed:e0:71:bc:a1:f3:6f:7d:8d:ea:d1:ce:b4:03:aa:1c:
e3:cc:65:d5:fd:a4:3f:a1:f4:1d:8c:c0:1e:6a:cb:16:e5:e7:
1f:78:f1:f3:91:f9:5e:38:b5:6d:90:37:9c:89:ed:1c:92:ac:
30:c7:67:09:fb:b7:6a:8e:15:c2:7c:34:e6:89:cc:56:d0:65:
26:82:0f:7e:1d:3f:17:86:af:8c:5b:a6:a2:17:fa:f7:84:6a:
cd:66:ca:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZrEKfQTGGc8J/UbCyxxgnjIj4L8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxNDllNGNlOTY3YWE5OWVjNDI2ZTUyZjE0NGM5Nzc0NzRlNGRlYjU2NGVj
YjVkYjE2ZTgyMDgyZjkwMTljZjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJhxa8U6BrrCsvpfbs3myOaCVYWlBVzrMRzU4iflHZdKgFD85lqFJEvMlMH
rnCemqPLsh3BKf9WJRka2ENPZ9s3LOlHxdggHHwVOM1DCc6m4zkbCyWsVQARUHoQ
FBSEn8wBG0i+jTDWZT2kCEapXFj/K+KR5eG9G428pUJTiWelJtVn2C95W0rgNZyd
4+jCLG4q9KT9XcIcG8bC9II77Fvc6qmxULh5oGbisDmpsVchPuOp2PmCSFCnlXID
SbwSUjbbFeEniXc6YQH1qIBzc9ZL5Z5iFjdtAR79YvaFS26xMXuu5hVn8IiARUY/
v/EMpbAGVdf6nV4kSekpBRnuK98CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRq9Hy9
Vt7Re/3QTYqFEk5rxKA7yTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjIwZDc5ZGQtOGNjOC00NTNiLTllMzItMmQ3NmQwZGUzZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBd9z6Q893blVHA0/xTf4x8EmV7YKWBv2TwAvCfQVlc
fxm4hlQuh6316TxMF8nBRYmFSGSfrvfre6yEXmUF51Mjzi6ttNXcGSED48sUhBf3
DEWqicIWLLV6kbZxBtsUJdHLmXSOKVmhgoLoGW0VsU+iONexFGd75y0io6OvnVX9
0yTEH0vBnbYRcXlvLDlGhSUCOqbLc5Jr3WnaJfT9zMEv/TWhN+3gcbyh8299jerR
zrQDqhzjzGXV/aQ/ofQdjMAeassW5ecfePHzkfleOLVtkDecie0ckqwwx2cJ+7dq
jhXCfDTmicxW0GUmgg9+HT8Xhq+MW6aiF/r3hGrNZsqG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net