Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
File: 262e824a-a2cb-4415-9ee1-bbfcf897df99.roa (raw, json)
Hash identifier: WOX8EX/1uDMqFTz7Ralmo4Owac+IPBZjt3zgX89X2x0=
Subject key identifier: 9A:10:41:AC:F0:E4:F0:85:E7:A4:6D:A4:05:E8:B5:93:A4:2B:01:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72F019250E64C2FD43C635628A3C1F12F9360ED5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f0:19:25:0e:64:c2:fd:43:c6:35:62:8a:3c:1f:12:f9:36:0e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=1b80bbda64dc5bd209061ff43ec89a90beb2658280be6f97de2113c6f74a4fbe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:a3:77:92:bf:28:80:57:5c:63:4d:46:ee:
ad:dc:c8:60:11:22:85:79:a4:03:ac:31:95:c3:64:
0f:14:e4:f8:4a:1f:9f:b8:ce:b0:91:d6:44:9f:c8:
24:20:4f:c8:11:26:3a:ad:90:19:17:a4:7d:c6:04:
84:a2:59:4a:d4:ef:af:13:0e:17:c2:12:30:6f:6b:
9c:ef:88:a2:5d:7d:d2:1d:7b:27:ba:8d:d0:24:9f:
f1:e9:98:8d:0a:ad:a6:8b:21:67:de:ee:8d:11:ae:
4c:03:d9:ab:6b:da:93:a7:bb:19:10:76:8c:50:d5:
ad:ff:08:4a:d8:ea:4e:28:87:e5:d1:a5:02:8e:30:
02:af:8e:f1:8e:26:64:db:01:4e:a6:37:e5:df:b8:
59:1f:44:ef:75:dd:17:0e:e6:ef:92:eb:46:5b:f7:
d1:79:67:f4:e8:e9:c2:df:35:ec:5d:17:7d:e4:6e:
ca:6e:48:16:89:3b:03:f0:cc:d9:83:5a:67:74:de:
08:89:ce:54:41:a3:73:b0:3d:a6:2f:b6:06:e3:40:
91:26:c6:dd:94:c8:5f:b5:96:42:61:89:d0:16:1b:
63:da:46:a1:c6:84:18:30:91:6e:d4:07:9a:bd:67:
5f:10:e9:73:24:d9:66:59:a8:1c:46:db:87:b7:58:
ab:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:10:41:AC:F0:E4:F0:85:E7:A4:6D:A4:05:E8:B5:93:A4:2B:01:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:e3:61:7b:5c:7f:3c:0b:e1:48:7f:58:18:1c:a9:bf:d6:64:
aa:15:64:27:5d:d8:35:16:6b:82:15:05:69:ae:bd:69:23:81:
ae:0b:23:71:af:3f:8b:a6:42:7d:4f:42:ea:0a:d2:49:16:a7:
73:9b:ce:48:2f:72:3f:ca:7a:07:e0:4b:6d:da:a0:98:8b:11:
df:67:e5:3e:0e:ff:c2:66:55:fe:87:e2:0b:b4:47:eb:01:20:
07:0e:6b:e3:6a:c7:98:c4:ee:cf:25:a6:54:b1:8d:02:22:de:
5e:95:03:df:dd:68:1c:72:94:8a:f0:3b:f8:43:c1:e8:a5:02:
80:a6:cf:3d:dc:d2:82:7e:7f:dd:71:f0:34:f4:6a:7d:8d:b0:
58:d8:5f:de:d4:58:7a:5e:bc:2c:83:ba:54:8b:e8:ce:fd:a4:
c7:3a:32:ef:d2:90:f8:a0:78:91:f4:e2:2f:0f:a1:d2:2c:23:
34:26:62:cf:06:7d:28:98:1b:49:b9:05:e3:7b:db:c0:b2:06:
4e:b0:b2:c5:b9:bd:16:48:80:cc:31:8a:2f:0f:d0:f0:fa:c7:
1b:0a:bd:cf:ee:86:0f:08:c4:28:ca:b3:bb:5a:36:89:a6:c6:
e8:17:4b:78:62:7a:bc:27:99:f5:09:6d:6d:80:15:23:4a:23:
e5:84:a0:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcvAZJQ5kwv1DxjViijwfEvk2DtUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiODBiYmRhNjRkYzViZDIwOTA2MWZmNDNlYzg5YTkwYmViMjY1ODI4MGJl
NmY5N2RlMjExM2M2Zjc0YTRmYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh6o3eSvyiAV1xjTUburdzIYBEihXmkA6wxlcNkDxTk+Eofn7jOsJHWRJ/I
JCBPyBEmOq2QGRekfcYEhKJZStTvrxMOF8ISMG9rnO+Iol190h17J7qN0CSf8emY
jQqtposhZ97ujRGuTAPZq2vak6e7GRB2jFDVrf8IStjqTiiH5dGlAo4wAq+O8Y4m
ZNsBTqY35d+4WR9E73XdFw7m75LrRlv30Xln9Ojpwt817F0XfeRuym5IFok7A/DM
2YNaZ3TeCInOVEGjc7A9pi+2BuNAkSbG3ZTIX7WWQmGJ0BYbY9pGocaEGDCRbtQH
mr1nXxDpcyTZZlmoHEbbh7dYq7cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSaEEGs
8OTwheekbaQF6LWTpCsBCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjYyZTgyNGEtYTJjYi00NDE1LTllZTEtYmJmY2Y4OTdkZjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ42F7XH88C+FIf1gYHKm/1mSqFWQnXdg1FmuCFQVp
rr1pI4GuCyNxrz+LpkJ9T0LqCtJJFqdzm85IL3I/ynoH4Ett2qCYixHfZ+U+Dv/C
ZlX+h+ILtEfrASAHDmvjaseYxO7PJaZUsY0CIt5elQPf3WgccpSK8Dv4Q8HopQKA
ps893NKCfn/dcfA09Gp9jbBY2F/e1Fh6Xrwsg7pUi+jO/aTHOjLv0pD4oHiR9OIv
D6HSLCM0JmLPBn0omBtJuQXje9vAsgZOsLLFub0WSIDMMYovD9Dw+scbCr3P7oYP
CMQoyrO7WjaJpsboF0t4Ynq8J5n1CW1tgBUjSiPlhKBo
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net