Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
File: 2f7f4c52-3c37-4945-a2de-eb95981a27af.roa (raw, json)
Hash identifier: xN8WacKcp03fdJ+oM/p36prgttLT9JjVIUlF5N1AFyA=
Subject key identifier: BB:C9:2C:53:7A:97:6F:BB:8F:5F:D6:FE:A2:76:F5:DC:25:63:0F:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6762AA6BED96A8DE033A2E1121CFE8D6A6B27B50
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:62:aa:6b:ed:96:a8:de:03:3a:2e:11:21:cf:e8:d6:a6:b2:7b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=7437d6a7ee3fb4e7384811401723229ebf06c6a647d3a0c61c7bdc5b68a2dbc2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:70:b2:cc:fe:2f:55:ab:35:2f:37:79:63:d6:
ab:f2:5a:76:1d:9a:a1:da:97:bc:5b:72:de:0c:03:
0e:87:de:de:35:42:e2:fa:4e:a9:f1:87:05:12:28:
b5:25:2f:30:55:06:b9:fa:ce:e1:2c:14:b0:cd:db:
85:e8:43:15:e2:24:91:ad:74:e7:3a:62:74:0c:4e:
0c:04:76:95:a9:1d:8f:f0:f7:ce:7f:96:53:26:78:
65:f1:66:2a:5c:03:aa:27:a3:eb:cc:44:27:d8:5c:
ae:f4:5b:f6:d7:16:49:6d:b2:9d:50:d5:5d:a6:d8:
52:e0:17:78:97:db:0a:e2:df:a9:21:e5:81:ce:70:
a3:f9:0f:37:56:9f:7d:59:60:aa:98:7c:c6:62:05:
11:ab:b9:b5:88:74:80:f0:26:75:6f:2f:54:ef:db:
6b:0c:f3:1e:41:10:14:12:e0:51:d9:8b:59:b8:0b:
62:8b:b9:62:09:70:37:73:ac:81:78:57:ca:e8:de:
5d:c8:b7:18:97:d7:2e:ea:96:51:2c:e3:29:79:7c:
f4:ad:4b:2e:00:c0:41:c1:60:7c:f1:71:86:78:d3:
e3:e2:ff:58:cb:30:de:02:02:a2:8f:93:d5:59:ae:
79:54:a4:2e:47:1f:e5:39:20:b0:fb:d2:23:76:11:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C9:2C:53:7A:97:6F:BB:8F:5F:D6:FE:A2:76:F5:DC:25:63:0F:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
c5:15:94:c3:e3:23:ef:90:59:ba:91:6d:d3:9b:d4:6b:a0:d1:
2c:9c:36:f0:32:c0:b1:e1:d2:64:59:6b:9a:7c:7a:f6:37:d2:
d5:2e:b6:e0:2d:90:20:33:e4:c9:13:82:d5:70:35:b2:68:f6:
d1:07:fc:6a:ef:0b:cd:0c:16:f1:f7:59:cf:22:e6:8e:3d:c9:
bf:65:e3:2c:be:7a:cc:1b:eb:76:2f:53:83:39:be:65:f4:25:
47:0c:6d:25:b7:6b:8e:b1:53:e5:db:c4:b4:2a:9c:fe:48:f4:
31:de:72:4d:07:ea:07:cb:07:e2:c1:c2:d7:23:18:9b:80:96:
ef:c4:0c:69:ec:4a:af:bb:94:73:00:2e:19:bb:cb:ef:c0:bf:
74:2f:e4:ec:5c:aa:45:49:ac:e0:26:24:02:a3:47:d1:ae:4b:
6e:97:f0:4f:07:d3:fe:cc:66:e1:a8:b9:05:0c:64:b4:a5:42:
df:1b:67:3c:f8:9c:1e:a4:50:97:e6:1d:28:8b:69:a1:9a:3d:
0f:3a:fb:2c:3f:2a:9f:ef:88:4e:8f:02:f4:dc:cd:ff:4c:79:
77:8c:76:b4:fe:2f:12:af:7a:ce:de:ed:77:4c:6c:2e:9e:36:
b5:d2:73:44:c0:bb:10:e6:16:6d:22:47:da:10:57:3d:ec:de:
7b:ac:7c:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ2Kqa+2WqN4DOi4RIc/o1qaye1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MzdkNmE3ZWUzZmI0ZTczODQ4MTE0MDE3MjMyMjllYmYwNmM2YTY0N2Qz
YTBjNjFjN2JkYzViNjhhMmRiYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBwssz+L1WrNS83eWPWq/Jadh2aodqXvFty3gwDDofe3jVC4vpOqfGHBRIo
tSUvMFUGufrO4SwUsM3bhehDFeIkka105zpidAxODAR2lakdj/D3zn+WUyZ4ZfFm
KlwDqiej68xEJ9hcrvRb9tcWSW2ynVDVXabYUuAXeJfbCuLfqSHlgc5wo/kPN1af
fVlgqph8xmIFEau5tYh0gPAmdW8vVO/bawzzHkEQFBLgUdmLWbgLYou5YglwN3Os
gXhXyujeXci3GJfXLuqWUSzjKXl89K1LLgDAQcFgfPFxhnjT4+L/WMsw3gICoo+T
1VmueVSkLkcf5TkgsPvSI3YRKWECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS7ySxT
epdvu49f1v6idvXcJWMP3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmY3ZjRjNTItM2MzNy00OTQ1LWEyZGUtZWI5NTk4MWEyN2FmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAxRWUw+Mj75BZupFt05vUa6DRLJw28DLAseHSZFlr
mnx69jfS1S624C2QIDPkyROC1XA1smj20Qf8au8LzQwW8fdZzyLmjj3Jv2XjLL56
zBvrdi9Tgzm+ZfQlRwxtJbdrjrFT5dvEtCqc/kj0Md5yTQfqB8sH4sHC1yMYm4CW
78QMaexKr7uUcwAuGbvL78C/dC/k7FyqRUms4CYkAqNH0a5LbpfwTwfT/sxm4ai5
BQxktKVC3xtnPPicHqRQl+YdKItpoZo9Dzr7LD8qn++ITo8C9NzN/0x5d4x2tP4v
Eq96zt7td0xsLp42tdJzRMC7EOYWbSJH2hBXPezee6x8PQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net