Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
File: 30196813-1f5f-45cc-801b-df800afa3d6d.roa (raw, json)
Hash identifier: 4KSCHeShW8/W8n6vW+RuZ95r0OwH8wu8CIl2ae+qXOk=
Subject key identifier: C3:AE:D9:1E:AF:42:1A:F6:EB:B4:A1:16:8C:05:83:7C:14:16:80:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75B6421FE9BC365969481511C0499301917DF7EE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:b6:42:1f:e9:bc:36:59:69:48:15:11:c0:49:93:01:91:7d:f7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=8570f647a65456d2b2f1f6252dea17b96ae0937b43f2003dded46deaad8b7682, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:3d:84:4b:ca:ce:1e:82:81:8c:b7:b8:a2:
bf:74:2d:4e:b2:fe:cc:7d:24:d6:18:1a:00:5a:c1:
23:29:a2:44:46:ec:40:10:7e:8f:b1:2a:0f:9f:f6:
a1:9f:b7:4d:9f:19:9a:7b:ae:a5:3f:7c:37:37:92:
09:2e:69:5a:a2:67:3d:30:cc:ae:82:65:2d:c3:0d:
d9:89:f8:f9:e5:17:9f:d9:1d:1e:a6:cd:ab:e5:73:
61:45:dd:b9:e2:71:26:42:fb:3c:e6:38:ab:75:f3:
88:13:bd:89:28:26:13:cd:a6:1f:db:71:3a:fc:b3:
27:43:34:eb:45:77:68:55:f9:e1:d4:d9:44:cc:ae:
5c:6a:78:8c:cf:40:f3:40:4f:98:73:dc:92:3f:21:
01:71:2a:c2:0d:50:a0:2e:67:3e:ee:05:7b:a7:2e:
9a:ce:75:c4:b6:7c:56:84:28:0b:25:07:f6:61:5d:
2f:9e:88:e0:19:d8:1e:af:3d:46:78:4a:82:5b:68:
de:25:83:c9:98:dc:36:d1:54:4d:38:33:40:be:d1:
d8:fa:51:f1:88:cf:8b:2e:d9:10:5d:df:0d:34:f1:
e1:01:da:1f:f9:1b:92:44:a8:93:11:38:74:2c:f3:
e7:c3:51:89:ee:8a:82:d8:83:f8:5b:c5:4e:95:ec:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AE:D9:1E:AF:42:1A:F6:EB:B4:A1:16:8C:05:83:7C:14:16:80:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:0c:42:2c:fd:a9:bc:d5:7e:39:e8:dd:79:ef:87:91:e1:89:
12:89:dd:36:a5:05:8c:70:7c:92:2d:e1:a1:8d:65:99:37:37:
b9:e9:4f:e0:49:bd:6b:2c:84:63:82:67:3c:92:05:b6:a7:bb:
84:13:d1:2e:06:0c:22:67:f4:8c:5c:0e:0d:3e:8a:29:04:52:
db:43:71:3f:c2:33:2b:b8:b3:36:c7:82:24:3c:d5:f1:03:0b:
9f:e4:6c:61:42:c7:a7:a3:5a:9a:fa:25:0e:5f:7a:b5:18:be:
0c:0f:34:a3:69:08:b5:73:a4:b6:ed:dc:ee:a1:65:51:2a:df:
f2:1d:e3:89:f5:ac:f0:22:f5:18:3b:0d:1a:c6:16:53:a4:bd:
97:63:cb:1a:ef:0c:a0:88:bb:00:7a:47:84:12:0b:e9:e6:ba:
89:fa:43:10:1a:19:f7:5d:a1:db:c1:74:8b:7b:95:89:4f:28:
95:23:a0:03:f3:93:0d:a7:1a:ed:69:a0:77:8d:be:1f:05:b2:
2f:89:fe:25:14:9f:f4:a6:c6:07:c6:d7:5e:2f:3a:4b:78:cc:
58:b4:0c:08:71:65:c3:6a:21:78:03:7c:c0:83:52:2f:3c:c3:
81:ba:25:1b:06:a9:3e:7b:2f:7c:3e:a0:95:11:f5:9a:ab:55:
f3:be:e9:bc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdbZCH+m8NllpSBURwEmTAZF99+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NzBmNjQ3YTY1NDU2ZDJiMmYxZjYyNTJkZWExN2I5NmFlMDkzN2I0M2Yy
MDAzZGRlZDQ2ZGVhYWQ4Yjc2ODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCwPYRLys4egoGMt7iiv3QtTrL+zH0k1hgaAFrBIymiREbsQBB+j7EqD5/2
oZ+3TZ8ZmnuupT98NzeSCS5pWqJnPTDMroJlLcMN2Yn4+eUXn9kdHqbNq+VzYUXd
ueJxJkL7POY4q3XziBO9iSgmE82mH9txOvyzJ0M060V3aFX54dTZRMyuXGp4jM9A
80BPmHPckj8hAXEqwg1QoC5nPu4Fe6cums51xLZ8VoQoCyUH9mFdL56I4BnYHq89
RnhKglto3iWDyZjcNtFUTTgzQL7R2PpR8YjPiy7ZEF3fDTTx4QHaH/kbkkSokxE4
dCzz58NRie6KgtiD+FvFTpXs1ekCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTDrtke
r0Ia9uu0oRaMBYN8FBaA3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzAxOTY4MTMtMWY1Zi00NWNjLTgwMWItZGY4MDBhZmEzZDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQBlDEIs/am81X456N1574eR4YkSid02pQWMcHySLeGh
jWWZNze56U/gSb1rLIRjgmc8kgW2p7uEE9EuBgwiZ/SMXA4NPoopBFLbQ3E/wjMr
uLM2x4IkPNXxAwuf5GxhQseno1qa+iUOX3q1GL4MDzSjaQi1c6S27dzuoWVRKt/y
HeOJ9azwIvUYOw0axhZTpL2XY8sa7wygiLsAekeEEgvp5rqJ+kMQGhn3XaHbwXSL
e5WJTyiVI6AD85MNpxrtaaB3jb4fBbIvif4lFJ/0psYHxtdeLzpLeMxYtAwIcWXD
aiF4A3zAg1IvPMOBuiUbBqk+ey98PqCVEfWaq1Xzvum8
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net