Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
File: 3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa (raw, json)
Hash identifier: AVo9Fl4OrIjT6xXbxqHMH8Exp0Xfe0efLM6hCgVMOYE=
Subject key identifier: C3:31:29:5D:C7:9B:9C:6F:36:39:37:36:7B:12:E7:53:71:22:C3:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0ED7F91251826043720F5A480664BC56340C3416
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:d7:f9:12:51:82:60:43:72:0f:5a:48:06:64:bc:56:34:0c:34:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=fa199964f7c498772b9cb6bd09f15539acf4a214b35fd4c251ab1e1f8a227c76, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ef:19:18:7f:cf:58:c6:f7:d6:4f:34:12:9e:
2a:f0:6f:3e:b0:de:33:17:e2:42:86:b3:d0:3c:0d:
b9:e5:4f:17:cf:25:4a:a9:f1:e2:69:6b:61:18:46:
bc:7f:a0:66:2c:01:52:1a:22:78:fd:da:af:a5:8b:
ae:39:2a:2f:49:bf:15:13:5b:94:a6:97:78:3c:0c:
d0:f6:b3:ba:15:19:b7:7f:45:41:cf:39:da:79:5d:
5d:cd:90:a7:04:51:e5:79:00:23:d2:71:a1:20:f8:
17:a1:31:5c:b6:d2:76:9e:2c:5d:ab:80:d1:5d:2b:
49:30:a2:1b:ab:9c:f5:ec:3d:44:53:a0:2b:79:84:
16:ef:1e:64:98:50:b1:f4:f7:7f:3b:37:3b:17:3a:
97:5b:85:b8:6f:79:22:11:29:57:8a:84:d1:9b:30:
57:39:b4:d3:96:5b:37:cd:36:ff:74:41:13:8f:25:
2c:c0:9e:c7:41:ea:f9:24:77:24:64:5f:32:13:0b:
4f:67:dc:cf:87:52:5b:d1:74:99:40:b0:00:ba:9b:
00:1c:8b:46:d5:2c:92:1e:aa:86:6f:d2:52:7e:2d:
d3:9e:91:bd:62:c7:75:8e:eb:af:f4:d0:16:a0:22:
4b:1a:c5:c9:52:d7:5e:ce:c7:37:5d:bd:7f:3c:70:
6d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:31:29:5D:C7:9B:9C:6F:36:39:37:36:7B:12:E7:53:71:22:C3:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:73:82:6b:c5:9c:3f:ed:46:7b:2f:be:5c:5f:ae:86:7b:59:
81:4b:89:b6:d9:f1:3d:df:60:f3:7e:f6:01:bd:6b:0f:bc:e2:
0d:cc:d7:8f:bd:6c:20:a6:01:1d:40:f2:9e:82:7b:fd:f1:d9:
c1:3e:e6:af:f9:d8:da:d5:86:4a:ef:83:97:cb:ef:91:04:01:
b5:95:9e:69:3e:bf:a3:4c:c6:8f:bf:72:e4:aa:4b:72:90:f4:
40:88:bb:a5:3a:21:0a:f6:45:56:5b:ad:eb:0d:9f:49:5c:9b:
66:ed:67:9f:ad:e8:a0:f2:c0:b1:8d:58:7b:74:76:25:9d:2b:
6e:5d:42:56:c7:4d:f8:72:f1:1e:ea:6c:30:e3:b4:e2:91:96:
7f:51:95:ab:3b:a1:5b:05:eb:36:54:de:01:09:5a:c5:8b:d9:
18:18:82:b7:18:72:c2:45:4e:4d:ef:e9:1e:dd:71:46:0b:58:
24:98:d1:1f:db:20:1e:d8:84:7d:9a:7a:28:8e:4b:0e:d1:8c:
84:8b:36:91:21:a1:f3:55:1a:3c:e4:db:c0:35:0d:ff:37:39:
7d:3d:35:de:83:dc:84:8b:96:c3:1c:ca:4f:ce:20:51:39:eb:
fc:2d:db:48:19:c5:f2:26:5e:65:c5:5f:5b:a4:31:0d:17:09:
19:e3:1e:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDtf5ElGCYENyD1pIBmS8VjQMNBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMTk5OTY0ZjdjNDk4NzcyYjljYjZiZDA5ZjE1NTM5YWNmNGEyMTRiMzVm
ZDRjMjUxYWIxZTFmOGEyMjdjNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvvGRh/z1jG99ZPNBKeKvBvPrDeMxfiQoaz0DwNueVPF88lSqnx4mlrYRhG
vH+gZiwBUhoieP3ar6WLrjkqL0m/FRNblKaXeDwM0PazuhUZt39FQc852nldXc2Q
pwRR5XkAI9JxoSD4F6ExXLbSdp4sXauA0V0rSTCiG6uc9ew9RFOgK3mEFu8eZJhQ
sfT3fzs3Oxc6l1uFuG95IhEpV4qE0ZswVzm005ZbN802/3RBE48lLMCex0Hq+SR3
JGRfMhMLT2fcz4dSW9F0mUCwALqbAByLRtUskh6qhm/SUn4t056RvWLHdY7rr/TQ
FqAiSxrFyVLXXs7HN129fzxwbcECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTDMSld
x5ucbzY5NzZ7EudTcSLDljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I3ZDJkYzktYThhMy00Zjc5LWI5ZmQtMWFhY2Y0ZjQzNzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBec4JrxZw/7UZ7L75cX66Ge1mBS4m22fE932DzfvYB
vWsPvOINzNePvWwgpgEdQPKegnv98dnBPuav+dja1YZK74OXy++RBAG1lZ5pPr+j
TMaPv3LkqktykPRAiLulOiEK9kVWW63rDZ9JXJtm7Wefreig8sCxjVh7dHYlnStu
XUJWx034cvEe6mww47TikZZ/UZWrO6FbBes2VN4BCVrFi9kYGIK3GHLCRU5N7+ke
3XFGC1gkmNEf2yAe2IR9mnoojksO0YyEizaRIaHzVRo85NvANQ3/Nzl9PTXeg9yE
i5bDHMpPziBROev8LdtIGcXyJl5lxV9bpDENFwkZ4x6i
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net