Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
File: 4153cd44-f090-48a5-bffc-3b2fed0e0348.roa (raw, json)
Hash identifier: EvqVbFoexupNacjz8Npi/yOhq5SyByWdC06JtHRmyfo=
Subject key identifier: 4B:E1:CB:7E:70:C5:B9:45:B7:1F:D7:F3:0D:C4:AB:2D:92:2B:3E:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 196ADB3D68E32C647A9C5B69D86115441A6B7307
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:6a:db:3d:68:e3:2c:64:7a:9c:5b:69:d8:61:15:44:1a:6b:73:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=62eb0eb72c4e7065afd0af73a206c88520385f94f0a3a686e66690933cbd06b4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:c1:06:36:48:2c:1b:90:41:2d:90:2e:d8:
c4:7e:d3:c8:76:97:6c:fc:ca:14:5a:67:e5:12:cc:
20:b9:ec:a0:8b:e5:86:a1:97:9f:51:6e:6e:ce:36:
8d:d4:93:c8:c3:2d:67:1f:37:94:b3:10:9b:1a:26:
d7:32:05:1a:29:c5:1a:db:af:d9:db:30:78:a5:b2:
49:aa:50:ba:c3:18:c4:9f:c1:a4:d2:d6:6d:97:50:
b6:59:fb:c1:0b:e9:da:b8:6f:a5:9f:2e:9e:b8:c7:
c7:34:26:9b:f1:00:65:8e:64:10:90:10:44:da:5d:
15:25:5b:c6:e4:67:93:76:32:88:2d:47:84:63:d0:
77:4b:c6:a5:a3:52:59:c3:2e:7f:0c:de:40:7c:6e:
e3:69:89:7c:31:a8:cc:97:ba:d2:a6:58:78:23:a7:
b2:bc:5d:47:00:98:0e:a1:9c:d0:31:a1:04:4d:58:
ef:38:4e:23:c5:bd:9c:f0:15:10:34:b8:9d:a2:b0:
b1:b7:74:a4:af:14:41:41:d6:4d:28:11:a3:3f:50:
3e:79:6a:39:62:15:bb:8f:6b:21:09:f3:4a:a4:d6:
bf:7f:ad:ad:63:53:36:c0:c1:fe:e4:c2:05:2f:de:
27:0d:23:d6:52:80:19:cb:ef:dd:0a:c0:0f:70:84:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E1:CB:7E:70:C5:B9:45:B7:1F:D7:F3:0D:C4:AB:2D:92:2B:3E:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
74:74:c9:ad:6f:48:5a:0b:4b:46:e7:74:22:88:52:57:3d:4d:
aa:42:ad:4e:4d:45:dd:44:cf:54:67:40:68:45:a8:f1:70:a6:
3b:d6:3e:f0:d8:9a:bd:ef:77:3b:2f:1e:68:82:f7:3a:71:ab:
b5:51:3e:cb:3b:bf:a7:09:c6:03:ae:8c:dc:d9:7f:42:97:f8:
e3:9b:9a:2e:65:e3:d7:52:05:16:fc:2d:c0:d4:23:ed:22:f7:
7f:3e:bd:3a:d1:25:a4:89:1f:96:81:b8:8f:79:ed:38:df:af:
33:a0:33:67:98:5e:f8:ec:46:08:05:48:d8:c1:62:30:20:45:
8e:65:ad:dd:97:81:3c:71:3f:57:7c:e4:c5:03:36:3c:15:03:
ee:e0:73:3d:aa:8b:06:10:d4:a0:f0:7b:99:d4:bc:49:a3:cd:
43:d1:84:b3:5c:d0:71:5e:fc:a3:20:ff:20:81:2c:c0:07:dc:
de:10:53:98:24:63:e5:e1:2f:55:00:1a:6c:8d:0e:ef:3e:0b:
84:ec:6a:56:df:71:63:25:8a:d8:30:d6:f1:25:85:6b:43:f9:
c9:00:13:18:95:d4:73:eb:02:7a:96:1b:ba:e6:05:69:8a:82:
e0:56:cc:0e:03:ff:3f:66:f0:11:4f:fd:61:b4:e7:7d:8a:72:
de:0f:25:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGWrbPWjjLGR6nFtp2GEVRBprcwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZWIwZWI3MmM0ZTcwNjVhZmQwYWY3M2EyMDZjODg1MjAzODVmOTRmMGEz
YTY4NmU2NjY5MDkzM2NiZDA2YjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdOwQY2SCwbkEEtkC7YxH7TyHaXbPzKFFpn5RLMILnsoIvlhqGXn1Fubs42
jdSTyMMtZx83lLMQmxom1zIFGinFGtuv2dsweKWySapQusMYxJ/BpNLWbZdQtln7
wQvp2rhvpZ8unrjHxzQmm/EAZY5kEJAQRNpdFSVbxuRnk3YyiC1HhGPQd0vGpaNS
WcMufwzeQHxu42mJfDGozJe60qZYeCOnsrxdRwCYDqGc0DGhBE1Y7zhOI8W9nPAV
EDS4naKwsbd0pK8UQUHWTSgRoz9QPnlqOWIVu49rIQnzSqTWv3+trWNTNsDB/uTC
BS/eJw0j1lKAGcvv3QrAD3CEYz8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRL4ct+
cMW5Rbcf1/MNxKstkis+ozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE1M2NkNDQtZjA5MC00OGE1LWJmZmMtM2IyZmVkMGUwMzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQB0dMmtb0haC0tG53QiiFJXPU2qQq1OTUXdRM9UZ0Bo
RajxcKY71j7w2Jq973c7Lx5ogvc6cau1UT7LO7+nCcYDrozc2X9Cl/jjm5ouZePX
UgUW/C3A1CPtIvd/Pr060SWkiR+WgbiPee04368zoDNnmF747EYIBUjYwWIwIEWO
Za3dl4E8cT9XfOTFAzY8FQPu4HM9qosGENSg8HuZ1LxJo81D0YSzXNBxXvyjIP8g
gSzAB9zeEFOYJGPl4S9VABpsjQ7vPguE7GpW33FjJYrYMNbxJYVrQ/nJABMYldRz
6wJ6lhu65gVpioLgVswOA/8/ZvART/1htOd9inLeDyV7
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net