Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
File: 47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa (raw, json)
Hash identifier: bGUIKYplP0ln//N0k3lFRlF3QkEV30kGd7WPuReibng=
Subject key identifier: 8D:6C:4D:0D:16:1C:89:A8:60:D0:5C:10:8F:7C:6A:BC:3D:8F:38:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A79B3DBEFEC0850521ABBBD56787A24F94D5CCA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:79:b3:db:ef:ec:08:50:52:1a:bb:bd:56:78:7a:24:f9:4d:5c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=5dc3231e9c46ae51976ecf8e6bf0a89a981d3c89d9e8ebbb58e85b19c472cd29, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dc:91:f0:ea:8c:a3:73:12:16:48:2b:99:f7:
06:04:91:4e:de:bf:ec:6f:b7:a3:fb:a0:43:62:a2:
03:43:e4:33:b0:05:0a:65:6e:9f:5c:1c:a6:a5:5c:
07:c5:9e:07:67:42:a5:13:99:3c:fa:b8:f2:be:9c:
83:41:53:ba:37:4b:e3:87:59:61:1d:2e:85:9d:0e:
51:fc:ab:bf:e6:1c:df:ec:ae:1b:fd:2b:ef:6b:7b:
a0:9a:5f:80:cc:91:69:de:b3:0b:f0:f7:97:23:f5:
2d:5c:ed:09:e1:b1:8c:a6:a5:44:97:a0:76:6f:84:
9d:ce:05:68:59:7b:0b:1c:80:e2:ff:d8:4d:5f:ad:
cb:ea:f0:7e:9e:64:23:ca:a9:c2:0f:e2:51:89:38:
50:5e:46:f0:4d:03:6b:79:6a:b4:49:c0:50:c2:6f:
f5:a9:0f:5e:fa:9d:ee:77:5f:b8:af:c6:08:fc:fe:
a5:98:21:a0:d2:a4:97:21:62:ea:98:09:27:9a:2e:
9c:4f:85:6c:03:4d:3a:dd:00:c8:c6:5e:96:57:45:
b5:c7:67:23:c8:dc:95:e0:ba:d1:e3:be:6c:b6:f5:
9b:67:6c:be:55:63:30:94:0b:cf:ee:ae:0d:98:39:
be:7e:0b:c8:bc:bf:15:e9:77:c3:5c:7a:52:f1:c4:
d6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:6C:4D:0D:16:1C:89:A8:60:D0:5C:10:8F:7C:6A:BC:3D:8F:38:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
64:bc:e2:8d:d9:bc:d3:57:d9:5f:cb:5a:de:60:2a:59:4b:c4:
20:e1:57:cd:a0:c3:54:b9:fd:81:4f:1a:3e:2e:e0:54:9c:b5:
34:84:48:51:73:9f:ce:12:e8:55:32:c3:43:80:dd:6a:59:ef:
97:49:89:b1:21:33:9e:6d:39:a4:7f:45:e3:5f:c2:91:f5:67:
96:02:8d:d4:73:81:06:17:26:d6:5c:40:70:7a:44:04:82:5f:
e4:e3:86:da:f0:f4:e2:c5:e4:7c:21:40:50:33:45:e5:b1:18:
5a:af:85:15:36:c2:4e:44:28:d0:28:29:fc:c9:6a:bf:42:5a:
aa:0a:d5:78:e4:d6:d5:dd:97:28:57:5a:10:85:c0:1e:55:22:
7f:51:1d:9d:30:39:0b:be:79:e7:ac:c2:d7:45:2c:f6:74:dd:
5d:08:58:4b:d9:75:45:26:b1:d1:60:25:4a:d7:5c:53:c9:33:
9e:44:ae:0b:f3:39:14:b4:37:d4:4b:d7:4a:b8:76:5a:7c:33:
ba:21:e9:35:d7:34:cd:20:1c:a1:ba:6b:3e:67:7a:3a:58:fe:
db:12:da:fb:06:c1:c3:7e:3d:07:1f:2d:e3:ca:8b:c4:e0:2a:
66:fe:de:89:46:1b:36:31:90:94:14:88:bc:97:b9:9b:11:b5:
30:11:f4:ed
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOnmz2+/sCFBSGru9Vnh6JPlNXMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYzMyMzFlOWM0NmFlNTE5NzZlY2Y4ZTZiZjBhODlhOTgxZDNjODlkOWU4
ZWJiYjU4ZTg1YjE5YzQ3MmNkMjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvckfDqjKNzEhZIK5n3BgSRTt6/7G+3o/ugQ2KiA0PkM7AFCmVun1wcpqVc
B8WeB2dCpROZPPq48r6cg0FTujdL44dZYR0uhZ0OUfyrv+Yc3+yuG/0r72t7oJpf
gMyRad6zC/D3lyP1LVztCeGxjKalRJegdm+Enc4FaFl7CxyA4v/YTV+ty+rwfp5k
I8qpwg/iUYk4UF5G8E0Da3lqtEnAUMJv9akPXvqd7ndfuK/GCPz+pZghoNKklyFi
6pgJJ5ounE+FbANNOt0AyMZelldFtcdnI8jcleC60eO+bLb1m2dsvlVjMJQLz+6u
DZg5vn4LyLy/Fel3w1x6UvHE1pUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSNbE0N
FhyJqGDQXBCPfGq8PY848jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDdlM2MzNWItNjJjZC00MTM5LWE5N2MtN2JmMGNlNDQwOTdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAZLzijdm801fZX8ta3mAqWUvEIOFXzaDDVLn9gU8a
Pi7gVJy1NIRIUXOfzhLoVTLDQ4Ddalnvl0mJsSEznm05pH9F41/CkfVnlgKN1HOB
Bhcm1lxAcHpEBIJf5OOG2vD04sXkfCFAUDNF5bEYWq+FFTbCTkQo0Cgp/Mlqv0Ja
qgrVeOTW1d2XKFdaEIXAHlUif1EdnTA5C75556zC10Us9nTdXQhYS9l1RSax0WAl
StdcU8kznkSuC/M5FLQ31EvXSrh2WnwzuiHpNdc0zSAcobprPmd6Olj+2xLa+wbB
w349Bx8t48qLxOAqZv7eiUYbNjGQlBSIvJe5mxG1MBH07Q==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net