Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
File: 49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa (raw, json)
Hash identifier: MefWa0bJzRw5+ZBOZt42mMPaQ+6Nbw3bOXEMooV8BRE=
Subject key identifier: 34:E4:1E:62:2E:EF:75:CF:C9:3D:B4:18:11:42:3D:CB:22:71:32:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 376F14E15B608BFF97242F4895F065ADC0371CCF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
Signing time: Fri 06 Dec 2024 00:00:00 +0000
ROA not before: Fri 06 Dec 2024 00:00:00 +0000
ROA not after: Fri 10 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:6f:14:e1:5b:60:8b:ff:97:24:2f:48:95:f0:65:ad:c0:37:1c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 6 00:00:00 2024 GMT
Not After : Jan 10 23:59:59 2025 GMT
Subject: serialNumber=fb5d90ff98dfa01f66f98d282743e9ac14f00b1fe00afef5ae0f0df35dd16b07, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:14:1a:22:bb:78:0e:16:6c:60:9a:1d:18:5c:
f0:02:d9:43:47:e7:eb:75:5d:a7:e6:31:38:bd:84:
49:d9:33:81:8b:79:1d:52:e7:58:f6:77:f4:43:6b:
36:d7:bb:d0:4e:25:16:f0:bf:f7:28:20:ae:80:b8:
96:b3:55:ad:d9:9d:df:ba:ca:a1:40:d6:2c:29:b6:
97:a3:bb:d4:d5:55:54:14:8d:5f:2f:c4:31:a5:99:
8b:53:c0:27:82:83:3d:77:ef:48:3f:b4:4c:18:56:
82:74:80:e9:2a:e1:8f:75:f1:32:bc:e2:5b:aa:ae:
63:e3:ea:7f:2f:77:aa:bb:24:ca:e2:17:de:55:9a:
28:a8:19:9e:98:f7:f8:76:31:cd:f7:2a:d1:0a:01:
45:8b:0a:7d:4c:21:ca:29:81:dd:4d:fb:e6:66:7d:
26:52:d3:32:81:75:33:80:e3:67:0f:04:0b:53:8b:
22:7f:83:ef:9f:26:36:f0:d4:38:a2:e4:79:32:25:
36:d1:74:2c:7d:ff:77:ee:70:1a:bd:5f:97:be:45:
d8:57:f9:70:f2:9c:94:41:06:e5:a7:8d:ac:44:7f:
fa:5b:0c:11:e1:e6:24:8e:ae:11:bb:90:03:8e:46:
c7:e6:62:de:b9:77:08:8f:f7:84:6f:06:90:ff:e1:
ca:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E4:1E:62:2E:EF:75:CF:C9:3D:B4:18:11:42:3D:CB:22:71:32:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:c8:57:af:5e:e5:7f:1b:ee:57:bf:34:52:83:e2:bd:00:9a:
cf:63:2b:66:3d:38:cc:53:8d:2e:19:d6:75:6d:b5:ae:c1:d1:
f9:43:e8:47:29:63:f6:f0:03:31:7f:09:fc:75:a2:aa:b4:17:
31:35:ac:ec:72:1f:77:c6:04:3b:07:92:7e:cd:11:7b:29:4c:
89:c2:21:95:ac:b5:e6:c3:8a:c7:36:50:09:c0:3e:68:e5:43:
a7:7b:2a:c5:17:95:db:83:c5:9e:5f:08:1d:87:a4:89:32:47:
8c:e8:fb:03:d8:8e:79:e1:5c:39:c7:71:b4:f4:d1:5d:97:c8:
57:b1:37:2f:d4:04:00:de:a1:fb:31:25:80:6d:51:9e:7b:15:
b3:d7:68:be:75:22:0b:40:db:50:65:e5:5e:19:1a:4c:e5:7c:
b4:01:7e:bd:59:2a:d5:29:c8:2e:3f:31:ec:0d:e6:5f:e8:9c:
81:b9:30:2c:1a:6a:90:71:51:65:ba:79:9f:a2:7e:0f:c3:08:
42:01:39:d2:4c:59:32:5c:16:c9:aa:71:ca:aa:b2:a7:88:cb:
b9:29:8e:55:0f:ec:a1:93:f0:c6:9b:f8:82:dc:67:95:3d:69:
f1:97:ae:f7:1e:90:35:03:f8:21:55:9b:6a:0d:3f:89:a1:2b:
87:d2:2c:62
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN28U4Vtgi/+XJC9IlfBlrcA3HM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDYwMDAwMDBaFw0yNTAxMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNWQ5MGZmOThkZmEwMWY2NmY5OGQyODI3NDNlOWFjMTRmMDBiMWZlMDBh
ZmVmNWFlMGYwZGYzNWRkMTZiMDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwUGiK7eA4WbGCaHRhc8ALZQ0fn63Vdp+YxOL2ESdkzgYt5HVLnWPZ39ENr
Nte70E4lFvC/9yggroC4lrNVrdmd37rKoUDWLCm2l6O71NVVVBSNXy/EMaWZi1PA
J4KDPXfvSD+0TBhWgnSA6Srhj3XxMrziW6quY+Pqfy93qrskyuIX3lWaKKgZnpj3
+HYxzfcq0QoBRYsKfUwhyimB3U375mZ9JlLTMoF1M4DjZw8EC1OLIn+D758mNvDU
OKLkeTIlNtF0LH3/d+5wGr1fl75F2Ff5cPKclEEG5aeNrER/+lsMEeHmJI6uEbuQ
A45Gx+Zi3rl3CI/3hG8GkP/hyp0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ05B5i
Lu91z8k9tBgRQj3LInEyLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkwMTZjZjMtMjNjNS00YjE3LWIzZTktMWMzNmU2Y2FjMWUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBayFevXuV/G+5XvzRSg+K9AJrPYytmPTjMU40uGdZ1
bbWuwdH5Q+hHKWP28AMxfwn8daKqtBcxNazsch93xgQ7B5J+zRF7KUyJwiGVrLXm
w4rHNlAJwD5o5UOneyrFF5Xbg8WeXwgdh6SJMkeM6PsD2I554Vw5x3G09NFdl8hX
sTcv1AQA3qH7MSWAbVGeexWz12i+dSILQNtQZeVeGRpM5Xy0AX69WSrVKcguPzHs
DeZf6JyBuTAsGmqQcVFlunmfon4PwwhCATnSTFkyXBbJqnHKqrKniMu5KY5VD+yh
k/DGm/iC3GeVPWnxl673HpA1A/ghVZtqDT+JoSuH0ixi
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net