Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
File: 4dc4706c-5c38-4195-b396-c038125e8874.roa (raw, json)
Hash identifier: /LY3MLrnu+mT/lysNxeVMV1JPnbjxXbVXAzPIjkqGLs=
Subject key identifier: 52:E0:79:8A:23:9E:C1:C3:A1:5B:C6:9E:81:BD:D0:B2:A5:48:0B:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E036CBFC39FD4E18CC59D18454A72995B740F96
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:03:6c:bf:c3:9f:d4:e1:8c:c5:9d:18:45:4a:72:99:5b:74:0f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=76bae8fccfd02b8e51870d11e6debacb164ed396fb756fddf1d0a7c71cf6712c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f1:38:07:a5:83:64:5f:61:b6:85:d6:85:a1:
62:ad:2d:5b:e3:56:33:49:3d:c4:7e:4e:87:b6:05:
06:ef:12:a5:b4:d7:b1:9a:39:3b:2f:3f:d5:98:06:
0e:9d:ea:dd:e3:07:9e:b4:90:ac:03:0a:60:55:8c:
11:ec:4d:d7:db:8a:0b:17:37:da:cd:f5:07:32:f4:
3f:45:6a:56:1d:2c:b4:6f:92:53:8f:10:df:42:25:
8b:90:f4:96:6f:09:12:8f:35:f7:1d:10:14:40:26:
bd:be:15:e9:58:c6:f2:5e:26:5e:f8:ef:a7:11:83:
20:3a:8a:10:2f:65:38:6f:8f:84:28:7c:c8:b7:ba:
74:21:08:25:bb:6e:a8:32:90:7e:de:7c:87:aa:b9:
86:21:c2:3b:a7:a6:02:05:6e:2b:78:99:8a:c3:70:
00:20:d0:aa:c4:65:e0:eb:33:66:c8:91:8e:a8:f4:
7a:2d:94:3a:ff:85:d1:af:95:70:8e:5c:6f:23:0f:
5c:63:87:6d:05:89:96:58:17:77:ab:f4:22:8c:ff:
0e:52:64:f8:ea:87:8c:a2:a9:46:f0:c9:b2:22:58:
c5:09:d6:01:a4:b7:62:ba:24:b4:90:c4:05:84:f2:
b9:46:ac:58:ad:4f:13:3f:d8:68:18:b2:23:1b:fd:
7f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E0:79:8A:23:9E:C1:C3:A1:5B:C6:9E:81:BD:D0:B2:A5:48:0B:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:8c:e9:5f:a8:7c:28:64:09:17:98:7b:fd:c1:8a:1b:3f:7e:
80:98:58:4d:ca:38:a0:b2:79:26:87:45:6a:b6:e9:60:5b:db:
08:2d:6f:83:88:86:95:f2:56:30:b3:51:87:3b:b2:5e:90:80:
89:68:b0:f2:ee:91:ed:24:cd:74:96:74:11:64:c6:a9:7f:13:
2f:98:44:42:09:f1:3c:17:cb:aa:1c:c0:91:d6:47:bc:83:ef:
f1:e1:4c:d2:8b:d0:21:82:10:a6:69:7f:ca:a6:1a:96:f8:22:
9b:cb:b0:7c:9c:7c:80:78:52:0c:3a:2b:8e:96:15:20:74:2d:
e4:ed:d6:9c:24:88:b3:e9:6d:44:ec:f7:96:e4:c8:b7:af:5a:
3b:33:f5:69:52:fc:94:a8:c0:50:4b:5e:47:44:55:e5:ce:9b:
0b:89:0e:7e:18:14:e0:6a:80:8b:fa:fb:ac:6b:f3:3f:d1:25:
fa:7a:4d:42:2e:10:3f:4e:67:c4:fb:72:bc:cc:4b:ea:a7:2d:
dc:e1:7d:6b:fb:ba:36:19:4d:aa:12:77:4d:90:32:17:9b:99:
fb:b7:bd:df:c4:1b:05:02:70:47:af:8d:70:24:9b:35:ff:71:
7f:21:13:c8:25:48:ec:f2:ca:45:1a:8b:c5:2f:61:22:f4:fd:
9e:60:45:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDgNsv8Of1OGMxZ0YRUpymVt0D5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YmFlOGZjY2ZkMDJiOGU1MTg3MGQxMWU2ZGViYWNiMTY0ZWQzOTZmYjc1
NmZkZGYxZDBhN2M3MWNmNjcxMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPxOAelg2RfYbaF1oWhYq0tW+NWM0k9xH5Oh7YFBu8SpbTXsZo5Oy8/1ZgG
Dp3q3eMHnrSQrAMKYFWMEexN19uKCxc32s31BzL0P0VqVh0stG+SU48Q30Ili5D0
lm8JEo819x0QFEAmvb4V6VjG8l4mXvjvpxGDIDqKEC9lOG+PhCh8yLe6dCEIJbtu
qDKQft58h6q5hiHCO6emAgVuK3iZisNwACDQqsRl4OszZsiRjqj0ei2UOv+F0a+V
cI5cbyMPXGOHbQWJllgXd6v0Ioz/DlJk+OqHjKKpRvDJsiJYxQnWAaS3YroktJDE
BYTyuUasWK1PEz/YaBiyIxv9f5sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRS4HmK
I57Bw6Fbxp6BvdCypUgL4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGRjNDcwNmMtNWMzOC00MTk1LWIzOTYtYzAzODEyNWU4ODc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQC6jOlfqHwoZAkXmHv9wYobP36AmFhNyjigsnkmh0Vq
tulgW9sILW+DiIaV8lYws1GHO7JekICJaLDy7pHtJM10lnQRZMapfxMvmERCCfE8
F8uqHMCR1ke8g+/x4UzSi9AhghCmaX/KphqW+CKby7B8nHyAeFIMOiuOlhUgdC3k
7dacJIiz6W1E7PeW5Mi3r1o7M/VpUvyUqMBQS15HRFXlzpsLiQ5+GBTgaoCL+vus
a/M/0SX6ek1CLhA/TmfE+3K8zEvqpy3c4X1r+7o2GU2qEndNkDIXm5n7t73fxBsF
AnBHr41wJJs1/3F/IRPIJUjs8spFGovFL2Ei9P2eYEU9
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net