Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
File: 4f5ffdac-d36c-4a69-b456-6de77be3057a.roa (raw, json)
Hash identifier: TnJmgrBvHpnJxCFaa8T91iYR3ebx2ZDIsl4KGP6jAzw=
Subject key identifier: A2:BA:C7:60:A0:A9:4C:8C:1D:80:BB:13:23:16:E3:EC:67:D7:6B:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 156E01FFDBB18370FC0A11F8CB61C5F9EA3D457D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:6e:01:ff:db:b1:83:70:fc:0a:11:f8:cb:61:c5:f9:ea:3d:45:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=7d3e3953c67fcb938f0a9fbec393d36c571fd4f040e94407fc0dc8776bcd488f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:fd:49:50:14:8f:4e:be:f9:ac:76:92:81:
2b:5c:4d:78:27:99:6d:b4:1f:2d:c6:10:f4:61:03:
ed:45:a8:cf:0c:89:bb:61:67:1f:50:79:ba:77:b9:
b2:6c:a6:91:c8:28:51:bc:56:6d:ac:d2:79:2d:0c:
1d:64:73:98:ce:37:b8:6c:45:5f:29:74:f7:d4:d1:
92:69:13:47:c6:19:73:02:f4:74:50:3f:40:89:91:
d7:39:b2:68:8a:a7:fb:70:74:51:57:94:40:a8:29:
e7:a0:c3:b9:c7:2e:e2:93:d7:f0:17:15:36:a6:62:
de:be:bd:8a:61:ac:f8:1c:83:49:66:68:de:ce:23:
0d:3a:a1:40:e1:0c:3a:00:c5:2d:48:58:4f:11:a2:
1f:59:a9:02:c0:03:ee:c5:d0:32:fc:c6:ef:d0:d9:
ac:ba:7a:2d:52:3b:1d:b6:b1:ae:27:e8:fb:7a:28:
1b:73:1c:c7:3c:57:a5:90:ac:84:68:a6:d4:75:9f:
c8:d6:ae:53:3d:00:ff:80:4c:cf:48:d6:8a:cd:b8:
61:79:7e:03:ba:36:d0:1b:93:1c:70:b8:81:23:c9:
da:34:df:0b:06:a7:b0:eb:39:9c:22:c8:0f:19:48:
1c:b9:1a:47:f7:c7:1d:b8:37:67:5c:83:b9:53:fa:
f2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BA:C7:60:A0:A9:4C:8C:1D:80:BB:13:23:16:E3:EC:67:D7:6B:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5e:f1:e3:9d:66:9a:d1:b0:47:7a:3a:e0:fe:27:fb:d4:4d:83:
1f:72:d5:96:2b:e2:b2:ca:8e:de:ed:74:f6:f0:4c:d8:3a:9a:
61:6a:84:f8:84:90:6a:92:34:3f:10:f9:47:ab:c8:c6:20:1d:
57:09:e1:fc:eb:c7:f3:89:bf:e7:77:e8:07:c9:12:78:f0:93:
bb:cb:28:a6:55:b9:b9:53:9d:7d:6c:12:71:fa:e6:b1:d5:cb:
bd:2a:78:99:11:9f:00:df:2a:82:10:62:85:55:01:17:df:70:
54:95:39:5f:60:4b:0a:82:e5:85:9b:e1:52:2c:20:f5:43:94:
36:7c:52:6d:70:40:d2:30:9d:40:c6:6d:08:c2:ad:88:f7:16:
d3:b6:ba:eb:29:1c:74:fc:ad:f2:73:40:05:29:24:67:47:c0:
ab:6d:49:7d:9f:58:44:23:2e:06:54:ff:7d:b4:be:b7:b7:e6:
2a:df:f5:0a:7f:2a:1c:02:70:12:62:3b:87:ce:c0:aa:d8:fc:
59:57:72:b5:8f:d4:6a:3e:41:92:e8:ee:68:a1:1a:59:17:86:
82:f2:bb:b2:cd:f1:82:c5:5e:f5:c5:92:76:fa:e0:62:b4:d1:
32:a2:80:0d:67:0a:34:6f:dd:a1:7f:5a:b7:f1:54:0e:00:2c:
c0:60:0a:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFW4B/9uxg3D8ChH4y2HF+eo9RX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkM2UzOTUzYzY3ZmNiOTM4ZjBhOWZiZWMzOTNkMzZjNTcxZmQ0ZjA0MGU5
NDQwN2ZjMGRjODc3NmJjZDQ4OGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaV/UlQFI9OvvmsdpKBK1xNeCeZbbQfLcYQ9GED7UWozwyJu2FnH1B5une5
smymkcgoUbxWbazSeS0MHWRzmM43uGxFXyl099TRkmkTR8YZcwL0dFA/QImR1zmy
aIqn+3B0UVeUQKgp56DDuccu4pPX8BcVNqZi3r69imGs+ByDSWZo3s4jDTqhQOEM
OgDFLUhYTxGiH1mpAsAD7sXQMvzG79DZrLp6LVI7Hbaxrifo+3ooG3McxzxXpZCs
hGim1HWfyNauUz0A/4BMz0jWis24YXl+A7o20BuTHHC4gSPJ2jTfCwansOs5nCLI
DxlIHLkaR/fHHbg3Z1yDuVP68hMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSiusdg
oKlMjB2AuxMjFuPsZ9drATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY1ZmZkYWMtZDM2Yy00YTY5LWI0NTYtNmRlNzdiZTMwNTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBe8eOdZprRsEd6OuD+J/vUTYMfctWWK+Kyyo7e7XT2
8EzYOpphaoT4hJBqkjQ/EPlHq8jGIB1XCeH868fzib/nd+gHyRJ48JO7yyimVbm5
U519bBJx+uax1cu9KniZEZ8A3yqCEGKFVQEX33BUlTlfYEsKguWFm+FSLCD1Q5Q2
fFJtcEDSMJ1Axm0Iwq2I9xbTtrrrKRx0/K3yc0AFKSRnR8CrbUl9n1hEIy4GVP99
tL63t+Yq3/UKfyocAnASYjuHzsCq2PxZV3K1j9RqPkGS6O5ooRpZF4aC8ruyzfGC
xV71xZJ2+uBitNEyooANZwo0b92hf1q38VQOACzAYApo
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net