Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
File: 51640291-7474-4374-9081-81d0d3d47792.roa (raw, json)
Hash identifier: hp9hz+iSmxS4OR6o5+N3re8wadvWfkvKcTIUDKG9eG4=
Subject key identifier: 17:4C:A5:65:3E:A0:11:BD:C8:88:90:BB:9A:FA:58:1B:AD:D6:3F:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A28D4599BF4FBF96784A4102B013D389247A02C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:28:d4:59:9b:f4:fb:f9:67:84:a4:10:2b:01:3d:38:92:47:a0:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=4e124e6aab04bbfdf78abfc8705480c60103f8a07fe67aaa1e1e60f7ad01e193, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:b4:00:72:4e:c8:6f:20:c2:52:45:d2:bb:
ce:ae:d0:79:6f:bb:3c:8e:e7:b9:ea:05:06:25:95:
ed:14:8d:bd:33:f3:a4:ea:17:35:be:b8:61:b7:b3:
fe:68:10:d5:a9:b2:da:5d:61:ca:2b:3c:d5:19:0a:
f9:f8:74:3f:c1:f0:aa:49:2d:d0:c2:f0:81:b9:1d:
5e:76:7f:b8:8f:61:c9:26:00:29:96:e1:1b:fe:2a:
ba:6a:fe:b0:72:0d:1b:c8:3a:7a:a4:c8:01:09:49:
9f:9b:52:43:e5:27:c8:b5:cc:5a:c0:b4:68:1c:12:
f8:7a:88:21:46:06:f5:cb:3d:0c:0e:bf:ed:05:4b:
67:18:7e:03:ff:d7:4e:34:88:75:e7:ed:07:7e:0a:
d9:d6:1f:9c:24:20:26:28:67:c6:0e:a1:61:1b:60:
9e:f4:00:f2:84:03:ab:42:44:c2:f0:9a:f6:f0:29:
bd:8b:dc:1b:3f:77:99:ff:20:8b:92:81:30:3f:20:
bd:32:d1:26:5b:92:51:a3:7c:82:ba:43:c5:97:1c:
8d:ab:b2:92:bb:c4:0a:2e:a3:c7:52:9a:f8:a4:3e:
8c:75:80:b1:d5:9c:e9:f0:c6:5f:37:37:80:cc:21:
b7:2b:c9:28:bc:ab:0d:aa:2f:3c:10:1a:02:63:87:
82:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4C:A5:65:3E:A0:11:BD:C8:88:90:BB:9A:FA:58:1B:AD:D6:3F:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
15:34:67:59:df:c7:94:ee:72:83:98:ae:ea:4b:b0:85:dc:51:
70:4a:4c:36:df:8f:bd:f8:8d:28:c4:e9:4a:e9:2e:29:c9:d5:
c5:24:01:dc:5d:d7:3c:e3:21:b7:fa:9e:7d:23:24:e4:65:d0:
d6:28:ed:e0:06:37:f9:da:5f:6a:a5:ef:df:cd:8c:7b:cc:b3:
ed:02:bb:c4:5c:ba:9a:88:d9:a5:b2:a2:1d:ac:93:d8:66:cc:
34:58:2d:2f:e4:24:4f:fc:ea:c9:30:55:7f:be:91:f9:66:be:
89:96:45:5a:9b:41:03:51:a8:8d:7f:73:64:4e:e0:83:9c:35:
b2:d0:c1:3d:37:96:ca:53:94:bc:66:9d:4d:c1:51:b4:55:71:
c2:f9:89:39:0c:a3:3b:94:ea:88:79:45:b9:c3:35:49:a2:14:
6a:ca:7d:61:6c:9a:82:28:e8:39:08:26:fd:13:f6:77:4d:0a:
45:9d:6b:09:b4:90:3a:d5:23:bd:8f:d4:7b:84:1f:c8:9b:48:
d2:16:b6:e2:85:a4:db:82:1b:d2:f6:2e:d0:ff:1c:21:a4:a6:
40:04:6e:c9:c2:0d:a8:ed:52:2c:dc:26:c7:20:0b:60:ad:16:
5a:9b:db:23:39:50:c6:14:58:34:4d:2e:00:af:3a:95:4c:d3:
f4:0b:94:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGijUWZv0+/lnhKQQKwE9OJJHoCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMTI0ZTZhYWIwNGJiZmRmNzhhYmZjODcwNTQ4MGM2MDEwM2Y4YTA3ZmU2
N2FhYTFlMWU2MGY3YWQwMWUxOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvdtAByTshvIMJSRdK7zq7QeW+7PI7nueoFBiWV7RSNvTPzpOoXNb64Ybez
/mgQ1amy2l1hyis81RkK+fh0P8Hwqkkt0MLwgbkdXnZ/uI9hySYAKZbhG/4qumr+
sHING8g6eqTIAQlJn5tSQ+UnyLXMWsC0aBwS+HqIIUYG9cs9DA6/7QVLZxh+A//X
TjSIdeftB34K2dYfnCQgJihnxg6hYRtgnvQA8oQDq0JEwvCa9vApvYvcGz93mf8g
i5KBMD8gvTLRJluSUaN8grpDxZccjauykrvECi6jx1Ka+KQ+jHWAsdWc6fDGXzc3
gMwhtyvJKLyrDaovPBAaAmOHgoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXTKVl
PqARvciIkLua+lgbrdY/bzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE2NDAyOTEtNzQ3NC00Mzc0LTkwODEtODFkMGQzZDQ3NzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQAVNGdZ38eU7nKDmK7qS7CF3FFwSkw234+9+I0oxOlK
6S4pydXFJAHcXdc84yG3+p59IyTkZdDWKO3gBjf52l9qpe/fzYx7zLPtArvEXLqa
iNmlsqIdrJPYZsw0WC0v5CRP/OrJMFV/vpH5Zr6JlkVam0EDUaiNf3NkTuCDnDWy
0ME9N5bKU5S8Zp1NwVG0VXHC+Yk5DKM7lOqIeUW5wzVJohRqyn1hbJqCKOg5CCb9
E/Z3TQpFnWsJtJA61SO9j9R7hB/Im0jSFrbihaTbghvS9i7Q/xwhpKZABG7Jwg2o
7VIs3CbHIAtgrRZam9sjOVDGFFg0TS4ArzqVTNP0C5Si
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net