Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
File: 52763e98-2920-46fc-8dad-f7cba491e994.roa (raw, json)
Hash identifier: VH3sru27LKbpg3hmLrr6wxSvyCy23/nARVUKaOEbTWk=
Subject key identifier: 54:96:0A:09:0A:6D:2D:86:DA:E6:D9:04:DF:5D:7C:13:AB:1B:6D:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A1E3E62D961C60CBA8637163A77BFC1D60F5339
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:1e:3e:62:d9:61:c6:0c:ba:86:37:16:3a:77:bf:c1:d6:0f:53:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=a08a3dc8edffdd3ccc75dfc8a237195a384aec70286d43dff8a5eacd42143ba6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:49:b1:e9:4a:a1:ab:1e:a7:55:59:87:7b:a3:
d4:81:58:17:a0:2a:c2:f6:06:16:ad:ba:12:33:53:
fd:18:b1:53:72:6d:60:3c:8d:7c:a1:03:6c:7b:b2:
0a:48:75:7d:39:8d:f1:51:d1:84:41:ec:50:11:7e:
e9:9b:3d:6a:08:88:15:07:6c:54:7b:d3:84:1c:80:
3a:12:6a:8f:35:3e:a5:09:50:4e:99:6c:c6:99:44:
91:66:33:22:4e:cf:5e:2c:17:8b:1d:60:3c:8d:50:
3b:e8:9f:66:22:5a:ad:03:19:9c:14:dd:28:18:40:
d9:9b:35:fa:0e:f7:ca:c8:5a:c7:f7:8f:0e:60:d0:
16:5d:fd:e7:1e:5a:52:90:54:a3:66:8c:76:16:6d:
bb:65:51:cd:6c:57:34:d2:74:89:47:96:d1:66:41:
72:9f:98:e6:a6:58:c7:b1:b1:d3:f6:ef:fd:5d:a1:
27:f7:00:16:e4:b4:8a:91:5f:87:2b:86:2c:a2:ca:
ea:1a:14:b8:db:fe:a9:dc:68:86:f8:a9:eb:cf:7f:
0e:69:6b:66:1c:5d:d7:d3:37:90:84:dd:76:86:1f:
d6:9c:1c:44:78:2a:8c:be:29:05:67:7e:46:ea:ea:
07:0b:1d:32:1e:be:56:e3:b8:d3:d7:36:9b:4a:98:
ff:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:96:0A:09:0A:6D:2D:86:DA:E6:D9:04:DF:5D:7C:13:AB:1B:6D:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
57:8c:2b:51:55:c1:21:25:47:bd:04:1f:56:58:bb:27:ad:c0:
a0:b9:3f:bc:92:17:7c:d9:c8:cf:34:de:37:68:f3:4f:34:cc:
1c:ac:03:f7:a8:73:8e:67:4e:5e:5a:6f:e5:f8:8a:17:34:6e:
ae:2e:e0:50:1b:b7:82:aa:7e:c6:39:a0:5c:37:cc:09:4c:e8:
d0:66:44:11:7d:d3:3f:33:01:ec:b3:9c:ca:f3:05:bf:56:ce:
e1:f5:22:49:0f:d9:c5:fc:c2:2e:15:48:ee:95:71:e4:38:0e:
a6:da:f8:75:e8:9d:f7:cc:f4:da:84:d4:96:38:91:e5:1f:14:
5d:70:34:d7:e0:d3:50:7a:98:d9:16:c9:59:db:74:64:b0:d3:
21:4c:c8:8a:63:73:bd:e8:15:a5:b7:47:fe:f2:24:89:7b:0c:
5b:63:5a:2a:d5:49:73:b3:43:d2:e1:ba:3a:c4:e1:67:5e:b4:
38:97:24:85:35:fa:c0:4f:9a:0f:2c:34:e1:57:ea:0b:5e:c6:
dc:24:54:c8:ac:7d:cb:d0:8b:c0:02:e5:21:7e:4a:9d:bd:2d:
9c:a2:cb:3f:cc:45:96:2f:af:64:b5:6b:a9:cf:65:aa:79:ff:
5e:95:39:45:0f:19:91:5f:7c:72:00:2c:8e:05:a7:53:b7:6e:
f7:4c:91:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKh4+Ytlhxgy6hjcWOne/wdYPUzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwOGEzZGM4ZWRmZmRkM2NjYzc1ZGZjOGEyMzcxOTVhMzg0YWVjNzAyODZk
NDNkZmY4YTVlYWNkNDIxNDNiYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNJselKoasep1VZh3uj1IFYF6AqwvYGFq26EjNT/RixU3JtYDyNfKEDbHuy
Ckh1fTmN8VHRhEHsUBF+6Zs9agiIFQdsVHvThByAOhJqjzU+pQlQTplsxplEkWYz
Ik7PXiwXix1gPI1QO+ifZiJarQMZnBTdKBhA2Zs1+g73yshax/ePDmDQFl395x5a
UpBUo2aMdhZtu2VRzWxXNNJ0iUeW0WZBcp+Y5qZYx7Gx0/bv/V2hJ/cAFuS0ipFf
hyuGLKLK6hoUuNv+qdxohvip689/DmlrZhxd19M3kITddoYf1pwcRHgqjL4pBWd+
RurqBwsdMh6+VuO409c2m0qY/9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUlgoJ
Cm0thtrm2QTfXXwTqxttLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTI3NjNlOTgtMjkyMC00NmZjLThkYWQtZjdjYmE0OTFlOTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQBXjCtRVcEhJUe9BB9WWLsnrcCguT+8khd82cjP
NN43aPNPNMwcrAP3qHOOZ05eWm/l+IoXNG6uLuBQG7eCqn7GOaBcN8wJTOjQZkQR
fdM/MwHss5zK8wW/Vs7h9SJJD9nF/MIuFUjulXHkOA6m2vh16J33zPTahNSWOJHl
HxRdcDTX4NNQepjZFslZ23RksNMhTMiKY3O96BWlt0f+8iSJewxbY1oq1Ulzs0PS
4bo6xOFnXrQ4lySFNfrAT5oPLDThV+oLXsbcJFTIrH3L0IvAAuUhfkqdvS2coss/
zEWWL69ktWupz2Wqef9elTlFDxmRX3xyACyOBadTt273TJHk
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:38 2024 by rpki-client on console.sobornost.net