Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
File: 53a9be89-d507-454e-96fb-d2a28e64f836.roa (raw, json)
Hash identifier: Ue0T34vf70RruRZPAj/yp4NNUC72tHztN71AvfXkti4=
Subject key identifier: F8:F8:13:75:6D:1A:0F:C5:F6:A7:F0:80:2D:0E:29:C9:8E:02:4B:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B172B5537570CD9A4891EA77B015AB813EAB545
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:17:2b:55:37:57:0c:d9:a4:89:1e:a7:7b:01:5a:b8:13:ea:b5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: serialNumber=18a9f0e28d05071af69af4c1d02b1af3c1a6a9dbf351f42db0e05eff59451864, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:0d:ec:67:9a:aa:9c:c8:09:bb:89:13:5e:
77:5d:1f:26:7e:bd:b9:1e:69:15:c4:d7:1e:b1:eb:
aa:bf:bb:82:e3:d6:c4:03:10:6d:0f:4d:f7:bd:30:
21:d4:3f:33:b6:c1:f5:33:3f:41:ba:22:84:24:01:
03:4b:45:e7:37:13:7e:13:e7:31:a3:72:95:dd:d8:
e0:6a:d6:aa:9a:54:27:b6:48:63:90:3b:c6:a9:f3:
2b:88:75:aa:d4:76:70:2d:1b:01:b2:2e:8e:29:8b:
56:d1:c0:a4:3e:cd:fa:1e:e7:44:bc:c6:dc:0f:b1:
dc:f6:98:f3:50:21:b8:2e:fd:6c:f3:29:a1:21:83:
2b:d6:11:6b:c6:48:23:4c:62:0d:9f:f2:d2:0a:8a:
85:ce:00:83:d4:a0:4d:4c:ba:4d:bd:ce:bc:cb:1b:
66:a2:88:41:fc:2e:78:a3:ca:dd:24:4d:5f:94:b6:
19:72:74:47:c8:7c:08:dc:a5:eb:75:68:73:60:05:
e0:af:d4:e9:f8:0b:18:94:86:d6:7c:41:d6:37:b5:
43:99:72:72:c7:ff:fc:82:f3:4e:7f:77:57:a9:cf:
0a:1e:60:a1:e6:a7:24:42:60:3a:53:ff:0c:c9:10:
c2:5b:b9:28:3d:df:03:e5:6d:af:27:22:17:ae:aa:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F8:13:75:6D:1A:0F:C5:F6:A7:F0:80:2D:0E:29:C9:8E:02:4B:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:69:25:33:c0:92:92:98:15:c0:ea:58:df:21:c7:d1:9a:b9:
41:af:e3:f5:94:5c:a4:2d:a9:bc:c5:dc:db:a6:90:78:b5:c6:
05:0b:5c:1b:86:fa:7c:e1:65:3d:e1:02:2e:6d:cc:32:34:43:
09:9f:36:50:0a:d7:97:6b:c1:bc:7f:2b:4e:9e:59:7f:03:b3:
99:d4:e2:26:ad:db:3d:1a:67:df:f7:09:ce:35:cc:01:46:76:
a5:df:1c:33:f5:9c:b4:f2:ac:03:8f:f5:af:1c:e8:86:ff:c2:
6c:66:5f:fd:a8:47:6f:4f:ec:6b:c2:c6:57:13:f5:cb:19:c5:
a2:be:83:2f:56:da:b0:fb:6b:6b:d3:8e:ff:a3:a3:e2:65:44:
df:14:48:c3:f1:d0:58:00:83:55:c6:89:f5:9b:66:2b:e8:8b:
54:39:92:90:54:e4:36:21:13:48:d3:bc:49:c9:13:96:59:36:
7c:bb:f6:ff:76:ba:3e:cf:69:4d:d1:8c:c3:17:0c:7c:fc:ab:
e6:b8:04:99:cf:85:bd:01:f5:b5:f1:99:60:41:b7:13:6a:84:
dc:46:67:40:29:63:d7:6b:a0:3c:a8:82:62:91:7b:8a:08:2d:
28:e0:2c:9e:d3:5d:c2:bb:00:53:dc:d1:8f:bf:af:86:ab:ea:
f9:27:65:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOxcrVTdXDNmkiR6newFauBPqtUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4YTlmMGUyOGQwNTA3MWFmNjlhZjRjMWQwMmIxYWYzYzFhNmE5ZGJmMzUx
ZjQyZGIwZTA1ZWZmNTk0NTE4NjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjBDexnmqqcyAm7iRNed10fJn69uR5pFcTXHrHrqr+7guPWxAMQbQ9N970w
IdQ/M7bB9TM/QboihCQBA0tF5zcTfhPnMaNyld3Y4GrWqppUJ7ZIY5A7xqnzK4h1
qtR2cC0bAbIujimLVtHApD7N+h7nRLzG3A+x3PaY81AhuC79bPMpoSGDK9YRa8ZI
I0xiDZ/y0gqKhc4Ag9SgTUy6Tb3OvMsbZqKIQfwueKPK3SRNX5S2GXJ0R8h8CNyl
63Voc2AF4K/U6fgLGJSG1nxB1je1Q5lycsf//ILzTn93V6nPCh5goeanJEJgOlP/
DMkQwlu5KD3fA+VtryciF66q8UcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT4+BN1
bRoPxfan8IAtDinJjgJLSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTNhOWJlODktZDUwNy00NTRlLTk2ZmItZDJhMjhlNjRmODM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQCiaSUzwJKSmBXA6ljfIcfRmrlBr+P1lFykLam8xdzb
ppB4tcYFC1wbhvp84WU94QIubcwyNEMJnzZQCteXa8G8fytOnll/A7OZ1OImrds9
Gmff9wnONcwBRnal3xwz9Zy08qwDj/WvHOiG/8JsZl/9qEdvT+xrwsZXE/XLGcWi
voMvVtqw+2tr047/o6PiZUTfFEjD8dBYAINVxon1m2Yr6ItUOZKQVOQ2IRNI07xJ
yROWWTZ8u/b/dro+z2lN0YzDFwx8/KvmuASZz4W9AfW18ZlgQbcTaoTcRmdAKWPX
a6A8qIJikXuKCC0o4Cye013CuwBT3NGPv6+Gq+r5J2XG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net