Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/621fb82e-99a7-4d33-a646-877fafc69f46.roa
File: 621fb82e-99a7-4d33-a646-877fafc69f46.roa (raw, json)
Hash identifier: AuL/aly0zeNX9y5ESe32cEylRUWz1VQBdzG/aq6Fd5w=
Subject key identifier: 73:C9:F8:9A:C3:E0:FE:7B:62:3F:E9:A0:5A:98:76:41:5F:57:F9:43
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 018EBFCE7CD45034974EE5073CA5E4651572C139
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/621fb82e-99a7-4d33-a646-877fafc69f46.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bf:ce:7c:d4:50:34:97:4e:e5:07:3c:a5:e4:65:15:72:c1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=87d8c6afa68d31497a27247202162bcc41f20a9070a3a44178b8194955273a20, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7c:8d:c8:93:df:c9:51:ca:1c:85:ac:71:1c:
95:98:2a:9a:52:c8:d1:a8:5e:26:5c:b2:3a:24:49:
fe:f4:fa:ab:f3:08:d6:37:30:b8:62:d8:a6:1c:a7:
10:04:4d:17:a6:7e:bd:34:8b:b9:d7:2c:13:2c:5c:
50:6d:63:6d:a7:b3:8c:95:76:bd:2c:88:6e:57:99:
95:7c:2f:c3:c5:b8:ed:ae:65:63:dd:2b:62:ac:7d:
d9:46:9d:fd:ac:39:85:dd:c1:82:f0:db:37:57:7a:
16:0d:28:47:2f:94:af:a8:b8:a3:33:96:f5:ac:3e:
98:0b:e8:51:7c:e8:f3:63:4c:49:df:9a:09:e3:ef:
a8:b4:f1:73:0c:e1:f1:f6:d3:24:c4:17:a8:85:15:
33:a6:5c:fa:b5:7a:b9:fc:58:13:c3:56:10:c3:a2:
f7:07:41:54:49:18:da:0d:79:58:c7:02:f6:fa:b9:
ae:90:e9:d1:5a:86:77:4e:29:95:38:61:1b:24:f2:
9d:24:84:5e:88:dc:5b:a5:20:15:6a:f8:27:44:e5:
26:ba:4a:55:31:f2:80:68:11:be:11:00:66:71:32:
3b:03:b5:71:c8:f5:ca:85:a6:fd:06:78:5d:e5:90:
0f:54:f6:f4:11:cc:f0:c4:41:0f:c9:c8:09:3d:46:
f3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C9:F8:9A:C3:E0:FE:7B:62:3F:E9:A0:5A:98:76:41:5F:57:F9:43
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/621fb82e-99a7-4d33-a646-877fafc69f46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9d:47:32:4b:66:cf:fb:36:be:1d:d8:13:95:d1:76:4a:44:76:
c6:50:79:6d:54:50:a5:80:61:94:38:a9:ce:ff:77:18:f0:df:
14:cc:11:f9:ef:0b:28:4d:ea:53:c3:5a:91:e5:41:fe:d9:72:
54:f7:fc:a5:99:36:25:42:0f:ad:90:43:b8:00:d2:08:a9:af:
32:16:16:0a:30:ea:36:12:6f:1d:f0:11:92:5c:4e:ef:6d:d2:
1e:2d:67:4e:79:13:72:4d:ea:d3:10:61:9f:b6:9f:a8:37:a6:
2b:bb:8d:c2:07:23:db:84:1c:b7:c6:a5:08:a0:dc:e6:9a:ac:
bc:5f:1e:9b:92:e8:d1:f3:1c:cc:cd:85:1a:ac:f2:2c:d4:52:
d5:93:7b:72:b2:14:ac:47:06:1f:59:77:ef:35:e2:f9:9d:3b:
28:84:da:a5:c6:77:1a:4a:81:29:f5:15:70:11:6a:bd:fa:f4:
9b:70:ce:c8:c9:1a:d5:73:d9:35:cc:8f:d4:86:bd:93:db:97:
69:ac:3b:4a:bc:70:5a:67:70:ce:d5:8c:03:21:0b:d9:8e:20:
6d:75:d5:a8:e2:4e:d4:a3:58:70:a5:9a:25:28:57:ad:89:dd:
c0:b5:3d:59:3b:9e:b4:30:79:0e:ec:8c:a2:51:33:ec:cb:53:
53:34:c0:0a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAY6/znzUUDSXTuUHPKXkZRVywTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3ZDhjNmFmYTY4ZDMxNDk3YTI3MjQ3MjAyMTYyYmNjNDFmMjBhOTA3MGEz
YTQ0MTc4YjgxOTQ5NTUyNzNhMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJx8jciT38lRyhyFrHEclZgqmlLI0aheJlyyOiRJ/vT6q/MI1jcwuGLYphyn
EARNF6Z+vTSLudcsEyxcUG1jbaezjJV2vSyIbleZlXwvw8W47a5lY90rYqx92Uad
/aw5hd3BgvDbN1d6Fg0oRy+Ur6i4ozOW9aw+mAvoUXzo82NMSd+aCePvqLTxcwzh
8fbTJMQXqIUVM6Zc+rV6ufxYE8NWEMOi9wdBVEkY2g15WMcC9vq5rpDp0VqGd04p
lThhGyTynSSEXojcW6UgFWr4J0TlJrpKVTHygGgRvhEAZnEyOwO1ccj1yoWm/QZ4
XeWQD1T29BHM8MRBD8nICT1G80ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRzyfia
w+D+e2I/6aBamHZBX1f5QzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjIxZmI4MmUtOTlhNy00ZDMzLWE2NDYtODc3ZmFmYzY5ZjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAnUcyS2bP+za+HdgTldF2SkR2xlB5bVRQpYBhlDip
zv93GPDfFMwR+e8LKE3qU8NakeVB/tlyVPf8pZk2JUIPrZBDuADSCKmvMhYWCjDq
NhJvHfARklxO723SHi1nTnkTck3q0xBhn7afqDemK7uNwgcj24Qct8alCKDc5pqs
vF8em5Lo0fMczM2FGqzyLNRS1ZN7crIUrEcGH1l37zXi+Z07KITapcZ3GkqBKfUV
cBFqvfr0m3DOyMka1XPZNcyP1Ia9k9uXaaw7SrxwWmdwztWMAyEL2Y4gbXXVqOJO
1KNYcKWaJShXrYndwLU9WTuetDB5DuyMolEz7MtTUzTACg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net