Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
File: 69740d55-a842-4e2d-a267-6df47f50e20c.roa (raw, json)
Hash identifier: QdkZTzq9eHOT+pfPt9PMiBrVinEpj+3+oZJzHkY2vgc=
Subject key identifier: 00:17:32:71:BF:30:2E:D7:90:9C:84:91:4D:02:5F:A0:3D:C6:B5:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 688CC62C521C8CC764DA926F0B520127D560D44E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:8c:c6:2c:52:1c:8c:c7:64:da:92:6f:0b:52:01:27:d5:60:d4:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=82bc90d12261723c7250d051d0a9d39eadfd626f6b50fe62a0a1492b80451077, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6d:05:8f:55:17:3f:c0:bd:69:02:dc:7a:3b:
3b:d9:25:f5:8f:c1:b8:c0:ec:79:68:67:36:c6:39:
df:7e:c0:c9:02:76:06:27:a6:bb:64:52:20:9d:e2:
d6:dc:52:6d:b1:98:f2:b5:5b:6f:ab:5e:6c:33:97:
52:d6:4e:7e:7a:7d:ca:6a:e2:2b:90:0c:aa:44:36:
d2:86:58:d5:0a:b1:d1:75:b6:bd:91:92:53:fb:45:
84:53:24:f7:13:66:59:e4:67:ec:0b:30:a4:ee:0e:
07:3f:2a:e3:43:7d:f4:09:0c:f9:e3:35:79:23:0a:
ae:6b:3d:4e:db:61:be:50:60:3d:6c:09:9d:ac:f5:
1a:6b:3d:4b:d3:e3:ee:66:1c:69:3f:d4:81:b1:9e:
be:3e:78:1f:c6:08:5f:c9:8d:5a:81:dc:4f:39:19:
46:0a:a7:9c:99:43:c6:de:f7:6a:58:d0:f3:22:2f:
41:18:a9:55:3e:9b:ff:a7:05:fc:10:13:79:ac:63:
04:3e:1e:cf:b1:3e:70:b8:43:9e:03:19:40:b5:66:
35:79:8e:13:03:95:85:32:a5:b8:b1:81:97:1f:10:
ec:5a:84:ed:af:78:80:85:0a:80:76:53:67:db:0d:
19:0c:7d:fd:7d:d2:4d:6f:7b:40:93:aa:eb:22:54:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:17:32:71:BF:30:2E:D7:90:9C:84:91:4D:02:5F:A0:3D:C6:B5:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:c1:cf:5e:98:e5:fb:4a:b8:b9:da:0a:2a:7b:d7:24:c6:c1:
da:87:9e:9d:ec:4a:21:4b:20:b8:89:88:78:53:c5:ab:c9:26:
e6:b2:29:a5:79:c1:b5:38:42:8d:1d:fd:7f:7e:2b:85:34:4a:
64:81:47:a5:29:92:9d:be:73:8b:10:62:70:4a:08:9e:04:a9:
63:43:35:33:1e:ec:71:13:87:91:b2:11:81:b6:a4:d8:63:64:
8f:63:e6:71:27:51:c9:0e:b9:5c:3b:1e:a5:95:82:63:7c:85:
b1:74:ec:34:b8:b3:4f:0c:57:2f:9d:79:99:f5:77:5c:08:f3:
50:5f:81:80:22:f0:63:b7:74:c7:4d:8e:99:aa:dc:b5:78:8f:
20:43:8e:95:84:ba:3c:3e:80:51:5e:aa:ef:fa:d1:6b:a5:bb:
c2:ea:01:19:8c:53:50:4e:af:62:0b:30:81:49:0c:d7:2a:f0:
fc:8e:48:3b:1d:12:bc:43:71:d5:a0:c7:02:28:39:e5:5a:60:
92:a1:d4:95:3e:40:d7:11:2e:8f:8f:44:3b:d0:4c:98:10:b5:
cb:91:56:72:e6:75:5d:3e:df:4b:e4:0a:8e:ae:2c:6b:3b:76:
2b:33:4d:81:59:fc:5e:bb:c0:24:24:01:b5:8a:83:87:29:f5:
43:68:90:c9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaIzGLFIcjMdk2pJvC1IBJ9Vg1E4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYmM5MGQxMjI2MTcyM2M3MjUwZDA1MWQwYTlkMzllYWRmZDYyNmY2YjUw
ZmU2MmEwYTE0OTJiODA0NTEwNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJtBY9VFz/AvWkC3Ho7O9kl9Y/BuMDseWhnNsY5337AyQJ2Biemu2RSIJ3i
1txSbbGY8rVbb6tebDOXUtZOfnp9ymriK5AMqkQ20oZY1Qqx0XW2vZGSU/tFhFMk
9xNmWeRn7AswpO4OBz8q40N99AkM+eM1eSMKrms9TtthvlBgPWwJnaz1Gms9S9Pj
7mYcaT/UgbGevj54H8YIX8mNWoHcTzkZRgqnnJlDxt73aljQ8yIvQRipVT6b/6cF
/BATeaxjBD4ez7E+cLhDngMZQLVmNXmOEwOVhTKluLGBlx8Q7FqE7a94gIUKgHZT
Z9sNGQx9/X3STW97QJOq6yJU4SECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAFzJx
vzAu15CchJFNAl+gPca1rzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk3NDBkNTUtYTg0Mi00ZTJkLWEyNjctNmRmNDdmNTBlMjBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAsMHPXpjl+0q4udoKKnvXJMbB2oeenexKIUsguImI
eFPFq8km5rIppXnBtThCjR39f34rhTRKZIFHpSmSnb5zixBicEoIngSpY0M1Mx7s
cROHkbIRgbak2GNkj2PmcSdRyQ65XDsepZWCY3yFsXTsNLizTwxXL515mfV3XAjz
UF+BgCLwY7d0x02OmarctXiPIEOOlYS6PD6AUV6q7/rRa6W7wuoBGYxTUE6vYgsw
gUkM1yrw/I5IOx0SvENx1aDHAig55VpgkqHUlT5A1xEuj49EO9BMmBC1y5FWcuZ1
XT7fS+QKjq4sazt2KzNNgVn8XrvAJCQBtYqDhyn1Q2iQyQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net