Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
File: 6ae34828-513c-4833-b505-1b83f25fa93e.roa (raw, json)
Hash identifier: 1LwsDiTdLQxqPSFMSkBMzXUuh6OhWqwrPXsNJhH+RHc=
Subject key identifier: 83:00:6B:A5:D6:38:93:73:D9:52:0B:A0:ED:DE:8A:12:EA:7F:03:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E529284F42EA91F1BBD8F9D35DC537CC9625B64
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:52:92:84:f4:2e:a9:1f:1b:bd:8f:9d:35:dc:53:7c:c9:62:5b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=4d63ea63a8461a380cecc27ce077d1eb82573db47a86704970cfb7583db93ecb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ca:37:ea:ab:a2:69:56:f3:bf:00:18:4b:37:
c3:e0:3b:a0:47:c1:ae:be:4b:c4:2f:50:87:b2:67:
79:35:12:d6:f9:a4:b8:6c:ab:3b:19:ed:9d:e8:24:
9e:75:c7:3c:66:4f:7e:32:65:a4:c9:32:d0:a7:23:
79:1e:76:d4:cc:45:3e:c5:8b:e9:99:85:aa:9a:b3:
1f:28:ee:07:dc:e0:bf:98:d9:94:dc:26:8d:c0:89:
b6:8b:69:b4:58:5c:0d:45:0a:77:6e:66:7e:2f:e3:
f1:2b:fa:0a:8e:a3:c3:07:5f:30:6c:ce:c5:e6:f5:
6a:33:b5:98:a8:bf:c1:49:71:60:d8:36:b1:ba:81:
32:b9:24:b4:d8:25:36:d7:a6:01:d1:e7:2f:e2:0f:
d2:45:66:77:d0:de:02:30:81:d7:c4:80:03:3c:5d:
47:3e:69:f3:c7:93:77:b6:48:b3:ea:3e:66:65:e1:
7a:d7:04:84:53:04:de:1c:31:ad:c2:e5:9d:a3:98:
f8:a5:8d:c5:65:66:4a:0b:27:e0:b9:5b:cb:22:f5:
22:99:cf:b5:79:43:7c:74:01:f5:a0:2d:9a:5d:9c:
15:9d:6a:a6:2a:1c:5d:e9:3a:f7:02:2b:f7:8d:38:
ff:11:67:38:e0:93:7d:e2:e8:7b:c6:fb:7c:c5:c4:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:00:6B:A5:D6:38:93:73:D9:52:0B:A0:ED:DE:8A:12:EA:7F:03:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:1e:34:dc:03:89:f8:6a:60:69:bd:81:a4:08:39:7d:a4:fc:
b7:6f:1a:e8:33:d6:df:fd:d7:aa:82:9a:29:9d:ce:be:61:d6:
bb:cb:1b:b7:71:e9:28:6f:bf:94:a0:e3:f3:b9:e8:a6:b7:d9:
c3:c3:13:70:ba:61:ec:5a:b8:ae:98:6d:9c:6d:50:4c:4f:7c:
fc:f7:57:a4:0d:53:f4:fa:67:2a:80:72:f5:7f:e4:67:d6:37:
10:7d:1a:b0:8e:ad:eb:f9:e3:00:74:41:8a:43:5c:3d:bf:bb:
5c:0f:e4:84:62:48:52:a8:2d:e5:7b:c9:3a:ec:52:4d:a7:56:
f9:ca:14:53:73:f3:e0:4d:6f:e8:66:43:f9:b3:fa:6f:93:cb:
69:88:c6:0e:1f:e2:b9:f5:6d:76:d6:5c:47:61:75:64:7d:59:
e2:7a:3a:89:d4:1f:c9:8a:93:d3:20:c3:56:b7:97:b6:2d:3e:
d1:b4:00:f3:f9:35:99:1b:63:13:fa:51:a8:16:bf:11:6b:e1:
51:d1:84:ad:7d:05:31:7a:37:37:67:b0:5a:6a:b0:f0:fc:e8:
6f:b3:0b:47:37:43:a3:e2:cd:98:86:97:f9:62:d4:11:7b:32:
6c:b0:63:ad:7b:be:69:96:68:16:00:81:a0:11:01:0e:31:f3:
36:e0:22:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUblKShPQuqR8bvY+dNdxTfMliW2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNjNlYTYzYTg0NjFhMzgwY2VjYzI3Y2UwNzdkMWViODI1NzNkYjQ3YTg2
NzA0OTcwY2ZiNzU4M2RiOTNlY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrKN+qromlW878AGEs3w+A7oEfBrr5LxC9Qh7JneTUS1vmkuGyrOxntnegk
nnXHPGZPfjJlpMky0KcjeR521MxFPsWL6ZmFqpqzHyjuB9zgv5jZlNwmjcCJtotp
tFhcDUUKd25mfi/j8Sv6Co6jwwdfMGzOxeb1ajO1mKi/wUlxYNg2sbqBMrkktNgl
NtemAdHnL+IP0kVmd9DeAjCB18SAAzxdRz5p88eTd7ZIs+o+ZmXhetcEhFME3hwx
rcLlnaOY+KWNxWVmSgsn4LlbyyL1IpnPtXlDfHQB9aAtml2cFZ1qpiocXek69wIr
9404/xFnOOCTfeLoe8b7fMXEZCUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDAGul
1jiTc9lSC6Dt3ooS6n8DEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmFlMzQ4MjgtNTEzYy00ODMzLWI1MDUtMWI4M2YyNWZhOTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQBWHjTcA4n4amBpvYGkCDl9pPy3bxroM9bf/deqgpop
nc6+Yda7yxu3cekob7+UoOPzueimt9nDwxNwumHsWriumG2cbVBMT3z891ekDVP0
+mcqgHL1f+Rn1jcQfRqwjq3r+eMAdEGKQ1w9v7tcD+SEYkhSqC3le8k67FJNp1b5
yhRTc/PgTW/oZkP5s/pvk8tpiMYOH+K59W121lxHYXVkfVniejqJ1B/JipPTIMNW
t5e2LT7RtADz+TWZG2MT+lGoFr8Ra+FR0YStfQUxejc3Z7BaarDw/OhvswtHN0Oj
4s2Yhpf5YtQRezJssGOte75plmgWAIGgEQEOMfM24CLJ
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net