Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
File: 71d66127-3f22-4413-8fe7-9d46d7fe6626.roa (raw, json)
Hash identifier: 9UQGXs5hhhfCswoHFT33bjLUHNeiId7ZcuuBTfcTC7g=
Subject key identifier: 02:B5:86:A7:6A:65:2B:C4:61:27:79:32:EB:EC:1C:89:31:E8:CA:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 555D07AB593396945CF8AC612F3AFE44CBED949E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:5d:07:ab:59:33:96:94:5c:f8:ac:61:2f:3a:fe:44:cb:ed:94:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=bbfa4e5636cccf62a3995650408cb9f02edcdbbf5ab32e03df73e6d4d1b0cbc9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:02:85:c1:7d:60:59:86:43:f5:e3:b8:8e:99:
85:37:1d:c7:58:59:12:35:69:24:27:72:2d:b6:75:
ee:43:9e:53:a0:3d:1e:55:ea:05:f2:7e:ad:87:43:
2e:a9:db:7e:e1:e6:36:df:ee:0d:61:29:fc:a9:9b:
fd:c6:98:70:df:28:ff:f8:eb:fd:86:71:3b:5a:ed:
0b:a6:46:26:18:c6:87:2b:91:fc:df:56:fb:b9:41:
89:7a:c9:e4:50:e4:ee:08:e9:31:64:88:08:98:d5:
98:00:5c:b4:39:67:bc:51:e9:69:95:e7:ad:bb:fb:
c4:72:cb:d2:3f:29:c5:cc:1f:88:ae:6a:39:be:ab:
e8:bf:ce:45:ad:dd:99:69:b2:65:7e:5e:59:29:66:
07:8f:16:b8:96:51:1c:5e:a2:68:a4:6e:84:d3:9d:
c1:d3:e3:de:f4:ea:bc:d4:bf:e0:4c:ff:23:34:db:
25:e2:7f:40:7e:66:0c:f5:df:d4:6d:33:66:51:d0:
61:16:c2:af:d1:63:4e:4f:2c:3c:88:63:cd:33:05:
95:c2:d4:be:45:05:32:4c:ef:aa:e4:55:31:54:19:
83:54:48:0d:e2:e9:b2:9a:f9:4d:20:a4:f8:87:eb:
24:80:51:53:50:ec:92:77:9a:12:2f:25:b3:68:de:
88:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B5:86:A7:6A:65:2B:C4:61:27:79:32:EB:EC:1C:89:31:E8:CA:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:77:f8:2b:33:55:3d:a3:10:af:a9:e2:16:f4:21:ef:68:4f:
11:7e:17:65:33:7b:90:e3:4e:36:77:75:85:35:0d:00:49:6c:
15:d8:a2:74:1a:35:6c:b5:e3:04:45:02:d2:99:19:fb:14:11:
25:31:ed:7e:4f:ac:ed:c3:5f:52:ba:35:a5:ab:6f:70:81:7b:
a5:70:61:36:7e:c4:af:54:bd:20:46:15:f4:91:63:52:95:a4:
fd:2b:5c:be:a9:3a:4f:04:4e:ed:a0:d6:a8:c6:25:48:c2:2e:
ce:98:37:a0:9d:85:5f:73:37:b9:40:e7:89:c2:15:5e:5f:60:
0e:43:de:50:ad:e5:26:25:7f:a9:ff:67:22:9f:a7:de:c3:05:
95:81:ab:99:51:e0:be:68:ac:b0:c7:74:81:f4:ac:26:88:24:
85:e8:c9:bd:37:91:ba:cf:0d:2b:a0:88:3e:7f:29:7c:ca:41:
35:57:e7:e9:bd:b1:f8:a3:20:bd:ef:0c:74:ae:8f:4a:18:7b:
86:6f:f0:81:5c:9f:71:85:63:66:3d:c0:bf:40:aa:b5:f8:9a:
5b:fc:5b:7f:17:25:15:1e:a0:e0:7e:35:65:d3:18:8e:90:ed:
ed:a0:53:b4:2b:07:c9:2a:46:64:44:55:ad:d1:0e:1a:88:18:
d2:a8:4f:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVV0Hq1kzlpRc+KxhLzr+RMvtlJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZmE0ZTU2MzZjY2NmNjJhMzk5NTY1MDQwOGNiOWYwMmVkY2RiYmY1YWIz
MmUwM2RmNzNlNmQ0ZDFiMGNiYzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcChcF9YFmGQ/XjuI6ZhTcdx1hZEjVpJCdyLbZ17kOeU6A9HlXqBfJ+rYdD
LqnbfuHmNt/uDWEp/Kmb/caYcN8o//jr/YZxO1rtC6ZGJhjGhyuR/N9W+7lBiXrJ
5FDk7gjpMWSICJjVmABctDlnvFHpaZXnrbv7xHLL0j8pxcwfiK5qOb6r6L/ORa3d
mWmyZX5eWSlmB48WuJZRHF6iaKRuhNOdwdPj3vTqvNS/4Ez/IzTbJeJ/QH5mDPXf
1G0zZlHQYRbCr9FjTk8sPIhjzTMFlcLUvkUFMkzvquRVMVQZg1RIDeLpspr5TSCk
+IfrJIBRU1DskneaEi8ls2jeiP8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCtYan
amUrxGEneTLr7ByJMejKQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzFkNjYxMjctM2YyMi00NDEzLThmZTctOWQ0NmQ3ZmU2NjI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQAld/grM1U9oxCvqeIW9CHvaE8RfhdlM3uQ4042d3WF
NQ0ASWwV2KJ0GjVsteMERQLSmRn7FBElMe1+T6ztw19SujWlq29wgXulcGE2fsSv
VL0gRhX0kWNSlaT9K1y+qTpPBE7toNaoxiVIwi7OmDegnYVfcze5QOeJwhVeX2AO
Q95QreUmJX+p/2cin6fewwWVgauZUeC+aKywx3SB9KwmiCSF6Mm9N5G6zw0roIg+
fyl8ykE1V+fpvbH4oyC97wx0ro9KGHuGb/CBXJ9xhWNmPcC/QKq1+Jpb/Ft/FyUV
HqDgfjVl0xiOkO3toFO0KwfJKkZkRFWt0Q4aiBjSqE9n
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net