Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
File: 73817c12-8c1e-4664-9721-3b7c6b416bab.roa (raw, json)
Hash identifier: 9TWq0ptFU0UGiCCPsecCQt41OI2AcffyZvn/Etqo+Hk=
Subject key identifier: 86:64:ED:D3:5B:EB:12:AA:BA:02:20:10:FF:F9:CA:5D:DA:80:86:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4843775AF10E84FE51A5B6903705AF784DBADC26
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:43:77:5a:f1:0e:84:fe:51:a5:b6:90:37:05:af:78:4d:ba:dc:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=c7965cb8a533f74787c8c5527f3f58eb9a9b238c5ae47f6e6424f7cfb64fe48f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:17:4f:88:59:f5:43:48:e8:6e:29:19:ea:
7d:70:9f:6c:1d:5d:29:a5:91:a5:01:70:7f:2b:72:
cb:8b:b9:39:64:0e:c7:bd:6e:29:ca:dd:f3:dd:74:
73:e4:48:c8:2e:05:63:03:5c:f8:bb:43:5c:ed:69:
ff:72:e8:86:cf:c7:f9:d4:46:f1:a2:c6:41:14:04:
fb:ea:02:e1:ea:98:9f:4f:23:0a:83:fe:7b:fa:d5:
c6:d8:f0:5f:52:af:1c:09:bb:30:16:ae:0d:14:fb:
d0:3b:7a:51:ec:0c:16:68:5a:66:07:52:1f:38:53:
9e:9f:47:a0:e5:8e:4a:d9:ec:6d:6d:0f:04:3c:b3:
d4:4b:e5:bb:01:9d:6e:67:0a:60:f2:d9:db:39:d7:
02:e8:54:25:59:56:74:af:34:1a:09:47:74:9c:a8:
b1:c7:54:02:b9:bb:84:6f:bb:64:03:c5:d2:40:d4:
93:a0:c9:fb:6c:86:9e:9f:ff:85:58:9a:09:c8:63:
d5:8f:93:8a:53:ef:df:43:46:36:53:a8:15:39:11:
de:15:07:6e:67:3f:44:5e:33:91:bc:a5:53:5b:18:
3f:c5:24:6a:f1:70:1c:dc:95:90:56:db:fa:53:e4:
c0:a6:d8:d7:7e:05:ba:13:7e:0d:2c:95:50:ed:9e:
e5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:64:ED:D3:5B:EB:12:AA:BA:02:20:10:FF:F9:CA:5D:DA:80:86:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
4f:3e:3c:11:70:60:4d:1d:e2:cd:68:2a:92:05:77:35:bc:1e:
1e:dc:13:98:dc:08:93:cf:68:a8:23:aa:4d:2b:d8:d9:cc:8f:
ec:96:ef:6f:58:10:44:0a:91:e6:e6:09:7e:a5:60:4f:bd:b8:
67:24:24:5a:59:aa:ca:c9:2e:3c:d7:a9:6b:1d:2d:d7:b5:84:
6d:00:d1:b6:74:ab:1a:ae:d0:37:26:ab:24:0c:c6:73:6a:c8:
05:43:d7:65:c4:37:a0:df:c3:4e:ef:06:59:66:ec:3c:e1:d6:
e4:ea:31:0c:86:2e:1f:7d:e1:94:60:bf:43:60:52:07:1d:4b:
d2:ab:b8:82:96:94:dd:30:28:fd:33:b0:e0:6c:d4:46:ca:0c:
0a:eb:94:b9:0b:66:29:55:b7:f7:6e:36:c6:bb:e1:7e:d2:4a:
f0:cd:ad:2d:ca:30:17:aa:bc:ae:ce:6c:44:6e:b2:cb:fc:25:
59:ce:9d:94:91:3a:df:f3:88:67:ea:31:1e:4d:9b:79:24:12:
01:e9:c9:f4:7e:b8:33:b6:cc:05:8a:ce:39:98:0a:e9:4c:72:
72:80:78:15:1a:d2:f7:8f:44:76:af:55:92:f2:27:ea:be:51:
9d:11:9e:e6:8e:28:21:af:16:8e:d3:30:8f:4b:63:48:7c:16:
c1:bb:d6:ad
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSEN3WvEOhP5RpbaQNwWveE263CYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3OTY1Y2I4YTUzM2Y3NDc4N2M4YzU1MjdmM2Y1OGViOWE5YjIzOGM1YWU0
N2Y2ZTY0MjRmN2NmYjY0ZmU0OGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsnF0+IWfVDSOhuKRnqfXCfbB1dKaWRpQFwfytyy4u5OWQOx71uKcrd8910
c+RIyC4FYwNc+LtDXO1p/3Lohs/H+dRG8aLGQRQE++oC4eqYn08jCoP+e/rVxtjw
X1KvHAm7MBauDRT70Dt6UewMFmhaZgdSHzhTnp9HoOWOStnsbW0PBDyz1EvluwGd
bmcKYPLZ2znXAuhUJVlWdK80GglHdJyoscdUArm7hG+7ZAPF0kDUk6DJ+2yGnp//
hViaCchj1Y+TilPv30NGNlOoFTkR3hUHbmc/RF4zkbylU1sYP8UkavFwHNyVkFbb
+lPkwKbY134FuhN+DSyVUO2e5bcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSGZO3T
W+sSqroCIBD/+cpd2oCGDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzM4MTdjMTItOGMxZS00NjY0LTk3MjEtM2I3YzZiNDE2YmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEATz48EXBgTR3izWgqkgV3NbweHtwTmNwIk89oqCOq
TSvY2cyP7Jbvb1gQRAqR5uYJfqVgT724ZyQkWlmqyskuPNepax0t17WEbQDRtnSr
Gq7QNyarJAzGc2rIBUPXZcQ3oN/DTu8GWWbsPOHW5OoxDIYuH33hlGC/Q2BSBx1L
0qu4gpaU3TAo/TOw4GzURsoMCuuUuQtmKVW39242xrvhftJK8M2tLcowF6q8rs5s
RG6yy/wlWc6dlJE63/OIZ+oxHk2beSQSAenJ9H64M7bMBYrOOZgK6UxycoB4FRrS
949Edq9VkvIn6r5RnRGe5o4oIa8WjtMwj0tjSHwWwbvWrQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net