Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
File: 79f828d9-a8c6-4d05-b291-d1f3154636f8.roa (raw, json)
Hash identifier: AI0wJgHWogQVhxj+ZlGWbef2alIu5GsPqYQAMtlfRd0=
Subject key identifier: ED:7F:B6:01:6A:B8:E0:69:11:54:09:22:4A:AA:47:31:C0:FE:09:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49EDFB20FB3B0F77493C79D323E4C83313D8E2ED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ed:fb:20:fb:3b:0f:77:49:3c:79:d3:23:e4:c8:33:13:d8:e2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=032bdeb7d82fe971ed0c69e391cb11ebdeac05fa269c37906ade95d61d5c71a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:92:69:0a:8d:bf:c7:01:29:55:77:ea:3f:b2:
44:81:f9:3a:b2:e7:eb:0d:8d:71:27:c6:f5:62:6c:
61:c1:c6:a6:bc:a5:46:d6:00:b5:73:e0:82:19:1f:
10:3e:02:ca:9e:c1:18:6f:ad:9c:24:30:fc:9d:08:
db:4d:c4:8f:41:98:d8:b0:23:86:58:67:d8:ea:47:
3f:c5:98:bf:2b:00:ff:84:c7:2c:95:fa:9e:78:ba:
d7:fa:1f:16:78:7c:75:5e:9c:be:40:9f:14:0f:cc:
38:e1:a5:ab:29:b7:c5:d1:9f:37:d9:4d:e3:99:03:
c0:6a:4f:d6:50:dc:fa:e8:20:a1:0b:52:16:60:bc:
8f:7c:37:5b:69:7d:8a:03:09:a7:3b:f1:63:fe:ab:
26:1c:3e:e3:92:53:fe:11:67:09:6f:0f:81:d8:96:
28:3e:8d:54:c4:5d:f3:db:fa:4d:c9:8f:41:52:c3:
47:37:0d:df:15:ca:15:9d:17:e7:a5:5b:6f:89:3f:
dd:fe:9a:0d:f4:26:57:14:7f:f5:65:da:e5:29:66:
58:dc:df:54:23:bc:e2:86:e0:65:b1:55:a4:8e:ca:
26:9a:ed:80:d6:44:0b:0e:2e:51:ca:ba:87:31:89:
64:60:02:81:0c:38:f1:b3:03:d8:fb:ba:2c:1f:c7:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:7F:B6:01:6A:B8:E0:69:11:54:09:22:4A:AA:47:31:C0:FE:09:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:5c:32:29:5e:5d:eb:54:b9:ac:7d:4b:a8:b8:26:8c:fe:44:
d6:4c:76:6e:71:64:a5:2c:a3:e2:04:f7:b5:91:75:75:77:bb:
88:02:4f:a1:d2:49:20:52:9c:a6:57:b2:5c:01:1c:a2:f8:19:
4b:af:d3:a5:87:29:9c:ad:47:be:f5:94:fc:f2:76:72:a7:0b:
58:6c:38:78:0a:9f:7b:32:ad:1c:f4:2b:08:81:53:70:5c:0d:
2c:01:18:f1:3c:b4:2c:48:98:bb:e5:2d:3b:da:b9:3a:7b:de:
a2:c1:e1:1f:19:3a:23:a5:c6:1e:72:42:a9:39:83:2a:47:e7:
b8:ae:81:c5:03:a3:81:b6:4d:cd:b8:f0:3b:0d:d2:a1:c9:52:
2d:33:ff:b0:ad:70:c7:2b:9b:82:50:67:fa:0f:8f:b0:b9:c6:
f3:8a:ec:21:08:d5:32:7b:b1:f2:86:b5:f0:80:89:1c:7b:45:
ae:c1:65:6f:7a:6e:43:f7:f9:a7:9b:6d:01:c8:9b:f6:1a:58:
76:9e:13:34:90:37:7d:73:8a:82:5e:28:0e:11:f4:b2:4d:1f:
d2:83:7a:54:fe:71:5e:55:5a:67:ab:55:8c:43:e5:15:82:94:
37:13:06:5f:da:e6:9a:32:16:6d:9e:1e:15:4a:23:7b:ac:12:
bf:b1:e9:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSe37IPs7D3dJPHnTI+TIMxPY4u0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMmJkZWI3ZDgyZmU5NzFlZDBjNjllMzkxY2IxMWViZGVhYzA1ZmEyNjlj
Mzc5MDZhZGU5NWQ2MWQ1YzcxYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOSaQqNv8cBKVV36j+yRIH5OrLn6w2NcSfG9WJsYcHGprylRtYAtXPgghkf
ED4Cyp7BGG+tnCQw/J0I203Ej0GY2LAjhlhn2OpHP8WYvysA/4THLJX6nni61/of
Fnh8dV6cvkCfFA/MOOGlqym3xdGfN9lN45kDwGpP1lDc+uggoQtSFmC8j3w3W2l9
igMJpzvxY/6rJhw+45JT/hFnCW8PgdiWKD6NVMRd89v6TcmPQVLDRzcN3xXKFZ0X
56Vbb4k/3f6aDfQmVxR/9WXa5SlmWNzfVCO84obgZbFVpI7KJprtgNZECw4uUcq6
hzGJZGACgQw48bMD2Pu6LB/HvDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtf7YB
arjgaRFUCSJKqkcxwP4JEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlmODI4ZDktYThjNi00ZDA1LWIyOTEtZDFmMzE1NDYzNmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQA5XDIpXl3rVLmsfUuouCaM/kTWTHZucWSlLKPiBPe1
kXV1d7uIAk+h0kkgUpymV7JcARyi+BlLr9OlhymcrUe+9ZT88nZypwtYbDh4Cp97
Mq0c9CsIgVNwXA0sARjxPLQsSJi75S072rk6e96iweEfGTojpcYeckKpOYMqR+e4
roHFA6OBtk3NuPA7DdKhyVItM/+wrXDHK5uCUGf6D4+wucbziuwhCNUye7HyhrXw
gIkce0WuwWVvem5D9/mnm20ByJv2Glh2nhM0kDd9c4qCXigOEfSyTR/Sg3pU/nFe
VVpnq1WMQ+UVgpQ3EwZf2uaaMhZtnh4VSiN7rBK/semp
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net