Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
File: 7f93618f-074f-4431-abe6-691e069b191f.roa (raw, json)
Hash identifier: 6yEgozxVJy07x/xOw6stZqJMvAxblwP3CrjoqeRJmKk=
Subject key identifier: 14:B9:93:CD:39:1E:AF:F0:59:8C:C2:86:84:53:19:35:8F:D9:17:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5BBB8F644085C470CBBAB29A8CF7515F81FA479B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:bb:8f:64:40:85:c4:70:cb:ba:b2:9a:8c:f7:51:5f:81:fa:47:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=15f46abbeb5634dcf5b895e4a471ca26e2d1f72d21b22388510ecbf4feee1074, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cb:82:0d:15:6f:5d:dd:a4:e0:aa:8b:54:35:
7d:0a:cb:3a:71:c0:4e:92:dd:dc:87:00:cd:92:be:
99:cf:a6:6e:97:70:51:84:fe:7a:6f:29:b9:58:d2:
a6:10:83:75:97:70:7e:29:e5:60:38:9c:b3:a3:d2:
9a:59:8b:d9:6b:3a:bc:bd:07:e6:bd:13:e9:48:4b:
81:7a:43:c4:32:85:be:74:4e:1d:d1:ae:a9:d9:99:
08:45:aa:d4:72:6e:5c:7e:d7:c1:99:32:ae:5d:f7:
20:3a:2b:66:bb:b3:7f:e4:a6:22:3d:16:28:71:1c:
0d:d7:81:fc:57:8b:dc:33:7d:4e:76:37:42:62:37:
8d:a6:75:2e:59:d5:2c:e6:f5:ca:44:6d:29:fc:af:
9b:ce:48:ab:76:6f:da:d6:ef:21:47:c1:0c:d8:2c:
37:f7:e4:a4:ee:a2:27:40:37:d7:0b:13:0e:ae:ed:
df:08:56:4f:2d:e4:94:48:65:af:03:da:d8:bc:55:
0d:ca:51:b3:64:58:52:ff:51:66:94:0e:c1:56:40:
bc:f1:fb:1e:65:64:84:65:6a:7f:c3:d1:18:c4:f2:
80:0b:53:21:d1:ec:b5:f6:41:44:1e:fc:be:a5:6d:
c5:51:69:8b:11:1a:35:d8:22:d7:ef:f3:96:ff:46:
07:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B9:93:CD:39:1E:AF:F0:59:8C:C2:86:84:53:19:35:8F:D9:17:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:48:01:6b:95:22:f4:1d:e2:e6:8d:3d:3d:99:20:13:72:8f:
81:73:e4:19:65:c5:4d:e4:b1:4d:2d:98:5a:cd:92:7d:71:d9:
65:df:5c:80:2d:36:fd:4b:89:bf:8f:21:cc:52:74:b5:f9:8a:
a1:f5:1c:c3:e3:bd:7d:05:87:a3:75:06:1a:f0:c1:cf:9b:87:
5f:c1:92:1d:cc:f5:cb:c5:b1:91:60:ef:4d:65:9c:c9:95:e0:
22:ba:ab:ce:24:8d:ca:db:e6:86:df:72:8b:53:3c:1f:5f:17:
00:c4:61:71:b4:87:4f:a4:bf:1b:48:46:be:f5:7d:60:af:a3:
e1:04:39:7a:67:43:26:00:ff:14:a0:51:ef:53:41:f4:ee:f1:
e5:09:e4:47:8e:1d:fa:1c:2c:ba:e6:4a:59:63:e9:a3:7c:36:
2c:7c:5d:64:f8:3e:c8:c8:00:63:8f:31:d0:c3:83:9a:04:32:
aa:fe:32:70:1a:c5:23:0e:0a:68:ba:8f:a8:06:ee:29:7b:ba:
fe:27:62:e7:52:fb:c9:f4:d9:e6:49:da:78:e9:96:13:42:bc:
21:08:6b:50:ee:d8:cc:5b:5c:5a:1a:a3:9d:55:2e:b5:01:f9:
cd:96:c0:ef:a2:9b:53:95:01:28:19:12:95:e9:95:c4:69:8f:
42:2e:9f:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW7uPZECFxHDLurKajPdRX4H6R5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZjQ2YWJiZWI1NjM0ZGNmNWI4OTVlNGE0NzFjYTI2ZTJkMWY3MmQyMWIy
MjM4ODUxMGVjYmY0ZmVlZTEwNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrLgg0Vb13dpOCqi1Q1fQrLOnHATpLd3IcAzZK+mc+mbpdwUYT+em8puVjS
phCDdZdwfinlYDics6PSmlmL2Ws6vL0H5r0T6UhLgXpDxDKFvnROHdGuqdmZCEWq
1HJuXH7XwZkyrl33IDorZruzf+SmIj0WKHEcDdeB/FeL3DN9TnY3QmI3jaZ1LlnV
LOb1ykRtKfyvm85Iq3Zv2tbvIUfBDNgsN/fkpO6iJ0A31wsTDq7t3whWTy3klEhl
rwPa2LxVDcpRs2RYUv9RZpQOwVZAvPH7HmVkhGVqf8PRGMTygAtTIdHstfZBRB78
vqVtxVFpixEaNdgi1+/zlv9GB+UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUuZPN
OR6v8FmMwoaEUxk1j9kXDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y5MzYxOGYtMDc0Zi00NDMxLWFiZTYtNjkxZTA2OWIxOTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQDNSAFrlSL0HeLmjT09mSATco+Bc+QZZcVN5LFNLZha
zZJ9cdll31yALTb9S4m/jyHMUnS1+Yqh9RzD4719BYejdQYa8MHPm4dfwZIdzPXL
xbGRYO9NZZzJleAiuqvOJI3K2+aG33KLUzwfXxcAxGFxtIdPpL8bSEa+9X1gr6Ph
BDl6Z0MmAP8UoFHvU0H07vHlCeRHjh36HCy65kpZY+mjfDYsfF1k+D7IyABjjzHQ
w4OaBDKq/jJwGsUjDgpouo+oBu4pe7r+J2LnUvvJ9NnmSdp46ZYTQrwhCGtQ7tjM
W1xaGqOdVS61AfnNlsDvoptTlQEoGRKV6ZXEaY9CLp9n
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net