Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
File: 7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa (raw, json)
Hash identifier: SW8mbvAVU0svzBxHSMdcmI7MHeVwIkatSi8Z3/xppvk=
Subject key identifier: D2:66:0A:36:C6:C1:13:2C:C1:CC:62:8A:94:58:4A:63:BD:49:64:05
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E7C4A287389B49A1D1D45C86C69941211697FA6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:7c:4a:28:73:89:b4:9a:1d:1d:45:c8:6c:69:94:12:11:69:7f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: serialNumber=0a308c36aa14e794164ae006a12f0753038621009fe54a8906dabf4326fe9ae7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:51:e5:57:92:bd:26:3d:98:d2:c4:fb:89:76:
14:49:c1:93:f5:21:bb:f9:35:1f:7d:74:ef:be:c0:
8f:cc:95:44:cc:eb:2f:f0:86:3c:a5:ae:5c:2e:4d:
dc:a3:87:1c:9c:bb:cc:da:2a:66:28:6d:4b:18:4d:
00:b9:ca:9b:22:74:dc:17:46:61:37:04:f4:25:20:
c5:df:76:7b:c1:3a:29:0a:32:3d:37:21:2d:64:bb:
d7:1f:88:47:a0:f8:9f:a6:16:ee:7a:05:94:74:94:
2f:bf:dd:96:01:21:a0:01:9c:46:a1:fa:fb:0f:64:
2c:30:5e:a9:f6:aa:fd:29:00:8f:7e:ac:a1:17:a0:
0b:aa:26:51:16:d2:22:dd:ef:e0:0a:9c:ec:e4:09:
f0:d0:29:b4:12:b9:2a:d7:97:2e:fe:b2:72:3d:33:
35:56:fd:2f:e4:80:e8:65:da:a4:59:09:66:18:a2:
2b:88:71:2d:8a:32:d5:65:9e:7a:1d:ea:ca:64:8e:
4c:60:0f:7c:13:e3:60:50:4a:c1:d3:f7:24:27:2e:
72:95:21:73:c3:04:69:4a:4b:9a:ab:6b:67:10:40:
88:3d:a0:4b:20:e0:bc:33:f2:5f:83:74:6f:d5:52:
f8:ea:7d:b0:97:36:7d:7b:a7:f1:94:d1:a5:89:59:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:66:0A:36:C6:C1:13:2C:C1:CC:62:8A:94:58:4A:63:BD:49:64:05
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:64:e8:51:53:88:bb:b7:63:f6:b7:2a:3e:9a:e6:fe:6b:ff:
c7:0e:7e:f1:cb:0b:88:db:2f:68:cf:2c:1e:d4:a5:8a:cc:84:
02:b6:df:4a:2c:04:e6:54:d7:60:b9:51:25:44:99:b7:c0:25:
7c:4f:ab:e6:ce:d8:e0:be:59:12:03:a3:b9:45:de:f9:8e:a6:
08:09:42:22:42:a2:90:39:5f:d6:92:17:3c:b8:2d:2e:8a:55:
d7:c3:31:72:88:ab:de:70:dc:af:b5:e7:bf:fa:1f:06:5c:54:
7b:df:63:c4:88:f7:a8:c9:9e:85:39:14:09:3a:78:7c:94:36:
07:96:e7:29:49:58:2a:17:eb:aa:be:a1:85:1c:2d:9c:70:0f:
d9:b8:cb:bb:77:d7:2b:bd:1a:44:f1:e4:8c:56:54:1a:e1:ff:
36:a9:00:7a:12:a5:6f:d6:81:f6:e8:25:61:cd:cb:35:40:06:
7d:e3:2a:16:fa:f9:7c:fe:3f:3f:26:24:66:cb:bc:9b:0d:2e:
33:b4:fd:ac:cd:75:68:e7:ae:d1:a7:5d:8e:bc:da:ff:83:4b:
97:41:32:a8:df:6e:ee:f4:4f:02:59:d3:61:06:ce:cf:18:80:
53:8c:a2:7a:ce:32:12:59:91:23:67:73:13:c4:1b:86:4e:a0:
40:52:bf:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXnxKKHOJtJodHUXIbGmUEhFpf6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMzA4YzM2YWExNGU3OTQxNjRhZTAwNmExMmYwNzUzMDM4NjIxMDA5ZmU1
NGE4OTA2ZGFiZjQzMjZmZTlhZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1R5VeSvSY9mNLE+4l2FEnBk/Uhu/k1H310777Aj8yVRMzrL/CGPKWuXC5N
3KOHHJy7zNoqZihtSxhNALnKmyJ03BdGYTcE9CUgxd92e8E6KQoyPTchLWS71x+I
R6D4n6YW7noFlHSUL7/dlgEhoAGcRqH6+w9kLDBeqfaq/SkAj36soRegC6omURbS
It3v4Aqc7OQJ8NAptBK5KteXLv6ycj0zNVb9L+SA6GXapFkJZhiiK4hxLYoy1WWe
eh3qymSOTGAPfBPjYFBKwdP3JCcucpUhc8MEaUpLmqtrZxBAiD2gSyDgvDPyX4N0
b9VS+Op9sJc2fXun8ZTRpYlZR5sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTSZgo2
xsETLMHMYoqUWEpjvUlkBTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2ZiZDYwNWItZDRlNS00YjE0LTllYzAtZTFiMmY0ZmZiNTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQAuZOhRU4i7t2P2tyo+mub+a//HDn7xywuI2y9ozywe
1KWKzIQCtt9KLATmVNdguVElRJm3wCV8T6vmztjgvlkSA6O5Rd75jqYICUIiQqKQ
OV/Wkhc8uC0uilXXwzFyiKvecNyvtee/+h8GXFR732PEiPeoyZ6FORQJOnh8lDYH
lucpSVgqF+uqvqGFHC2ccA/ZuMu7d9crvRpE8eSMVlQa4f82qQB6EqVv1oH26CVh
zcs1QAZ94yoW+vl8/j8/JiRmy7ybDS4ztP2szXVo567Rp12OvNr/g0uXQTKo327u
9E8CWdNhBs7PGIBTjKJ6zjISWZEjZ3MTxBuGTqBAUr/R
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net