Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
File: 88f52aa4-587a-4c53-908e-056e9d4b7bca.roa (raw, json)
Hash identifier: a1YD280YlvL4u4Zk/ZfsBs3evg/CuD8rbSOeXcgafuU=
Subject key identifier: 23:91:6B:9F:93:08:56:F8:5A:B9:D3:18:71:3A:9A:B9:75:EE:A7:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60A48AF95E38BABD9C2B377A0AC44CA425BF1AA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:a4:8a:f9:5e:38:ba:bd:9c:2b:37:7a:0a:c4:4c:a4:25:bf:1a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=cef83d5cd3a634727b7caa3c27d0ace5ae485e150574b9a0f322b42580208496, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0f:66:27:0f:11:79:6e:2e:bc:cc:5f:09:18:
ef:69:fa:ab:71:24:71:fb:51:78:bb:79:05:24:59:
3a:df:ac:80:4e:3a:b7:6a:a5:fe:2a:ab:bf:a8:3c:
57:54:0f:61:3d:ef:f7:84:00:01:e9:72:d0:fc:dd:
df:6d:19:d9:45:47:21:f7:f6:4b:01:60:c1:28:10:
99:5c:a4:87:ce:b5:e3:5f:ee:35:d8:fc:e9:1a:b0:
ae:cc:f5:f7:7f:20:e8:c2:96:0a:23:8a:b8:8a:c1:
67:4a:3a:4e:22:60:3b:de:dc:fc:e3:0b:45:da:6b:
ee:f2:c0:ea:64:70:a9:a3:4b:a5:5e:b8:39:8c:59:
cd:ef:f8:0b:3a:8e:21:9f:65:d6:b2:2f:c2:00:d6:
63:53:57:43:73:47:ac:de:bf:e8:a7:21:37:01:50:
48:d5:59:89:a9:4a:5a:c8:79:09:cb:0f:e8:87:5d:
ba:c3:8b:e1:38:81:38:ea:41:68:8c:77:12:c1:70:
0c:88:93:7b:e6:40:83:e2:be:99:b4:1a:bc:f4:3c:
3b:05:b0:6d:90:5d:ed:c4:be:22:92:fe:03:2e:04:
93:e9:fe:54:cd:14:20:ea:2e:39:60:2a:e6:d3:e5:
e6:d3:6d:eb:3e:a1:01:a2:ba:7b:92:1d:56:f4:8f:
dd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:91:6B:9F:93:08:56:F8:5A:B9:D3:18:71:3A:9A:B9:75:EE:A7:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a0:21:1b:3e:e8:59:90:4f:38:f2:7d:ad:e4:55:35:d4:dc:d6:
94:11:aa:a7:78:65:84:80:d0:5d:1b:a6:90:b3:34:e5:66:66:
7e:1d:fa:ca:c1:ef:25:81:56:9f:92:7b:31:06:ed:d7:03:3c:
59:81:d6:2f:d0:f9:64:79:2c:f5:1a:8a:e7:b2:4b:14:c1:1c:
8c:56:a8:f2:f9:31:c9:eb:1f:d8:30:19:f0:97:6c:07:65:2f:
56:21:b0:20:7e:f8:cb:54:1f:15:90:8e:86:f3:87:88:91:fd:
e7:4b:82:08:2e:47:42:5b:cc:ed:4f:41:7b:a7:7a:ce:75:4f:
ea:46:c1:8a:78:85:9e:19:bc:cf:ca:50:d7:a8:94:99:fd:47:
77:45:a9:93:d5:f4:24:39:a3:ba:8e:8a:04:cd:48:5c:08:80:
86:89:c5:fd:13:cb:cb:46:26:9a:db:c5:50:ac:e0:22:e3:a9:
86:5b:b4:ff:b6:98:48:56:89:5d:b1:38:fc:fc:8c:a2:76:5d:
d0:d1:7b:35:d9:93:f2:f7:fd:d8:4d:2b:20:0c:0e:80:d1:23:
bc:bc:a8:5f:51:11:a4:fd:de:99:4e:c5:97:0c:bb:6a:01:5c:
e1:35:03:6a:c9:ca:98:5c:73:63:51:9f:d9:d3:32:25:a4:46:
b7:1c:0f:02
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYKSK+V44ur2cKzd6CsRMpCW/GqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlZjgzZDVjZDNhNjM0NzI3YjdjYWEzYzI3ZDBhY2U1YWU0ODVlMTUwNTc0
YjlhMGYzMjJiNDI1ODAyMDg0OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMPZicPEXluLrzMXwkY72n6q3EkcftReLt5BSRZOt+sgE46t2ql/iqrv6g8
V1QPYT3v94QAAely0Pzd320Z2UVHIff2SwFgwSgQmVykh86141/uNdj86Rqwrsz1
938g6MKWCiOKuIrBZ0o6TiJgO97c/OMLRdpr7vLA6mRwqaNLpV64OYxZze/4CzqO
IZ9l1rIvwgDWY1NXQ3NHrN6/6KchNwFQSNVZialKWsh5CcsP6IddusOL4TiBOOpB
aIx3EsFwDIiTe+ZAg+K+mbQavPQ8OwWwbZBd7cS+IpL+Ay4Ek+n+VM0UIOouOWAq
5tPl5tNt6z6hAaK6e5IdVvSP3ZkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjkWuf
kwhW+Fq50xhxOpq5de6nWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhmNTJhYTQtNTg3YS00YzUzLTkwOGUtMDU2ZTlkNGI3YmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCgIRs+6FmQTzjyfa3kVTXU3NaUEaqneGWEgNBdG6aQ
szTlZmZ+HfrKwe8lgVafknsxBu3XAzxZgdYv0PlkeSz1GornsksUwRyMVqjy+THJ
6x/YMBnwl2wHZS9WIbAgfvjLVB8VkI6G84eIkf3nS4IILkdCW8ztT0F7p3rOdU/q
RsGKeIWeGbzPylDXqJSZ/Ud3RamT1fQkOaO6jooEzUhcCICGicX9E8vLRiaa28VQ
rOAi46mGW7T/tphIVoldsTj8/Iyidl3Q0Xs12ZPy9/3YTSsgDA6A0SO8vKhfURGk
/d6ZTsWXDLtqAVzhNQNqycqYXHNjUZ/Z0zIlpEa3HA8C
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net