Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
File: 8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa (raw, json)
Hash identifier: aSPnEq4DNKkrGb3dZBHxcf3r9JqUQKcrGlVOj+M0980=
Subject key identifier: 87:4A:77:2F:87:D4:3D:3E:1A:21:48:76:95:F3:45:D7:48:FD:1B:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D8C35436E0EF256C0E052903D0833015CF327AA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:8c:35:43:6e:0e:f2:56:c0:e0:52:90:3d:08:33:01:5c:f3:27:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=1036e97fa5883eddd386483a81c7a1b080e2c8e2f8d5d37ce105f973f21f23b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:d0:53:5f:65:32:88:cb:2b:2f:3a:55:1e:
7e:74:b3:19:13:dd:39:54:70:90:81:0c:1d:e1:29:
a9:ce:41:ec:ee:3b:25:6a:c8:9a:91:92:c5:65:45:
d5:25:d0:8f:e9:2a:f8:3e:64:5b:5a:e5:8d:b9:63:
e6:d6:b9:18:0f:d3:7c:f1:26:df:09:04:ce:27:de:
9a:4c:18:04:10:67:af:52:d6:49:20:3d:c7:b4:a9:
8b:76:ef:58:9f:aa:5d:96:dc:f4:f1:11:fb:c5:c8:
61:56:53:35:5d:58:06:f2:8b:0f:1a:17:94:c5:7c:
13:56:bf:cc:20:65:fb:7c:f8:87:2a:d4:1a:6c:f3:
aa:1e:e3:64:0a:f0:80:ee:32:9d:9f:07:8a:a8:5e:
28:7a:d7:83:33:c2:d3:08:21:6e:0b:ea:45:6f:12:
52:af:e9:3e:39:5d:a2:c2:d1:bb:46:8f:b5:4c:ec:
62:d8:27:da:35:76:a0:af:4a:32:bc:cd:93:6b:b5:
f4:01:5a:71:6a:d0:7d:19:68:e4:b0:83:66:78:77:
d0:96:ee:b1:36:17:8e:b6:03:43:26:1d:db:3a:75:
a4:29:0e:6a:66:05:3b:dc:ee:35:b3:b5:d8:64:fe:
4d:38:0b:c9:0c:01:1b:ce:48:e1:83:3c:c7:95:36:
9e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4A:77:2F:87:D4:3D:3E:1A:21:48:76:95:F3:45:D7:48:FD:1B:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:d6:c8:0f:2e:ce:c6:30:9c:39:46:9d:eb:fe:34:85:28:84:
26:32:2d:f2:03:ef:9d:4e:db:dc:ca:6e:ca:8b:c2:7d:9d:84:
9a:1c:c8:f8:55:0f:fa:75:ee:c7:6b:97:7c:28:6f:12:13:5d:
09:3d:ae:10:45:dd:0e:4a:79:54:44:f6:6e:c1:57:3d:a1:71:
5b:3b:a3:81:b7:0d:ae:a3:3a:0c:97:70:d9:1d:09:da:ea:84:
8b:95:53:09:7b:8d:a3:15:09:bf:1f:e1:b7:76:e2:dd:f8:d9:
de:74:18:2a:27:18:c1:03:2c:ed:ca:9f:0c:cb:fe:0e:78:f6:
01:6c:c3:62:bb:15:fc:99:71:3b:d2:8c:c3:68:57:10:ef:74:
ee:fa:7b:b4:f3:c0:ba:e8:b5:f2:72:fd:e7:14:ff:de:af:f3:
92:c1:d3:3f:18:33:fe:06:3d:c7:8b:a8:4a:1b:ab:d9:ff:d9:
62:c5:4a:32:12:06:98:5c:60:bd:0a:2f:3c:ac:ee:0f:5b:ce:
17:b7:c8:8b:e1:c6:61:5e:71:8f:59:52:24:36:79:2d:d9:c5:
76:ae:bd:0d:b5:a1:43:c6:d3:03:9c:a3:8e:51:d3:8c:a7:99:
0f:8d:22:51:92:d2:7d:32:db:92:7d:03:f8:8d:30:04:d0:81:
8b:03:24:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbYw1Q24O8lbA4FKQPQgzAVzzJ6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMzZlOTdmYTU4ODNlZGRkMzg2NDgzYTgxYzdhMWIwODBlMmM4ZTJmOGQ1
ZDM3Y2UxMDVmOTczZjIxZjIzYjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6k0FNfZTKIyysvOlUefnSzGRPdOVRwkIEMHeEpqc5B7O47JWrImpGSxWVF
1SXQj+kq+D5kW1rljblj5ta5GA/TfPEm3wkEzifemkwYBBBnr1LWSSA9x7Spi3bv
WJ+qXZbc9PER+8XIYVZTNV1YBvKLDxoXlMV8E1a/zCBl+3z4hyrUGmzzqh7jZArw
gO4ynZ8HiqheKHrXgzPC0wghbgvqRW8SUq/pPjldosLRu0aPtUzsYtgn2jV2oK9K
MrzNk2u19AFacWrQfRlo5LCDZnh30JbusTYXjrYDQyYd2zp1pCkOamYFO9zuNbO1
2GT+TTgLyQwBG85I4YM8x5U2nuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSHSncv
h9Q9PhohSHaV80XXSP0bszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGE1OTQxNzMtZDIzYi00ZTRhLTlhMWYtOTZkZWI1OWI0NWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBI1sgPLs7GMJw5Rp3r/jSFKIQmMi3yA++dTtvcym7K
i8J9nYSaHMj4VQ/6de7Ha5d8KG8SE10JPa4QRd0OSnlURPZuwVc9oXFbO6OBtw2u
ozoMl3DZHQna6oSLlVMJe42jFQm/H+G3duLd+NnedBgqJxjBAyztyp8My/4OePYB
bMNiuxX8mXE70ozDaFcQ73Tu+nu088C66LXycv3nFP/er/OSwdM/GDP+Bj3Hi6hK
G6vZ/9lixUoyEgaYXGC9Ci88rO4PW84Xt8iL4cZhXnGPWVIkNnkt2cV2rr0NtaFD
xtMDnKOOUdOMp5kPjSJRktJ9MtuSfQP4jTAE0IGLAyQ/
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net