Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
File: 8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa (raw, json)
Hash identifier: eF0nkRKRjS/c80PxaZ+Din2zjvgBB7g8d10UNuUM6sI=
Subject key identifier: 16:90:EF:AE:DB:7C:04:D0:EE:15:21:D1:42:81:24:38:92:4C:35:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69D8C6C91C77543EC87D8F2AD1062EF2A5C9CC98
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d8:c6:c9:1c:77:54:3e:c8:7d:8f:2a:d1:06:2e:f2:a5:c9:cc:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=3a353e83f12f2eaa5038bfe3d4faaac70ae1ea0d9fe99b0724409af3fd2c630d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:98:75:99:2b:5d:d9:a0:0a:9f:10:a6:c3:fd:
1a:44:b7:0a:15:1c:a4:b1:9c:6e:a4:48:65:c7:0c:
f3:9c:58:d1:16:fc:56:e2:91:96:31:c9:c7:12:68:
e1:f0:27:61:02:b0:fc:c3:93:2a:0b:8a:7b:da:a9:
6f:d1:59:f3:c8:12:ef:22:21:27:c3:58:4b:17:2d:
b8:52:e2:ba:ec:78:87:73:c0:ec:f7:dc:bc:a5:6c:
62:36:e8:b7:64:b8:53:29:dd:80:15:6e:93:d4:0d:
f7:34:c7:2f:d8:df:f9:9e:64:b3:d3:cf:ef:28:52:
32:6d:2d:7d:4e:bf:3c:b6:66:da:b2:7d:20:12:4e:
89:1f:38:a1:d9:ff:d1:a5:2c:04:34:dc:81:59:67:
7a:76:97:97:92:05:c5:70:cb:e7:e0:95:66:fd:80:
e0:f5:90:12:74:a3:83:96:7b:f1:78:9c:1a:04:19:
16:db:97:5b:5d:c1:ef:e4:4e:bd:a8:9e:2f:79:f4:
cb:c6:7b:28:67:4a:c4:e0:58:e2:04:69:c7:01:89:
34:84:86:2f:e2:87:be:85:19:52:bb:dc:18:67:84:
c5:10:a1:1f:6b:21:8d:10:5c:34:bd:26:8c:7f:1f:
04:70:c9:60:9d:be:ee:00:13:d2:cd:2a:e9:c9:ee:
d6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:90:EF:AE:DB:7C:04:D0:EE:15:21:D1:42:81:24:38:92:4C:35:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:7c:f8:be:73:48:e9:ca:88:b3:91:2a:53:b2:4d:23:b0:48:
18:ea:a9:d8:f8:55:3e:5a:50:8e:31:95:93:a5:3f:22:3a:a1:
ab:07:bf:98:89:ad:1e:2f:05:69:45:93:23:df:12:c1:cb:37:
28:a5:2a:af:5d:24:40:73:3f:2e:57:7e:92:56:2b:dd:10:74:
4b:d3:e1:6a:c6:d2:a4:ff:56:36:e8:4e:55:d6:14:ae:ad:49:
0c:95:eb:bc:92:d9:73:79:b9:43:2c:f0:a1:c2:8f:f3:66:0f:
d6:93:4d:ab:81:5a:e8:86:1a:ed:65:f6:20:6d:c9:cc:ea:07:
57:b6:74:c2:f7:34:00:04:06:a9:72:d0:ab:cb:c6:83:34:ba:
5b:46:49:6e:ef:17:e7:1d:ca:b3:91:48:10:e2:ac:d1:e6:8a:
00:91:b1:04:53:bb:ea:7e:d9:92:17:60:25:e9:f9:ac:08:52:
27:b0:58:ed:05:1e:a9:a4:5f:4a:16:40:dd:0a:6f:81:c9:e5:
b8:d7:09:5e:80:1e:ee:bd:f8:84:9e:dc:50:19:1c:de:41:3f:
b2:68:b5:77:55:02:a9:40:a4:4f:4e:02:16:eb:ea:ce:9b:42:
fb:85:b9:d0:c9:f6:bf:01:84:3e:59:e1:8d:f3:8c:02:4e:eb:
fe:e2:2d:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUadjGyRx3VD7IfY8q0QYu8qXJzJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMzUzZTgzZjEyZjJlYWE1MDM4YmZlM2Q0ZmFhYWM3MGFlMWVhMGQ5ZmU5
OWIwNzI0NDA5YWYzZmQyYzYzMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeYdZkrXdmgCp8QpsP9GkS3ChUcpLGcbqRIZccM85xY0Rb8VuKRljHJxxJo
4fAnYQKw/MOTKguKe9qpb9FZ88gS7yIhJ8NYSxctuFLiuux4h3PA7PfcvKVsYjbo
t2S4UyndgBVuk9QN9zTHL9jf+Z5ks9PP7yhSMm0tfU6/PLZm2rJ9IBJOiR84odn/
0aUsBDTcgVlnenaXl5IFxXDL5+CVZv2A4PWQEnSjg5Z78XicGgQZFtuXW13B7+RO
vaieL3n0y8Z7KGdKxOBY4gRpxwGJNISGL+KHvoUZUrvcGGeExRChH2shjRBcNL0m
jH8fBHDJYJ2+7gAT0s0q6cnu1g0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWkO+u
23wE0O4VIdFCgSQ4kkw1KjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM5Zjg3ZWUtYTkwMy00ZjJmLThiYmEtMzFhNGFiNWY3NGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQAvfPi+c0jpyoizkSpTsk0jsEgY6qnY+FU+WlCOMZWT
pT8iOqGrB7+Yia0eLwVpRZMj3xLByzcopSqvXSRAcz8uV36SVivdEHRL0+FqxtKk
/1Y26E5V1hSurUkMleu8ktlzeblDLPChwo/zZg/Wk02rgVrohhrtZfYgbcnM6gdX
tnTC9zQABAapctCry8aDNLpbRklu7xfnHcqzkUgQ4qzR5ooAkbEEU7vqftmSF2Al
6fmsCFInsFjtBR6ppF9KFkDdCm+ByeW41wlegB7uvfiEntxQGRzeQT+yaLV3VQKp
QKRPTgIW6+rOm0L7hbnQyfa/AYQ+WeGN84wCTuv+4i2Z
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net