Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
File: 8d1cb951-0a3b-460a-9669-128180570058.roa (raw, json)
Hash identifier: 8D6XESOruMOYB0VhJin/dBaDhhNDtOcUtzOsHDRNtTc=
Subject key identifier: 53:B8:53:87:75:D0:F2:AB:F4:84:83:F1:75:79:A2:7C:BB:73:42:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 031D30CE7266350D92D56657BDD1E2BAE0DC37DA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1d:30:ce:72:66:35:0d:92:d5:66:57:bd:d1:e2:ba:e0:dc:37:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=3b7be652cb902bf7fbf6a3212bdbf4c7d495c6b14558a14ba8f1761e814b728d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:72:43:cc:86:e2:bd:87:35:aa:77:be:bd:e4:
99:4e:0c:ff:29:d9:b7:16:7b:e7:0b:4b:51:01:0b:
85:76:b2:04:38:93:8a:07:4f:3a:6b:f8:0e:38:87:
c7:dd:3c:ea:02:d6:05:bb:4c:53:4c:49:27:41:e6:
44:d8:9b:5a:19:40:ec:01:f3:91:3d:74:df:31:2e:
44:c9:eb:33:44:2b:89:ac:b2:31:6c:2a:6d:1a:f3:
46:69:4b:ca:3b:bb:e6:cf:bd:7d:df:b3:16:9b:82:
a5:79:c2:2b:b9:9e:24:83:ad:4f:c3:c5:e7:75:88:
d4:de:4c:e7:3f:f5:7d:b2:9b:aa:f5:c8:a7:bc:a9:
48:4e:fb:5d:6b:46:76:78:ee:29:44:c7:32:7a:d6:
43:c2:ea:21:fb:41:cb:e7:46:25:72:8e:04:d0:af:
f5:12:57:39:12:b3:03:5e:66:d3:d2:e6:7e:18:1c:
8a:ed:7d:d6:6d:97:48:ef:f4:b4:ef:c0:d7:ae:ef:
83:19:64:67:f1:9c:e8:8a:ba:ca:5d:11:06:70:3d:
18:8e:a2:f7:f3:73:f5:48:c0:f9:a7:66:a8:fc:17:
70:30:0b:ac:cf:ea:37:c4:bf:c4:24:29:f4:42:12:
90:72:86:78:ca:bc:7d:91:58:53:13:13:cf:1a:f8:
b2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B8:53:87:75:D0:F2:AB:F4:84:83:F1:75:79:A2:7C:BB:73:42:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b9:d5:b7:9a:4d:4f:22:18:18:b4:97:51:26:7d:29:e9:54:63:
98:08:bc:f9:58:fc:c7:88:6a:a4:c8:c5:cf:cf:81:1f:66:ae:
d0:2d:f1:c8:b8:18:ab:36:78:6c:5f:bb:bb:87:d1:69:74:d1:
69:28:6b:72:1d:04:c3:28:c8:8f:5d:58:91:cc:38:00:e6:e6:
84:c5:d6:3c:fe:50:e4:85:df:1a:b6:82:08:a8:11:6f:fa:5b:
8a:f5:1f:64:a6:23:44:aa:ea:e8:83:ad:c7:20:5d:31:34:15:
d4:c1:ed:6e:d2:de:81:e4:56:07:6e:10:c2:17:1e:26:05:58:
6c:d3:c9:fa:56:95:96:46:4a:6a:98:bc:f7:dc:1c:50:0c:81:
6c:f1:79:82:7e:fc:43:09:3e:1d:4d:b4:9f:77:d4:f1:8d:c6:
2b:11:a8:c8:68:52:b2:e5:34:1d:45:22:b4:6a:94:71:5c:df:
38:a8:0b:52:37:b6:d5:74:9f:84:76:bf:ff:b9:39:e1:b4:d8:
f9:ea:17:c4:ad:a4:f9:85:dd:47:70:e7:22:1a:28:5c:c2:4a:
9a:cc:45:db:d6:14:5f:c5:7f:ae:20:8e:98:3d:5f:e3:04:ce:
64:04:2b:31:e8:36:80:30:83:b9:a5:43:eb:8e:d2:a4:de:df:
89:be:94:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAx0wznJmNQ2S1WZXvdHiuuDcN9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiN2JlNjUyY2I5MDJiZjdmYmY2YTMyMTJiZGJmNGM3ZDQ5NWM2YjE0NTU4
YTE0YmE4ZjE3NjFlODE0YjcyOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFyQ8yG4r2HNap3vr3kmU4M/ynZtxZ75wtLUQELhXayBDiTigdPOmv4DjiH
x9086gLWBbtMU0xJJ0HmRNibWhlA7AHzkT103zEuRMnrM0QriayyMWwqbRrzRmlL
yju75s+9fd+zFpuCpXnCK7meJIOtT8PF53WI1N5M5z/1fbKbqvXIp7ypSE77XWtG
dnjuKUTHMnrWQ8LqIftBy+dGJXKOBNCv9RJXORKzA15m09Lmfhgciu191m2XSO/0
tO/A167vgxlkZ/Gc6Iq6yl0RBnA9GI6i9/Nz9UjA+admqPwXcDALrM/qN8S/xCQp
9EISkHKGeMq8fZFYUxMTzxr4si8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRTuFOH
ddDyq/SEg/F1eaJ8u3NCqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQxY2I5NTEtMGEzYi00NjBhLTk2NjktMTI4MTgwNTcwMDU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQC51beaTU8iGBi0l1EmfSnpVGOYCLz5WPzHiGqkyMXP
z4EfZq7QLfHIuBirNnhsX7u7h9FpdNFpKGtyHQTDKMiPXViRzDgA5uaExdY8/lDk
hd8atoIIqBFv+luK9R9kpiNEqurog63HIF0xNBXUwe1u0t6B5FYHbhDCFx4mBVhs
08n6VpWWRkpqmLz33BxQDIFs8XmCfvxDCT4dTbSfd9TxjcYrEajIaFKy5TQdRSK0
apRxXN84qAtSN7bVdJ+Edr//uTnhtNj56hfEraT5hd1HcOciGihcwkqazEXb1hRf
xX+uII6YPV/jBM5kBCsx6DaAMIO5pUPrjtKk3t+JvpS/
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net