Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
File: 8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa (raw, json)
Hash identifier: Zqo6A8dI7WJ1VSRgCVMjQgucKExOIWVmhC1SVmdRCAk=
Subject key identifier: E8:0D:05:27:78:47:F1:EC:10:27:E8:17:57:7C:40:51:43:63:85:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7BBE8E1629F41A722824915C6DD6BB062B03E4A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:be:8e:16:29:f4:1a:72:28:24:91:5c:6d:d6:bb:06:2b:03:e4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=e093fe91bd0fc8dd3d4d08c3db04ef95911d6126dfbf1ad3ed1374196a51e6cb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6a:29:b5:03:68:b8:a2:2a:99:ac:07:af:a5:
5c:46:f9:1f:af:15:8d:63:2f:27:84:0e:2a:4d:27:
2d:28:91:94:89:c2:09:e1:57:ba:00:29:12:76:be:
9a:98:ae:8a:26:f5:50:14:21:1d:3c:0c:63:8e:ce:
8d:68:90:c6:36:c6:fd:78:0f:53:ee:1b:06:4b:aa:
27:ab:78:c1:85:7b:3b:a3:49:d8:33:7b:d1:fb:b2:
da:c0:4b:e7:80:0c:a7:ef:d0:61:d0:6c:5c:32:41:
5f:cc:ac:ae:04:7b:58:30:a9:38:72:c3:d2:b1:1f:
7a:a8:3e:8a:e2:8c:dd:b6:26:18:60:8f:19:a9:28:
03:8c:cd:cb:48:ef:f9:19:a5:df:18:60:38:e4:96:
f1:71:57:14:8e:c0:97:c7:a0:6c:fb:92:30:0d:ee:
d4:10:b9:72:b0:22:09:70:6a:5d:94:41:2a:60:57:
9a:2c:59:2b:bf:23:b7:ec:81:11:69:bc:f0:5f:0a:
5c:2b:b0:95:73:64:df:bc:fa:c5:69:59:55:11:63:
a7:00:b5:2e:9f:6a:cc:b3:53:94:71:c5:0d:2e:55:
f9:8b:51:6f:9e:8a:4f:48:9e:90:69:93:b6:fc:7d:
59:3a:7b:16:b3:4b:3b:49:ca:37:0d:18:69:4e:01:
f1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0D:05:27:78:47:F1:EC:10:27:E8:17:57:7C:40:51:43:63:85:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:1e:02:60:62:06:bb:66:83:60:72:71:1a:ce:86:f3:62:56:
79:ce:c2:59:24:29:70:c1:37:1a:1f:0a:2b:4a:42:00:a6:75:
c5:31:14:24:4b:64:67:80:fd:bb:c4:4d:88:c7:ce:03:69:bf:
85:3b:a8:44:1f:2d:27:50:28:65:97:ac:db:5c:61:c3:52:78:
a8:36:a5:79:92:0f:ae:37:9f:fe:eb:c2:ad:8f:93:c8:96:a7:
c6:50:d1:08:74:60:82:bb:c0:43:e9:92:29:44:23:3b:88:37:
e9:2a:a7:41:74:2f:ed:e3:53:13:8c:07:9c:60:d1:88:9a:95:
1f:d6:fe:5b:6a:15:c2:04:b9:13:0a:eb:91:4b:f3:f8:e5:25:
9f:3e:15:71:14:7d:06:10:ea:d7:9f:bf:55:5a:34:4d:0e:db:
3d:a9:8f:8f:29:b2:28:a2:9d:9b:87:f0:da:0c:7b:13:13:90:
16:f9:b3:40:c7:7f:ea:ef:b7:93:40:5a:d5:d3:a4:a5:9b:c7:
2b:4f:76:83:51:ce:6b:b1:4f:7d:15:43:04:c2:b7:64:15:8b:
2f:62:65:b9:4e:6e:95:4b:9b:e8:b2:90:c5:73:df:b3:23:26:
ae:5c:19:2e:68:21:2a:76:7e:26:b2:a7:a3:84:d6:f2:70:db:
14:34:4f:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe76OFin0GnIoJJFcbda7BisD5KMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwOTNmZTkxYmQwZmM4ZGQzZDRkMDhjM2RiMDRlZjk1OTExZDYxMjZkZmJm
MWFkM2VkMTM3NDE5NmE1MWU2Y2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9qKbUDaLiiKpmsB6+lXEb5H68VjWMvJ4QOKk0nLSiRlInCCeFXugApEna+
mpiuiib1UBQhHTwMY47OjWiQxjbG/XgPU+4bBkuqJ6t4wYV7O6NJ2DN70fuy2sBL
54AMp+/QYdBsXDJBX8ysrgR7WDCpOHLD0rEfeqg+iuKM3bYmGGCPGakoA4zNy0jv
+Rml3xhgOOSW8XFXFI7Al8egbPuSMA3u1BC5crAiCXBqXZRBKmBXmixZK78jt+yB
EWm88F8KXCuwlXNk37z6xWlZVRFjpwC1Lp9qzLNTlHHFDS5V+YtRb56KT0iekGmT
tvx9WTp7FrNLO0nKNw0YaU4B8QsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToDQUn
eEfx7BAn6BdXfEBRQ2OFVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGViMDJlZTgtM2U4Zi00MzY5LWJhMGYtNDQ0N2Q0OTAyZmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQCuHgJgYga7ZoNgcnEazobzYlZ5zsJZJClwwTcaHwor
SkIApnXFMRQkS2RngP27xE2Ix84Dab+FO6hEHy0nUChll6zbXGHDUnioNqV5kg+u
N5/+68Ktj5PIlqfGUNEIdGCCu8BD6ZIpRCM7iDfpKqdBdC/t41MTjAecYNGImpUf
1v5bahXCBLkTCuuRS/P45SWfPhVxFH0GEOrXn79VWjRNDts9qY+PKbIoop2bh/Da
DHsTE5AW+bNAx3/q77eTQFrV06Slm8crT3aDUc5rsU99FUMEwrdkFYsvYmW5Tm6V
S5vospDFc9+zIyauXBkuaCEqdn4msqejhNbycNsUNE/K
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net