Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
File: 8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa (raw, json)
Hash identifier: k7E4SIAelZ8pAwNYZKRmalkwCtKHTmIdQDgjt8/YoPo=
Subject key identifier: FF:65:04:9A:4B:54:85:0C:37:C8:49:22:2D:B0:52:33:E1:4F:E8:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 631F0B02E342BFD1E75D1024DD6D1F7BFD1F0DB8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:1f:0b:02:e3:42:bf:d1:e7:5d:10:24:dd:6d:1f:7b:fd:1f:0d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=3c150ff38481940de44605b4d565af25d97341a9745922ec043301e40f04a217, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5a:0a:df:45:e3:27:61:6d:35:66:74:86:6d:
2d:36:c8:25:4f:64:5f:33:3c:de:7d:e8:03:13:1a:
47:07:30:83:b9:34:f4:1c:c7:1e:7c:fa:63:0d:ea:
69:89:ec:2f:fe:83:10:a8:31:5b:04:ba:d3:43:02:
30:1a:12:72:41:43:d6:51:e1:a4:a5:40:f6:67:0e:
dd:ec:1b:e7:67:3b:b0:3c:16:07:da:cb:e4:38:61:
51:2c:bb:f8:65:d2:b1:4e:84:ec:8f:f8:b4:30:62:
46:69:c8:db:d7:aa:be:0d:6d:88:17:88:64:11:e4:
97:2f:ba:81:4d:01:5f:1d:42:86:8e:e4:1a:bb:71:
ee:84:a6:9d:22:0e:14:9f:2c:44:35:46:ad:a0:6e:
b7:b6:f4:04:87:5b:67:7d:2f:89:47:04:09:28:82:
0a:77:1f:6d:83:82:98:20:30:3c:4d:ba:21:ab:4b:
c5:91:28:2e:22:66:6f:1b:02:08:5a:ab:df:b9:a1:
1b:6a:fc:55:25:c1:72:e3:ca:7b:83:c8:0a:01:0c:
96:af:e7:35:09:75:c0:70:d1:83:94:63:71:ec:8a:
fc:36:da:8c:62:ff:bb:eb:4d:0e:a7:e4:f0:4a:f2:
4e:58:e0:96:67:5c:eb:bf:51:8b:1e:58:2b:f3:88:
bf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:65:04:9A:4B:54:85:0C:37:C8:49:22:2D:B0:52:33:E1:4F:E8:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:d7:31:ad:11:20:31:6d:3c:6a:0b:00:81:31:9c:11:92:59:
3f:47:4e:36:cf:c4:81:05:62:ff:98:11:27:6b:39:57:fd:5a:
3b:82:63:ba:0a:3e:64:65:24:f8:ce:59:da:0e:8f:29:c9:8b:
a7:f7:26:b5:39:b0:fc:81:04:c2:99:3c:f8:14:67:f6:33:2f:
84:86:bf:e0:08:a9:21:42:11:1f:0c:ae:32:02:f7:58:62:26:
3a:73:a2:59:5e:77:45:d3:e1:86:04:ea:0f:83:1a:d6:95:85:
5f:60:7f:ed:87:af:94:83:6c:95:04:42:5b:dc:e4:ba:34:3b:
eb:49:52:92:17:4b:26:82:86:1e:c8:dd:95:c3:e1:44:e3:5d:
fc:51:77:bf:80:8f:ac:ce:7e:c0:60:b0:5c:41:5a:47:29:da:
78:8b:16:6c:31:8a:06:71:13:6c:75:49:a1:be:74:23:09:96:
7c:a0:42:03:d0:87:bd:ce:f7:5e:1d:4c:c2:10:fa:24:97:f2:
b1:c0:1d:86:07:51:46:e7:24:99:dc:4c:12:6e:09:8a:25:84:
33:c5:6f:ab:9c:93:c1:86:1a:6e:5c:f3:44:c8:3a:9a:43:36:
38:b5:1d:17:4b:6c:c3:a3:f5:0d:5e:bd:9b:09:88:8b:08:8c:
aa:7c:e2:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYx8LAuNCv9HnXRAk3W0fe/0fDbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMTUwZmYzODQ4MTk0MGRlNDQ2MDViNGQ1NjVhZjI1ZDk3MzQxYTk3NDU5
MjJlYzA0MzMwMWU0MGYwNGEyMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9aCt9F4ydhbTVmdIZtLTbIJU9kXzM83n3oAxMaRwcwg7k09BzHHnz6Yw3q
aYnsL/6DEKgxWwS600MCMBoSckFD1lHhpKVA9mcO3ewb52c7sDwWB9rL5DhhUSy7
+GXSsU6E7I/4tDBiRmnI29eqvg1tiBeIZBHkly+6gU0BXx1Cho7kGrtx7oSmnSIO
FJ8sRDVGraBut7b0BIdbZ30viUcECSiCCncfbYOCmCAwPE26IatLxZEoLiJmbxsC
CFqr37mhG2r8VSXBcuPKe4PICgEMlq/nNQl1wHDRg5RjceyK/DbajGL/u+tNDqfk
8EryTljglmdc679Rix5YK/OIv7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/ZQSa
S1SFDDfISSItsFIz4U/oBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGYxNGYwY2UtYjVlOC00ZTIyLWE1YjEtZTQ3YTNiZDc3YjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQDB1zGtESAxbTxqCwCBMZwRklk/R042z8SBBWL/mBEn
azlX/Vo7gmO6Cj5kZST4zlnaDo8pyYun9ya1ObD8gQTCmTz4FGf2My+Ehr/gCKkh
QhEfDK4yAvdYYiY6c6JZXndF0+GGBOoPgxrWlYVfYH/th6+Ug2yVBEJb3OS6NDvr
SVKSF0smgoYeyN2Vw+FE4138UXe/gI+szn7AYLBcQVpHKdp4ixZsMYoGcRNsdUmh
vnQjCZZ8oEID0Ie9zvdeHUzCEPokl/KxwB2GB1FG5ySZ3EwSbgmKJYQzxW+rnJPB
hhpuXPNEyDqaQzY4tR0XS2zDo/UNXr2bCYiLCIyqfOJv
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net