Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
File: 90388c93-39d3-4cb9-9baa-867b601facea.roa (raw, json)
Hash identifier: 8j3KjCTZhT9ZFJwvue/xRehxAw3x63hg3NU8/zXjPV0=
Subject key identifier: 96:51:BF:07:5F:73:72:C6:13:93:C8:17:BA:4B:B6:9E:AA:D0:8C:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 384CC60549EC419BC7BF0E697C579BCE563FFB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4c:c6:05:49:ec:41:9b:c7:bf:0e:69:7c:57:9b:ce:56:3f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5801cbf7e7230e49b3dff143c6971e8b9f37cbcd3f5d29fdd60f10fbc82b92c2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:76:7a:3e:8f:68:10:82:7e:ce:50:be:72:8a:
a6:c6:4b:08:9c:f8:c6:07:20:b2:dc:79:5e:18:0a:
90:57:e4:63:c4:d1:08:12:4d:cf:6d:2c:e6:8d:86:
0d:a5:77:cd:75:fa:29:e9:3e:bc:76:a4:75:9e:67:
3f:90:ec:db:37:0b:7a:8a:b0:2c:a9:a6:46:cb:ae:
65:27:09:b2:10:bf:90:09:9f:1d:f2:e3:c7:6b:47:
a2:b0:1f:4c:4f:6d:40:ec:ec:d0:17:d9:51:b5:0a:
1a:91:ec:c8:b5:05:33:2b:77:e5:db:33:a5:09:2f:
d4:57:d8:20:f9:ab:60:b3:70:39:6c:c7:d2:0a:68:
16:89:f1:c8:45:29:17:3e:d2:30:99:30:5d:54:b0:
c8:b3:34:07:66:44:35:77:fd:20:85:16:ba:8c:68:
19:e3:86:bf:cb:d7:fe:2a:69:ed:4b:62:a3:df:9a:
9f:9c:53:90:78:9d:3a:5a:04:af:9b:c8:b8:af:1c:
e9:a5:1d:12:e7:4c:38:9f:c3:65:34:ad:85:65:c2:
b8:cc:8f:9f:89:da:3d:a0:7c:69:57:e7:86:5f:97:
7b:77:8e:13:ca:fb:96:ce:bf:36:00:86:95:bf:17:
15:de:94:9f:bd:2a:44:f5:82:98:f1:1c:2b:9d:da:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:51:BF:07:5F:73:72:C6:13:93:C8:17:BA:4B:B6:9E:AA:D0:8C:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
68:c5:da:9b:68:81:8a:44:06:36:c0:b5:c2:ff:3a:6b:75:8d:
9a:f1:4f:cf:01:15:90:0f:01:82:b0:64:56:bc:93:14:a0:10:
53:5a:93:31:22:78:69:e7:34:71:77:a7:b4:24:e1:b5:ba:a4:
d4:27:e7:16:4d:b5:88:8d:24:e0:ba:85:15:5d:ae:9e:4f:50:
05:b8:ad:fb:3f:cc:5c:d1:c4:50:5d:62:81:b3:df:71:5f:16:
eb:4c:37:ce:81:85:5c:44:8e:44:19:90:45:50:45:d4:db:d0:
99:6a:96:57:c8:c7:74:90:36:45:fd:a6:84:a6:89:e0:00:41:
22:b6:39:67:2e:1f:37:89:b8:86:3c:41:1d:70:ab:ae:7b:e3:
61:0d:25:2f:55:2b:fc:aa:6b:35:38:8a:e8:c2:24:26:c6:a1:
9e:b5:3f:d2:30:18:9e:94:8f:a1:3b:d8:9f:da:e0:1d:c4:c1:
1e:3b:d0:83:24:43:35:83:40:37:89:bb:74:bc:a0:d8:09:df:
72:0b:4c:c0:be:aa:f4:a7:9b:8c:bd:54:4b:b2:69:c3:d3:32:
5e:ea:70:5c:df:75:9e:af:88:91:d0:be:ad:f8:4f:03:bd:f8:
54:88:e7:b9:39:de:93:be:b0:66:4f:4c:cd:84:0e:a6:33:82:
db:9d:77:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgITOEzGBUnsQZvHvw5pfFebzlY/+zANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI0MTExODAwMDAwMFoXDTI0MTIyMzIzNTk1OVowejFJMEcGA1UE
BRNANTgwMWNiZjdlNzIzMGU0OWIzZGZmMTQzYzY5NzFlOGI5ZjM3Y2JjZDNmNWQy
OWZkZDYwZjEwZmJjODJiOTJjMjEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAj3Z6Po9oEIJ+zlC+coqmxksInPjGByCy3HleGAqQV+RjxNEIEk3PbSzmjYYN
pXfNdfop6T68dqR1nmc/kOzbNwt6irAsqaZGy65lJwmyEL+QCZ8d8uPHa0eisB9M
T21A7OzQF9lRtQoakezItQUzK3fl2zOlCS/UV9gg+atgs3A5bMfSCmgWifHIRSkX
PtIwmTBdVLDIszQHZkQ1d/0ghRa6jGgZ44a/y9f+KmntS2Kj35qfnFOQeJ06WgSv
m8i4rxzppR0S50w4n8NlNK2FZcK4zI+fido9oHxpV+eGX5d7d44TyvuWzr82AIaV
vxcV3pSfvSpE9YKY8RwrndpY/QIDAQABo4ICIjCCAh4wHQYDVR0OBBYEFJZRvwdf
c3LGE5PIF7pLtp6q0Iw/MB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy85
MDM4OGM5My0zOWQzLTRjYjktOWJhYS04NjdiNjAxZmFjZWEucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEFeDAN
BgkqhkiG9w0BAQsFAAOCAQEAaMXam2iBikQGNsC1wv86a3WNmvFPzwEVkA8BgrBk
VryTFKAQU1qTMSJ4aec0cXentCThtbqk1CfnFk21iI0k4LqFFV2unk9QBbit+z/M
XNHEUF1igbPfcV8W60w3zoGFXESORBmQRVBF1NvQmWqWV8jHdJA2Rf2mhKaJ4ABB
IrY5Zy4fN4m4hjxBHXCrrnvjYQ0lL1Ur/KprNTiK6MIkJsahnrU/0jAYnpSPoTvY
n9rgHcTBHjvQgyRDNYNAN4m7dLyg2AnfcgtMwL6q9KebjL1US7Jpw9MyXupwXN91
nq+IkdC+rfhPA734VIjnuTnek76wZk9MzYQOpjOC2513vA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:39 2024 by rpki-client on console.sobornost.net