Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
File: 97deaf2e-9439-42f2-812d-4cd489ce3cab.roa (raw, json)
Hash identifier: 9jrpGjZ8ooQIcyxxMYYZ3FkykT/WJh4EffTMSCFJAjo=
Subject key identifier: D5:72:2D:07:FA:68:03:66:12:B7:57:BC:D9:BD:7F:E4:C1:5B:3B:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7775EE6281115DB8493055AB7C6B7C4A5E2F4374
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:75:ee:62:81:11:5d:b8:49:30:55:ab:7c:6b:7c:4a:5e:2f:43:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=dd7fee38a52b6575c5b799e167eb3de8b31f4bfd3626c4439c708319989b9db3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:f7:cc:d3:e5:70:72:f4:52:0b:fb:dc:97:
86:ab:37:e1:af:26:71:4c:2f:9a:fa:2a:ee:88:1d:
36:b3:1c:b5:08:4d:68:91:30:23:bc:95:e2:6c:eb:
c2:3b:a4:7b:6d:a6:4c:bb:f0:2f:d5:6a:06:8c:7b:
1c:34:de:cc:b0:f3:fb:97:d7:81:02:21:2b:ff:22:
c6:4a:99:f8:15:22:c6:d6:7a:e2:6b:58:f3:c1:71:
d3:f3:78:b6:83:c8:1a:71:88:71:50:ad:bc:9f:ae:
b2:26:c5:45:da:84:08:f6:dd:e8:fc:84:56:e9:a2:
ba:e9:0b:41:a3:39:df:c4:43:1c:f7:dc:0d:bd:cc:
7f:21:33:9c:9e:3e:86:c4:43:bc:80:5f:d0:f9:21:
72:2a:db:48:ef:5d:86:79:fd:2e:26:44:41:d0:69:
97:f8:3f:8f:f7:81:ea:5c:a3:fb:ce:f7:6c:c3:7c:
b7:6a:51:d9:b8:44:16:0f:80:20:76:e6:1f:08:be:
97:ad:4c:d9:6e:ca:bd:db:6d:3f:f3:e5:84:3f:ef:
d0:b4:e7:c5:d3:10:7d:ba:95:44:a6:d5:86:46:9f:
c3:26:79:7a:22:d0:1b:44:27:e8:1e:65:d2:1c:00:
42:54:df:38:72:4d:3a:f7:95:44:1c:4c:4c:85:dd:
11:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:72:2D:07:FA:68:03:66:12:B7:57:BC:D9:BD:7F:E4:C1:5B:3B:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
05:e3:60:45:0a:a7:1b:ec:df:d1:41:a4:d3:c6:e6:23:02:bd:
41:b1:b6:86:dc:88:8d:ce:8d:e0:da:78:a5:ca:72:03:99:c1:
f5:7b:99:92:ae:f4:ed:ca:1e:28:69:f9:71:43:03:88:99:3c:
4f:36:82:90:b0:00:48:91:44:c3:9a:7e:f4:d3:b2:6e:c8:a5:
55:37:6d:52:89:cf:56:a5:b4:72:15:d7:d6:01:ef:27:0a:5f:
9e:9a:62:1f:2f:c9:19:e9:d0:b0:fe:73:cd:92:43:ac:7b:3a:
23:29:72:df:95:e8:ac:a8:3e:df:e2:bf:12:df:6b:a1:fa:7a:
b6:ed:d9:a8:0a:50:f1:39:f2:f1:20:6b:db:5e:c2:5b:f9:e7:
35:cb:30:29:c8:9f:49:98:de:6c:09:bb:8d:75:5b:9e:d4:73:
95:be:18:00:6c:bf:43:12:25:66:09:ec:a6:c2:c7:85:fb:67:
c9:1c:b9:86:bf:c4:fb:61:79:9b:aa:d8:ed:bd:31:e6:dc:4c:
04:2e:7d:55:4b:6f:0b:9b:9b:9d:67:09:33:3c:26:11:53:55:
36:04:78:94:60:14:59:34:e9:ab:3f:2e:8a:00:92:69:b3:42:
68:22:23:a2:fe:fd:f2:39:35:c8:fb:72:c8:c3:80:e4:78:db:
0c:1b:63:6e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd3XuYoERXbhJMFWrfGt8Sl4vQ3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkN2ZlZTM4YTUyYjY1NzVjNWI3OTllMTY3ZWIzZGU4YjMxZjRiZmQzNjI2
YzQ0MzljNzA4MzE5OTg5YjlkYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyS98zT5XBy9FIL+9yXhqs34a8mcUwvmvoq7ogdNrMctQhNaJEwI7yV4mzr
wjuke22mTLvwL9VqBox7HDTezLDz+5fXgQIhK/8ixkqZ+BUixtZ64mtY88Fx0/N4
toPIGnGIcVCtvJ+usibFRdqECPbd6PyEVumiuukLQaM538RDHPfcDb3MfyEznJ4+
hsRDvIBf0PkhcirbSO9dhnn9LiZEQdBpl/g/j/eB6lyj+873bMN8t2pR2bhEFg+A
IHbmHwi+l61M2W7KvdttP/PlhD/v0LTnxdMQfbqVRKbVhkafwyZ5eiLQG0Qn6B5l
0hwAQlTfOHJNOveVRBxMTIXdEcUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTVci0H
+mgDZhK3V7zZvX/kwVs7+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTdkZWFmMmUtOTQzOS00MmYyLTgxMmQtNGNkNDg5Y2UzY2FiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEABeNgRQqnG+zf0UGk08bmIwK9QbG2htyIjc6N4Np4
pcpyA5nB9XuZkq707coeKGn5cUMDiJk8TzaCkLAASJFEw5p+9NOybsilVTdtUonP
VqW0chXX1gHvJwpfnppiHy/JGenQsP5zzZJDrHs6Iyly35XorKg+3+K/Et9rofp6
tu3ZqApQ8Tny8SBr217CW/nnNcswKcifSZjebAm7jXVbntRzlb4YAGy/QxIlZgns
psLHhftnyRy5hr/E+2F5m6rY7b0x5txMBC59VUtvC5ubnWcJMzwmEVNVNgR4lGAU
WTTpqz8uigCSabNCaCIjov798jk1yPtyyMOA5HjbDBtjbg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net