Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/988eabea-f594-4f5c-8be7-14382de8c36c.roa
File: 988eabea-f594-4f5c-8be7-14382de8c36c.roa (raw, json)
Hash identifier: 5PCBZyFwAGua9zaOmX0+vKit7nwQouxGmlgvlZOQKB0=
Subject key identifier: 4A:F6:F7:E9:33:01:03:2B:A4:7A:6A:FD:13:5B:F2:13:F0:8D:C5:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4AC42D048B3B5D4E333D7178609FD783D8F3137C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/988eabea-f594-4f5c-8be7-14382de8c36c.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c4:2d:04:8b:3b:5d:4e:33:3d:71:78:60:9f:d7:83:d8:f3:13:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=373050fdd6c512cf6933252e41e6318784a2f31f77d5aff7c31a874c855e7797, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:53:8a:44:d1:ff:18:e6:d6:bd:3c:b7:23:
6a:8c:0b:9e:fd:33:31:b4:58:10:b9:3d:e7:7d:8f:
95:78:b2:40:09:b4:cf:58:8d:20:ee:3f:44:90:bd:
a2:9c:6d:7a:d2:0e:c2:f2:92:d5:4f:f5:1b:83:9c:
69:b5:d0:b2:b1:0a:76:51:50:28:e7:bd:c1:6c:3d:
ca:6c:97:e3:98:37:a6:5c:a7:1a:00:84:70:3b:9c:
76:35:3e:91:10:ac:e1:76:b3:c0:75:e0:4f:98:4a:
64:3d:06:a4:32:8a:c6:d6:bc:5f:b9:48:ef:0c:a8:
10:8c:f0:5e:80:e1:00:47:db:aa:c3:18:14:f3:6a:
bb:3f:fa:74:e9:ab:e8:b8:44:41:5a:03:db:3d:1c:
82:49:c8:08:0b:35:4a:e1:fb:99:cd:e2:e9:78:f1:
20:fd:79:1b:3e:93:a0:8a:89:90:a0:fc:a7:e3:99:
af:e5:ef:c4:3a:75:d4:d4:98:5e:78:20:f9:a2:5d:
08:db:c7:69:d6:b1:96:fd:40:26:e0:e5:9f:ea:d6:
73:c5:75:ca:7f:02:be:33:0b:dc:67:f7:85:d0:82:
71:dc:64:4a:a7:5c:c6:64:47:b0:a0:cd:23:6c:98:
28:5c:2b:da:49:15:1c:35:0a:2b:84:5e:d8:4d:e9:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F6:F7:E9:33:01:03:2B:A4:7A:6A:FD:13:5B:F2:13:F0:8D:C5:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/988eabea-f594-4f5c-8be7-14382de8c36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:bc:be:0c:f8:b3:7f:d9:1a:a9:d2:7f:ac:23:17:4b:47:21:
32:9b:fc:01:1f:df:af:55:64:71:c3:71:a4:21:1b:fe:1a:b4:
bb:46:71:0d:b1:4d:2a:d6:26:f9:79:91:af:f6:a2:35:ab:5f:
e9:e7:1e:dc:9a:b1:69:11:11:bb:8e:dd:81:a5:14:e9:45:42:
8a:bf:dc:91:ff:eb:c7:ba:11:e1:4c:79:75:ec:b5:71:fe:3b:
60:87:59:cb:e4:d5:6b:62:12:4f:5c:23:d9:88:8a:ce:3a:f9:
9f:0d:d9:8b:4d:65:65:ac:42:12:31:ce:aa:a3:f9:ba:b4:b3:
c3:1e:ff:e0:3f:af:31:02:86:ba:86:e1:c3:20:b5:b2:a8:86:
bf:f2:6c:0d:87:f7:a9:98:e5:9d:aa:9f:76:72:90:9c:f5:68:
08:2a:da:50:95:22:9b:7d:7f:3b:2b:ee:3c:d2:b3:15:b0:92:
97:1c:41:1a:93:6f:f6:1c:38:be:d1:33:f5:cc:9c:31:da:1c:
2f:3b:99:cb:97:20:9c:62:65:44:72:20:76:c8:94:48:8e:f9:
ec:a2:f6:45:b4:44:6b:64:a2:00:55:03:5a:db:26:bb:e8:75:
04:58:6a:18:b3:e5:b9:d7:1e:f3:e0:5b:b4:69:52:21:2f:bb:
a0:fe:96:c8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSsQtBIs7XU4zPXF4YJ/Xg9jzE3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3MzA1MGZkZDZjNTEyY2Y2OTMzMjUyZTQxZTYzMTg3ODRhMmYzMWY3N2Q1
YWZmN2MzMWE4NzRjODU1ZTc3OTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKplU4pE0f8Y5ta9PLcjaowLnv0zMbRYELk9532PlXiyQAm0z1iNIO4/RJC9
opxtetIOwvKS1U/1G4OcabXQsrEKdlFQKOe9wWw9ymyX45g3plynGgCEcDucdjU+
kRCs4XazwHXgT5hKZD0GpDKKxta8X7lI7wyoEIzwXoDhAEfbqsMYFPNquz/6dOmr
6LhEQVoD2z0cgknICAs1SuH7mc3i6XjxIP15Gz6ToIqJkKD8p+OZr+XvxDp11NSY
Xngg+aJdCNvHadaxlv1AJuDln+rWc8V1yn8CvjML3Gf3hdCCcdxkSqdcxmRHsKDN
I2yYKFwr2kkVHDUKK4Re2E3pZRUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRK9vfp
MwEDK6R6av0TW/IT8I3FVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTg4ZWFiZWEtZjU5NC00ZjVjLThiZTctMTQzODJkZThjMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHry+DPizf9kaqdJ/rCMXS0chMpv8AR/fr1VkccNx
pCEb/hq0u0ZxDbFNKtYm+XmRr/aiNatf6ece3JqxaRERu47dgaUU6UVCir/ckf/r
x7oR4Ux5dey1cf47YIdZy+TVa2IST1wj2YiKzjr5nw3Zi01lZaxCEjHOqqP5urSz
wx7/4D+vMQKGuobhwyC1sqiGv/JsDYf3qZjlnaqfdnKQnPVoCCraUJUim31/Oyvu
PNKzFbCSlxxBGpNv9hw4vtEz9cycMdocLzuZy5cgnGJlRHIgdsiUSI757KL2RbRE
a2SiAFUDWtsmu+h1BFhqGLPludce8+BbtGlSIS+7oP6WyA==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net