Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e8d7cac-ae2e-40be-bde9-b89060079661.roa
File: 9e8d7cac-ae2e-40be-bde9-b89060079661.roa (raw, json)
Hash identifier: MElQyF9CvW3otA0tiZ7I2HML0pctgAFexOOU6yC8fPI=
Subject key identifier: 80:0E:57:1D:31:22:5F:3B:28:DD:F9:E6:8F:B9:7D:1A:A6:F4:53:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F8B1A6FFBAA1CEC6F4EBB2DBEBACE6951923947
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e8d7cac-ae2e-40be-bde9-b89060079661.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:8b:1a:6f:fb:aa:1c:ec:6f:4e:bb:2d:be:ba:ce:69:51:92:39:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=65ed77ec16ed20fea66ce787b1c1867e04a6fd1a2f2efceda5980e85f3b5bc4b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:07:5a:c7:68:d4:ed:5e:a2:8a:e7:07:fd:
4f:79:64:82:99:46:07:4d:5d:ff:fd:4e:14:59:5f:
bc:0b:7c:8d:63:1d:f7:57:34:8e:fc:25:6c:1b:92:
6e:f6:71:23:5f:52:e7:3e:c4:58:fb:38:85:5f:aa:
c3:26:83:ab:4e:98:3e:d6:37:ee:4a:69:2a:79:50:
2f:e8:f8:81:60:23:4c:ed:02:df:24:03:16:9d:fa:
57:78:38:86:f2:99:7e:ca:56:d0:ef:e4:d6:89:08:
93:23:d1:39:84:36:cf:ed:59:a3:0a:08:7a:3b:f7:
6b:b2:b0:dc:a2:10:56:9b:6d:30:8e:74:7f:fd:f2:
b3:8a:ea:ef:c5:23:d4:c8:0b:df:9c:d8:f7:36:f8:
4b:46:b4:56:bc:69:93:1c:c5:6c:d0:51:39:97:4a:
8e:7e:18:0a:3b:49:b4:35:8a:04:91:58:20:9a:7a:
77:bb:b8:e7:1e:01:78:f2:13:07:d6:10:f6:d8:bd:
31:0b:2b:3e:d6:86:97:56:c6:3e:19:d8:1f:c1:83:
98:4c:33:eb:18:d8:e9:17:ba:b1:2b:30:6a:7c:81:
2d:55:f5:00:66:d9:7c:49:30:45:53:2e:79:3b:fc:
c7:b1:1e:5d:33:bc:16:5e:04:bc:82:52:af:93:4a:
17:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0E:57:1D:31:22:5F:3B:28:DD:F9:E6:8F:B9:7D:1A:A6:F4:53:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e8d7cac-ae2e-40be-bde9-b89060079661.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1100::/40
Signature Algorithm: sha256WithRSAEncryption
8c:df:eb:d2:6c:a7:90:70:aa:7a:f8:18:4f:c4:67:5c:2a:d0:
8d:0c:4a:2c:72:14:23:a3:3f:4c:9d:0d:65:7b:f9:33:29:1a:
df:9a:eb:6f:cd:04:9b:36:21:00:fc:90:b6:ee:ba:71:96:a7:
73:c8:91:08:5d:57:9e:d4:35:90:b3:64:a9:26:e7:46:21:8b:
52:73:1c:04:d0:46:c1:19:bb:c0:0b:bd:ea:07:a7:99:7f:79:
29:67:b7:95:a8:c9:27:62:74:b9:39:b3:92:e2:33:5f:62:e6:
40:15:25:4c:72:0a:08:2e:30:46:19:c3:cc:a6:aa:50:29:1f:
37:63:30:34:f5:04:af:25:ca:33:53:a8:bb:39:19:08:4b:e7:
17:0a:ba:64:70:73:d3:d4:3c:24:b8:5b:e3:43:7d:cd:17:1e:
5e:2f:bd:1f:7e:d7:13:90:d6:62:c4:75:18:be:35:43:36:21:
b0:5e:52:05:30:2a:d0:a5:57:1c:e2:9c:35:27:39:32:cb:3f:
a4:0a:5c:e2:db:62:0f:6a:78:29:d6:52:9a:37:f9:63:92:b4:
08:f7:f1:6c:ca:ef:c2:75:68:98:b3:e6:95:c6:df:05:ab:37:
7c:cb:22:f6:50:83:72:8c:d5:4d:8f:dd:bf:3e:44:f1:c1:b9:
ec:1e:25:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP4sab/uqHOxvTrstvrrOaVGSOUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1ZWQ3N2VjMTZlZDIwZmVhNjZjZTc4N2IxYzE4NjdlMDRhNmZkMWEyZjJl
ZmNlZGE1OTgwZTg1ZjNiNWJjNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5sB1rHaNTtXqKK5wf9T3lkgplGB01d//1OFFlfvAt8jWMd91c0jvwlbBuS
bvZxI19S5z7EWPs4hV+qwyaDq06YPtY37kppKnlQL+j4gWAjTO0C3yQDFp36V3g4
hvKZfspW0O/k1okIkyPROYQ2z+1ZowoIejv3a7Kw3KIQVpttMI50f/3ys4rq78Uj
1MgL35zY9zb4S0a0VrxpkxzFbNBROZdKjn4YCjtJtDWKBJFYIJp6d7u45x4BePIT
B9YQ9ti9MQsrPtaGl1bGPhnYH8GDmEwz6xjY6Re6sSswanyBLVX1AGbZfEkwRVMu
eTv8x7EeXTO8Fl4EvIJSr5NKF+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSADlcd
MSJfOyjd+eaPuX0apvRT3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU4ZDdjYWMtYWUyZS00MGJlLWJkZTktYjg5MDYwMDc5NjYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBXgR
MA0GCSqGSIb3DQEBCwUAA4IBAQCM3+vSbKeQcKp6+BhPxGdcKtCNDEoschQjoz9M
nQ1le/kzKRrfmutvzQSbNiEA/JC27rpxlqdzyJEIXVee1DWQs2SpJudGIYtScxwE
0EbBGbvAC73qB6eZf3kpZ7eVqMknYnS5ObOS4jNfYuZAFSVMcgoILjBGGcPMpqpQ
KR83YzA09QSvJcozU6i7ORkIS+cXCrpkcHPT1DwkuFvjQ33NFx5eL70fftcTkNZi
xHUYvjVDNiGwXlIFMCrQpVcc4pw1Jzkyyz+kClzi22IPangp1lKaN/ljkrQI9/Fs
yu/CdWiYs+aVxt8Fqzd8yyL2UINyjNVNj92/PkTxwbnsHiUT
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:39 2024 by rpki-client on console.sobornost.net