Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
File: a10761b8-e85e-4339-a45c-82ab3615108d.roa (raw, json)
Hash identifier: mVcCEupr/NVnmxKbbncpBAJC0LpQ6YAhB+9Hm0sGvNw=
Subject key identifier: B1:01:AB:AF:72:2F:56:15:45:C4:65:A0:79:65:77:C4:AC:A1:8B:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E234A6778E7705439B945FA056F006A79AAF684
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:23:4a:67:78:e7:70:54:39:b9:45:fa:05:6f:00:6a:79:aa:f6:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=2eedc0c6d530c33ac420db1945d62fdb363517443858c517f29809ce23db695d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:b2:3c:2f:44:ac:bf:6b:e5:08:3f:b1:a4:
80:f1:2b:de:fb:01:17:08:3f:ed:83:1c:9d:35:c5:
b2:23:31:9c:14:fb:af:3e:b6:b7:2f:ea:65:6d:14:
ba:9f:5a:63:e6:33:fe:41:55:fd:d8:12:10:c9:dc:
46:b3:ac:f2:dd:1f:2f:70:44:71:66:6e:64:e9:ce:
9c:56:25:85:8c:e8:53:7d:ce:96:90:de:7d:54:87:
6f:e1:bc:f0:a9:ed:09:22:0d:14:30:d9:b2:06:97:
71:e9:81:33:65:56:7b:d1:3b:fa:e7:69:85:58:e3:
fd:de:15:e2:d3:9d:c8:68:ac:17:2a:32:7b:6c:d0:
86:49:3c:0b:c7:3e:33:19:3a:fe:6b:76:5a:14:7d:
03:b7:c8:d3:f6:44:17:89:8e:c8:10:0b:a3:9c:b2:
1a:ba:5f:a8:69:2a:f9:e1:71:0b:70:b2:d2:53:f2:
74:d9:df:66:c4:de:9c:9c:b1:41:2b:f6:66:3a:c3:
c3:0d:cb:0e:f8:58:dd:c6:b9:5b:e4:8e:33:51:7f:
3b:0e:c2:c2:a0:c7:26:27:df:be:3b:f4:00:ba:04:
90:0c:b2:07:16:6e:2f:0e:92:5b:9c:45:f8:f4:ee:
d2:22:16:33:46:f5:c6:c7:ba:d1:da:03:6c:e6:91:
fd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:01:AB:AF:72:2F:56:15:45:C4:65:A0:79:65:77:C4:AC:A1:8B:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:d5:5c:30:2b:cc:dd:63:d6:7f:c4:8f:71:76:02:34:cb:95:
4c:06:e9:93:10:f1:7e:8c:7a:45:41:93:e9:cf:3b:96:e1:b2:
ef:c3:81:d0:55:b9:09:20:40:89:8f:9c:85:6a:89:f2:c8:f3:
9c:4b:be:ab:46:11:9b:0c:fe:e5:5b:7b:cb:41:b6:6d:ce:d9:
57:5c:a4:84:c5:83:fd:d8:40:fd:c1:66:03:c1:e2:50:a2:75:
ac:d3:5a:ee:2b:6c:7e:71:df:85:d0:ad:cd:2f:73:85:68:ad:
36:27:9d:ff:73:d8:26:df:56:4f:d7:1c:8a:8c:57:18:bd:92:
6f:cb:6d:e1:d2:0e:4b:36:54:e7:dd:b6:5e:44:07:0b:8e:ad:
0f:51:78:77:10:d3:40:81:bf:d6:5c:39:ce:f9:66:07:a7:20:
d6:11:df:7b:33:8c:22:d5:6e:02:0b:5f:a8:bc:80:65:0a:79:
43:b9:88:81:e8:6f:ee:6f:7d:e4:a0:5a:50:2a:cd:bc:99:d6:
79:67:ba:46:bd:8d:e5:27:57:0a:ca:74:11:32:04:36:8b:0a:
09:4c:74:49:15:1d:97:34:cb:f3:5a:8a:89:ea:6f:e1:ac:87:
e0:c5:93:71:8d:e1:e5:60:cd:14:35:eb:cc:49:0e:eb:23:64:
0b:fc:43:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDiNKZ3jncFQ5uUX6BW8Aanmq9oQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZWRjMGM2ZDUzMGMzM2FjNDIwZGIxOTQ1ZDYyZmRiMzYzNTE3NDQzODU4
YzUxN2YyOTgwOWNlMjNkYjY5NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYSsjwvRKy/a+UIP7GkgPEr3vsBFwg/7YMcnTXFsiMxnBT7rz62ty/qZW0U
up9aY+Yz/kFV/dgSEMncRrOs8t0fL3BEcWZuZOnOnFYlhYzoU33OlpDefVSHb+G8
8KntCSINFDDZsgaXcemBM2VWe9E7+udphVjj/d4V4tOdyGisFyoye2zQhkk8C8c+
Mxk6/mt2WhR9A7fI0/ZEF4mOyBALo5yyGrpfqGkq+eFxC3Cy0lPydNnfZsTenJyx
QSv2ZjrDww3LDvhY3ca5W+SOM1F/Ow7CwqDHJiffvjv0ALoEkAyyBxZuLw6SW5xF
+PTu0iIWM0b1xse60doDbOaR/fcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSxAauv
ci9WFUXEZaB5ZXfErKGLmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTEwNzYxYjgtZTg1ZS00MzM5LWE0NWMtODJhYjM2MTUxMDhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQBH1VwwK8zdY9Z/xI9xdgI0y5VMBumTEPF+jHpFQZPp
zzuW4bLvw4HQVbkJIECJj5yFaonyyPOcS76rRhGbDP7lW3vLQbZtztlXXKSExYP9
2ED9wWYDweJQonWs01ruK2x+cd+F0K3NL3OFaK02J53/c9gm31ZP1xyKjFcYvZJv
y23h0g5LNlTn3bZeRAcLjq0PUXh3ENNAgb/WXDnO+WYHpyDWEd97M4wi1W4CC1+o
vIBlCnlDuYiB6G/ub33koFpQKs28mdZ5Z7pGvY3lJ1cKynQRMgQ2iwoJTHRJFR2X
NMvzWoqJ6m/hrIfgxZNxjeHlYM0UNevMSQ7rI2QL/EOe
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net