Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
File: a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa (raw, json)
Hash identifier: n910m49Kxk78mXW24hd4Ctcm5B0fNJuqHAJCwNSQjIc=
Subject key identifier: D0:A0:A5:53:A1:AB:E6:45:8E:B3:C4:11:DB:95:DE:ED:10:C5:F3:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30ED9CFD3C9DE70ABDB3187FA4B3E7B0A489EE1A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ed:9c:fd:3c:9d:e7:0a:bd:b3:18:7f:a4:b3:e7:b0:a4:89:ee:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=9c537f7f374922ddd21325d12cc38119b2019ee5d94f8ca247776b51edfa1190, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b3:dc:9b:20:03:10:d1:8b:56:69:7b:83:bc:
63:c0:e1:f9:20:9d:0e:f9:0b:eb:cc:51:d2:4b:c9:
b7:20:05:76:3a:55:64:30:ab:8c:26:98:ac:52:a9:
aa:27:00:2c:3a:3d:44:73:62:9a:09:50:ef:b8:ee:
9d:d8:fe:14:b0:28:22:57:8e:c5:fc:ae:57:cb:96:
62:54:85:27:f1:99:e2:04:d5:a8:7f:26:08:a0:ca:
bb:97:df:2e:ed:08:51:d3:3b:7b:85:9f:48:c2:70:
b7:b2:af:61:5c:c4:e3:33:20:f6:95:12:8a:8c:87:
74:82:8f:d5:b6:7f:89:98:af:0c:0e:f5:df:2a:53:
73:9d:05:44:15:d1:b5:a1:7e:d4:18:a8:1e:77:29:
19:f6:b4:97:cd:6a:a4:bc:0d:29:91:95:62:52:44:
44:89:30:cc:29:5c:e6:0c:c6:c4:8a:77:14:cf:85:
a7:d8:cf:30:e8:51:d8:d9:2d:e8:fc:7e:05:48:8a:
d7:c9:5b:4c:ac:f8:89:ee:61:c7:f7:80:51:17:3f:
c4:b9:7f:f3:27:9c:36:4f:c7:e7:98:6b:a9:db:7b:
56:e9:06:14:e7:93:8f:74:4c:89:48:37:70:16:f1:
26:98:de:53:38:09:f1:d8:6f:0f:7b:49:4a:de:3c:
dc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A0:A5:53:A1:AB:E6:45:8E:B3:C4:11:DB:95:DE:ED:10:C5:F3:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1d:7b:44:cb:f5:28:ae:a8:eb:56:13:91:a5:a2:95:5d:8f:17:
00:7f:8e:c7:20:1a:40:d9:d5:13:76:dd:f9:46:f6:77:fa:d3:
14:1f:50:1c:b7:45:c4:0a:94:8e:24:fd:77:2d:0c:3c:a6:cf:
fd:8d:09:cd:ef:f8:65:6c:44:64:e5:17:24:1c:4d:ff:33:d7:
31:2c:c5:9f:b7:0e:4a:c9:9f:a5:a8:db:92:3e:a0:c9:59:21:
47:be:6e:b3:4b:9b:e6:10:8f:60:71:f4:59:5d:b9:79:4a:50:
01:57:2a:2a:98:07:5d:69:1b:27:e8:48:72:4e:92:f4:6e:79:
29:62:25:f0:8f:eb:b6:6c:41:c2:cf:fb:06:3a:f6:08:12:1c:
ef:c4:86:6f:f8:60:8c:97:50:89:80:bb:ba:3f:84:ec:04:94:
39:81:a6:12:14:24:4e:0f:9d:dc:2b:f1:ca:d8:28:a8:b6:20:
95:5d:dd:cd:99:c0:69:b8:43:d4:f2:10:d3:62:1a:93:90:eb:
f5:e4:2f:bf:f6:a2:af:10:2f:fd:3c:bd:56:70:9b:8e:cb:79:
e8:b1:c1:2a:e6:56:de:dd:ee:6c:f2:75:f9:8a:c0:02:6b:0f:
33:a8:9c:22:e0:4e:86:70:62:91:62:0d:52:e7:70:a9:48:85:
cc:2e:7f:d7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMO2c/Tyd5wq9sxh/pLPnsKSJ7howDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNTM3ZjdmMzc0OTIyZGRkMjEzMjVkMTJjYzM4MTE5YjIwMTllZTVkOTRm
OGNhMjQ3Nzc2YjUxZWRmYTExOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaz3JsgAxDRi1Zpe4O8Y8Dh+SCdDvkL68xR0kvJtyAFdjpVZDCrjCaYrFKp
qicALDo9RHNimglQ77jundj+FLAoIleOxfyuV8uWYlSFJ/GZ4gTVqH8mCKDKu5ff
Lu0IUdM7e4WfSMJwt7KvYVzE4zMg9pUSioyHdIKP1bZ/iZivDA713ypTc50FRBXR
taF+1BioHncpGfa0l81qpLwNKZGVYlJERIkwzClc5gzGxIp3FM+Fp9jPMOhR2Nkt
6Px+BUiK18lbTKz4ie5hx/eAURc/xLl/8yecNk/H55hrqdt7VukGFOeTj3RMiUg3
cBbxJpjeUzgJ8dhvD3tJSt483AUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQoKVT
oavmRY6zxBHbld7tEMXzsjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTE3YzMxMDUtNzA4Ni00OGU1LWEzYjctZThiNTI4YzViOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQAde0TL9SiuqOtWE5GlopVdjxcAf47HIBpA2dUTdt35
RvZ3+tMUH1Act0XECpSOJP13LQw8ps/9jQnN7/hlbERk5RckHE3/M9cxLMWftw5K
yZ+lqNuSPqDJWSFHvm6zS5vmEI9gcfRZXbl5SlABVyoqmAddaRsn6EhyTpL0bnkp
YiXwj+u2bEHCz/sGOvYIEhzvxIZv+GCMl1CJgLu6P4TsBJQ5gaYSFCROD53cK/HK
2CiotiCVXd3NmcBpuEPU8hDTYhqTkOv15C+/9qKvEC/9PL1WcJuOy3noscEq5lbe
3e5s8nX5isACaw8zqJwi4E6GcGKRYg1S53CpSIXMLn/X
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net