Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
File: a52d8f8f-474c-4726-8c19-e59b8c69d480.roa (raw, json)
Hash identifier: bjeA0KDJdwM4REzlawCSe5/VxmElq9jYVvGR1UsUFVc=
Subject key identifier: E8:02:81:CC:8E:48:33:2D:BF:9D:93:25:40:E3:F6:4A:05:42:A9:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 16834D7262B9F409C85C181FEC60C04FCEDBB231
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:83:4d:72:62:b9:f4:09:c8:5c:18:1f:ec:60:c0:4f:ce:db:b2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=60bf87cb45d469fa9ab576e3d82a91576b2b14e4512a1c64604f58e325f5a936, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f7:db:50:cc:b2:eb:77:b8:4d:c5:c6:9a:ce:
0b:6a:23:6e:fe:c7:85:49:01:c0:8c:6a:3b:e1:e9:
8d:ba:da:bb:89:60:81:16:99:f9:b9:11:f3:d4:e7:
73:f5:a8:48:40:76:7b:8d:6b:09:9b:48:2f:ae:b9:
05:ea:28:bb:37:c2:10:a1:a0:1d:97:33:a2:62:09:
e2:30:d7:5f:6c:a0:96:55:14:eb:23:ab:38:16:f7:
1b:de:0f:fc:2b:80:ff:f8:a0:92:a8:ed:fc:da:dc:
fe:aa:09:24:27:9c:4e:33:3a:04:08:bc:5c:42:3a:
3a:78:86:33:4a:7b:65:3a:b5:55:9b:3c:2a:fd:41:
33:96:88:ab:48:a2:a9:ee:f8:53:d6:51:50:45:ec:
fd:ef:02:7b:c8:8b:b9:53:5a:be:a0:09:3b:25:58:
88:f1:76:82:da:34:6d:cb:8e:c4:14:19:f7:f7:40:
09:05:ee:e1:37:cd:d0:91:4b:17:11:05:db:a4:de:
11:6b:3b:87:25:03:f8:31:fd:84:df:22:b0:e1:a5:
e2:02:52:79:86:ae:21:6b:47:43:ba:a1:1d:40:49:
1a:40:30:d5:0a:ab:b2:b7:db:07:96:6d:01:55:2e:
8f:90:62:a0:a6:93:7b:f8:82:76:c0:95:dd:ee:93:
c5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:02:81:CC:8E:48:33:2D:BF:9D:93:25:40:E3:F6:4A:05:42:A9:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:86:42:7b:a7:42:71:83:6a:b7:76:71:5d:52:2b:f6:8b:58:
d5:6a:de:c8:32:ce:9d:7f:02:2e:c4:16:fd:46:4b:eb:f3:e2:
62:4c:4f:eb:c3:58:4c:e0:41:75:ac:c0:e7:40:0e:34:2a:d4:
ea:20:26:9a:1a:80:21:aa:2e:0c:e3:0c:8a:18:1f:f4:5b:6f:
ac:55:db:63:42:55:bc:83:d7:3b:97:9d:fc:53:dd:4d:0c:8d:
aa:cb:7c:34:1e:85:45:a8:2f:72:47:fc:d4:e5:d9:32:dd:92:
84:22:bf:77:14:52:02:8a:4f:8e:ad:c9:23:e4:84:f4:65:59:
77:e7:ab:30:82:eb:a6:72:0f:46:6e:83:be:e3:cd:3f:4e:e4:
0b:af:84:c0:e3:d2:c3:bb:8b:29:4a:b9:f9:f9:b8:8c:5f:b0:
19:42:99:06:a5:56:1d:f3:f3:19:75:51:8a:d2:30:83:64:41:
9a:ad:fe:4d:86:a2:d3:4e:47:d7:1a:b1:eb:52:46:68:0d:65:
b1:d9:5f:dc:1a:25:65:dc:df:e7:96:41:85:05:3f:b0:87:47:
24:15:15:49:f1:36:8c:72:a3:eb:0e:cc:de:e0:11:ab:89:04:
50:b1:20:ae:0d:fb:64:df:1a:a7:a0:7c:49:38:58:65:c1:dc:
19:ab:90:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFoNNcmK59AnIXBgf7GDAT87bsjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYmY4N2NiNDVkNDY5ZmE5YWI1NzZlM2Q4MmE5MTU3NmIyYjE0ZTQ1MTJh
MWM2NDYwNGY1OGUzMjVmNWE5MzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/321DMsut3uE3FxprOC2ojbv7HhUkBwIxqO+Hpjbrau4lggRaZ+bkR89Tn
c/WoSEB2e41rCZtIL665BeoouzfCEKGgHZczomIJ4jDXX2ygllUU6yOrOBb3G94P
/CuA//igkqjt/Nrc/qoJJCecTjM6BAi8XEI6OniGM0p7ZTq1VZs8Kv1BM5aIq0ii
qe74U9ZRUEXs/e8Ce8iLuVNavqAJOyVYiPF2gto0bcuOxBQZ9/dACQXu4TfN0JFL
FxEF26TeEWs7hyUD+DH9hN8isOGl4gJSeYauIWtHQ7qhHUBJGkAw1QqrsrfbB5Zt
AVUuj5BioKaTe/iCdsCV3e6TxdcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToAoHM
jkgzLb+dkyVA4/ZKBUKpXjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTUyZDhmOGYtNDc0Yy00NzI2LThjMTktZTU5YjhjNjlkNDgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQCNhkJ7p0Jxg2q3dnFdUiv2i1jVat7IMs6dfwIuxBb9
Rkvr8+JiTE/rw1hM4EF1rMDnQA40KtTqICaaGoAhqi4M4wyKGB/0W2+sVdtjQlW8
g9c7l538U91NDI2qy3w0HoVFqC9yR/zU5dky3ZKEIr93FFICik+Orckj5IT0ZVl3
56swguumcg9GboO+480/TuQLr4TA49LDu4spSrn5+biMX7AZQpkGpVYd8/MZdVGK
0jCDZEGarf5NhqLTTkfXGrHrUkZoDWWx2V/cGiVl3N/nlkGFBT+wh0ckFRVJ8TaM
cqPrDsze4BGriQRQsSCuDftk3xqnoHxJOFhlwdwZq5C+
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net