Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
File: a8b62ce7-3238-4647-ad97-9a9628b10f66.roa (raw, json)
Hash identifier: 7SzIksfVXEBT8u7mUul6y0ZQ4ADh8bVM82icDlD1G/Y=
Subject key identifier: D9:E9:D9:A9:5A:92:B7:27:F3:3D:42:C2:2E:3C:6E:5F:A7:C2:19:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3659D1EF1B3FDD9CF17382455B0241C278E9EC62
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:59:d1:ef:1b:3f:dd:9c:f1:73:82:45:5b:02:41:c2:78:e9:ec:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=8eefd8d887cc8a522bad4d78719ad9e44f6d57f98c877593be92876f67b5d8dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:7a:8d:0d:fc:ab:f9:d7:83:58:f7:97:51:
de:4a:b5:93:47:8d:d8:6e:bc:ed:3d:6a:70:0c:bd:
34:46:f2:e3:83:3a:22:08:2a:c4:c5:4e:2f:f1:d1:
a1:14:00:7f:dd:e8:6a:40:fd:ab:e9:1b:d7:86:42:
76:d6:94:40:fa:62:1f:09:dd:a1:6c:a0:ca:46:b0:
b6:e9:c6:2a:9d:c5:b1:84:ae:31:e5:e9:40:f1:e4:
fe:15:de:66:d4:95:bb:ba:47:ca:c2:ba:4f:af:6e:
79:75:5a:58:30:70:b0:44:17:e0:9b:51:3e:22:28:
78:b4:a7:16:d6:b1:07:94:6c:e1:7c:04:b3:a8:f3:
0c:78:20:75:1f:aa:5c:d2:8e:36:06:a9:b6:40:53:
e5:a7:fe:76:9e:3c:7e:79:98:ec:c0:d6:36:42:dc:
0f:51:76:cd:05:c1:7e:c8:82:7d:3b:fa:24:49:08:
fe:47:dd:7a:92:68:0f:fb:76:e6:b6:3c:b6:b4:a4:
cd:af:08:60:0e:a9:4a:99:23:ee:35:c6:b8:3a:2f:
f1:b5:07:16:a7:92:d3:6e:e6:d4:fd:2e:28:e8:72:
88:7c:74:f1:d5:c4:08:a6:29:a5:e1:5b:1f:3f:33:
ac:98:7e:d5:a8:14:49:50:36:c2:83:3b:19:98:2a:
72:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E9:D9:A9:5A:92:B7:27:F3:3D:42:C2:2E:3C:6E:5F:A7:C2:19:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
44:7b:e4:69:e3:a0:2a:90:67:f7:74:b1:7f:98:4f:4d:a8:f5:
02:68:d3:04:ab:5e:54:43:76:e6:3b:65:16:67:c2:43:7c:08:
8d:c5:89:d5:2c:26:8d:cc:67:56:5b:fb:c3:6c:b7:e1:be:ee:
1b:fd:96:d2:5c:e3:2b:be:f4:fc:be:90:1b:0b:e8:6f:e7:ea:
b8:0b:de:0d:be:4c:d8:92:5b:bd:5b:0c:02:65:f8:56:60:e9:
bf:36:d7:78:d0:a1:4d:64:61:a3:ff:53:87:60:5e:1c:2b:30:
be:e6:9c:23:2a:f9:e7:bd:d5:10:b4:45:15:60:00:eb:f4:79:
5d:c3:c9:67:63:1f:91:35:f7:18:54:89:d5:57:7b:cb:e7:fe:
cc:a8:10:9f:35:88:5e:60:2b:4e:9d:86:80:8f:4f:6a:b1:15:
71:b1:21:fa:c8:0a:8b:63:eb:d6:83:75:55:41:b9:35:db:e4:
2e:8d:52:04:3c:cb:f4:cd:13:44:91:89:db:fc:4c:47:14:d8:
7e:d9:15:00:44:6b:59:1b:18:b6:43:9f:00:27:8b:2f:3a:fa:
da:00:b0:27:f0:a9:f7:4d:7b:42:c8:59:13:63:26:00:a0:fa:
3f:1d:92:a5:69:77:25:42:9f:6c:c4:81:11:e9:93:3e:9b:c1:
dd:c4:a6:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNlnR7xs/3Zzxc4JFWwJBwnjp7GIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZWZkOGQ4ODdjYzhhNTIyYmFkNGQ3ODcxOWFkOWU0NGY2ZDU3Zjk4Yzg3
NzU5M2JlOTI4NzZmNjdiNWQ4ZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcOeo0N/Kv514NY95dR3kq1k0eN2G687T1qcAy9NEby44M6IggqxMVOL/HR
oRQAf93oakD9q+kb14ZCdtaUQPpiHwndoWygykawtunGKp3FsYSuMeXpQPHk/hXe
ZtSVu7pHysK6T69ueXVaWDBwsEQX4JtRPiIoeLSnFtaxB5Rs4XwEs6jzDHggdR+q
XNKONgaptkBT5af+dp48fnmY7MDWNkLcD1F2zQXBfsiCfTv6JEkI/kfdepJoD/t2
5rY8trSkza8IYA6pSpkj7jXGuDov8bUHFqeS027m1P0uKOhyiHx08dXECKYppeFb
Hz8zrJh+1agUSVA2woM7GZgqcikCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTZ6dmp
WpK3J/M9QsIuPG5fp8IZSDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YThiNjJjZTctMzIzOC00NjQ3LWFkOTctOWE5NjI4YjEwZjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBEe+Rp46AqkGf3dLF/mE9NqPUCaNMEq15UQ3bmO2UW
Z8JDfAiNxYnVLCaNzGdWW/vDbLfhvu4b/ZbSXOMrvvT8vpAbC+hv5+q4C94NvkzY
klu9WwwCZfhWYOm/Ntd40KFNZGGj/1OHYF4cKzC+5pwjKvnnvdUQtEUVYADr9Hld
w8lnYx+RNfcYVInVV3vL5/7MqBCfNYheYCtOnYaAj09qsRVxsSH6yAqLY+vWg3VV
Qbk12+QujVIEPMv0zRNEkYnb/ExHFNh+2RUARGtZGxi2Q58AJ4svOvraALAn8Kn3
TXtCyFkTYyYAoPo/HZKlaXclQp9sxIER6ZM+m8HdxKZ6
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net