Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9218a5d-baaa-4846-8ae2-c5145614b368.roa
File: a9218a5d-baaa-4846-8ae2-c5145614b368.roa (raw, json)
Hash identifier: DuICKuKLsHkjr3+BVCV3jm66M69B0U1RPNycQSDR2a8=
Subject key identifier: 0F:50:66:C0:5D:20:A8:25:E8:A8:59:B1:24:38:62:27:37:E3:24:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53E0CA4DD0144053335668CED0F8D7AC470506B0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9218a5d-baaa-4846-8ae2-c5145614b368.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:e0:ca:4d:d0:14:40:53:33:56:68:ce:d0:f8:d7:ac:47:05:06:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=aef9f32c72e08eaea100d79b49da4b5e8e93cf0599e99557ccd9c91f8cfd7720, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:78:a3:90:79:d6:99:82:96:ec:57:58:74:
c4:39:7e:9c:bf:2b:09:ec:aa:f6:4c:0e:a3:0c:76:
56:ab:66:5d:02:be:58:1b:1f:7b:5b:59:0e:5e:8c:
c0:82:0b:7e:c4:f3:46:e1:2f:16:19:0a:f9:12:c3:
41:78:4c:0b:ff:fb:74:a8:28:29:1a:5b:bc:8f:c5:
54:a8:b1:18:f0:9c:2a:35:71:8b:7d:e0:3d:17:93:
7e:6f:b8:f0:91:39:c3:1a:4e:d5:49:6a:d5:08:a3:
db:70:94:82:8e:bb:a9:9f:70:f7:59:77:a3:54:0b:
fd:df:b2:4e:8c:6a:fa:99:cf:a3:92:cf:d9:a0:de:
15:6f:bd:63:f3:c2:5a:ac:65:6f:4e:43:f9:70:b5:
db:d9:de:51:c6:c2:55:e7:ff:23:bb:47:94:d9:1a:
7d:27:46:03:f5:8f:f8:59:62:b1:36:69:82:26:8a:
a6:8b:96:a1:fc:38:be:ef:99:f3:40:d0:63:89:ca:
67:b2:00:11:e9:56:70:81:ef:9b:b2:d6:55:89:e7:
9c:58:1f:72:a8:7e:20:02:37:75:49:10:47:be:b7:
b1:05:0b:16:93:36:c5:2c:03:be:60:50:6b:33:6e:
3f:64:b2:da:34:bc:59:de:34:a3:3b:2e:fa:07:cf:
32:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:50:66:C0:5D:20:A8:25:E8:A8:59:B1:24:38:62:27:37:E3:24:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9218a5d-baaa-4846-8ae2-c5145614b368.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
35:27:e6:cc:0a:e4:46:a8:d1:1f:1c:e2:c0:13:28:9d:a5:3c:
4a:2e:1e:77:da:43:f9:84:b0:86:4e:a3:e9:4f:64:86:4c:7d:
76:8e:49:64:7a:0b:27:41:a0:3e:92:4a:23:02:5d:1c:3a:ff:
48:27:b0:9f:e5:85:a1:81:24:9a:1a:7b:99:bf:8e:8a:f9:4c:
cf:d2:b5:18:eb:33:87:3a:ae:cd:32:1e:76:53:46:5d:c1:a8:
09:7b:05:25:1c:2f:d7:75:f0:0c:3d:ff:10:08:af:6c:6b:1c:
da:11:30:26:cf:b0:18:b0:d6:67:46:5c:8c:d0:1f:0d:7c:ab:
5d:d6:c4:d3:9a:1f:60:e3:a9:b8:e2:a1:4b:8c:ca:14:2c:8e:
65:86:cc:2a:29:4d:94:7b:30:d3:01:bc:a8:75:84:8e:89:14:
12:d6:1d:fe:b8:ae:78:10:99:bb:6f:62:d5:a1:e4:1e:c7:c2:
da:65:cd:a9:03:0e:07:85:06:ae:1d:b7:8e:c9:a0:67:aa:eb:
bd:50:59:3d:55:2f:5a:8b:70:4e:dc:13:43:1e:78:da:70:44:
e3:78:d0:4f:9d:c0:93:ac:ec:d1:07:f3:0e:3f:0e:72:ee:be:
4e:84:ea:bd:0e:6d:07:cd:43:9d:19:85:58:cc:93:b0:99:86:
5d:12:c2:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU+DKTdAUQFMzVmjO0PjXrEcFBrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZjlmMzJjNzJlMDhlYWVhMTAwZDc5YjQ5ZGE0YjVlOGU5M2NmMDU5OWU5
OTU1N2NjZDljOTFmOGNmZDc3MjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE4eKOQedaZgpbsV1h0xDl+nL8rCeyq9kwOowx2VqtmXQK+WBsfe1tZDl6M
wIILfsTzRuEvFhkK+RLDQXhMC//7dKgoKRpbvI/FVKixGPCcKjVxi33gPReTfm+4
8JE5wxpO1Ulq1Qij23CUgo67qZ9w91l3o1QL/d+yToxq+pnPo5LP2aDeFW+9Y/PC
Wqxlb05D+XC129neUcbCVef/I7tHlNkafSdGA/WP+FlisTZpgiaKpouWofw4vu+Z
80DQY4nKZ7IAEelWcIHvm7LWVYnnnFgfcqh+IAI3dUkQR763sQULFpM2xSwDvmBQ
azNuP2Sy2jS8Wd40ozsu+gfPMvUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQPUGbA
XSCoJeioWbEkOGInN+MkxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTkyMThhNWQtYmFhYS00ODQ2LThhZTItYzUxNDU2MTRiMzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQA1J+bMCuRGqNEfHOLAEyidpTxKLh532kP5hLCGTqPp
T2SGTH12jklkegsnQaA+kkojAl0cOv9IJ7Cf5YWhgSSaGnuZv46K+UzP0rUY6zOH
Oq7NMh52U0ZdwagJewUlHC/XdfAMPf8QCK9saxzaETAmz7AYsNZnRlyM0B8NfKtd
1sTTmh9g46m44qFLjMoULI5lhswqKU2UezDTAbyodYSOiRQS1h3+uK54EJm7b2LV
oeQex8LaZc2pAw4HhQauHbeOyaBnquu9UFk9VS9ai3BO3BNDHnjacETjeNBPncCT
rOzRB/MOPw5y7r5OhOq9Dm0HzUOdGYVYzJOwmYZdEsIO
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net