Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab2bd54d-8763-48bd-8d9a-568f3baf0a9b.roa
File: ab2bd54d-8763-48bd-8d9a-568f3baf0a9b.roa (raw, json)
Hash identifier: coIoe6KoaTSkqRG9WwkWmxyjAcqcOg4OOyXYKLgH2Do=
Subject key identifier: EE:68:9B:B9:5D:E3:76:79:A3:AE:BB:80:CC:23:4C:24:E0:8D:FC:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 746B3667092C836944E53352F30652C12084A85B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab2bd54d-8763-48bd-8d9a-568f3baf0a9b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1020::/43 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6b:36:67:09:2c:83:69:44:e5:33:52:f3:06:52:c1:20:84:a8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=dd957db3e95394c19e6ee602093aa5941be6371c1c2702fe954d5c326066367a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f2:cf:85:6d:9b:78:2a:09:a3:52:05:ff:1f:
ff:45:2f:b0:a1:78:08:b8:e2:e5:be:a0:7c:50:b4:
d7:64:75:4d:36:22:fe:2e:f1:16:3c:1a:de:01:31:
b8:84:d6:f8:22:ae:d5:4e:a2:2c:8c:e2:34:d1:ae:
72:20:dd:04:78:dd:12:e1:a4:30:42:7d:a5:b2:ee:
80:24:93:67:95:74:0e:72:10:6e:69:0a:98:3c:74:
4d:19:a7:60:ff:c6:f0:63:e4:7e:e1:fa:9c:f7:c8:
12:ae:ae:f1:56:4a:90:d9:f6:97:f1:3c:f2:f8:a2:
e6:7a:59:1e:68:bb:e3:fd:99:cd:ea:bb:e7:7e:ea:
f0:1f:c9:ad:ae:72:82:90:ad:56:fe:ba:95:fe:3d:
c3:b0:11:47:c3:ce:8a:5f:b4:a3:71:2a:53:b6:d9:
7e:c7:2c:5b:0c:32:7e:bd:e9:d9:c7:71:ae:20:99:
8d:0a:5e:57:03:1d:b4:2a:d2:1c:67:a5:65:49:c4:
c4:a4:94:73:74:0a:68:4c:1c:08:d7:00:9f:45:af:
55:fe:d5:7e:d8:cf:58:b3:42:db:e8:5c:7d:bf:4b:
16:cd:70:2b:40:8c:12:46:2f:0b:73:d9:f1:7b:aa:
77:63:23:24:15:83:7a:a0:be:3f:4e:4d:03:5d:93:
60:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:68:9B:B9:5D:E3:76:79:A3:AE:BB:80:CC:23:4C:24:E0:8D:FC:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab2bd54d-8763-48bd-8d9a-568f3baf0a9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1020::/43
Signature Algorithm: sha256WithRSAEncryption
6a:9c:d3:fb:ce:0c:68:cd:de:35:76:ce:12:e9:a9:ff:05:df:
53:2b:3b:91:73:a5:cf:9b:1c:5b:8f:af:f0:29:39:ee:df:55:
0d:58:47:81:ff:aa:e5:c2:d1:6a:ce:28:bb:68:29:ea:30:7e:
02:2c:35:c1:23:b5:81:86:25:36:f1:b0:ef:31:1b:fc:95:2a:
42:b6:0d:93:71:bc:9d:94:fc:1e:1c:47:06:85:51:c0:ca:a3:
a6:1c:06:d9:a1:ec:20:e3:83:ed:62:36:54:62:15:fd:46:a0:
d8:74:3d:8b:90:98:cd:63:dc:48:a5:b2:20:1a:ce:6c:ba:75:
77:b1:01:de:74:ca:34:b5:eb:8d:d5:ed:77:1d:0b:0e:65:8f:
f6:a2:a2:fd:74:2b:30:f5:86:15:c7:49:d7:fa:d9:a4:06:fd:
c1:fb:12:87:e5:cb:f4:f6:88:51:dc:2d:8b:4c:4e:33:53:fc:
69:71:05:d3:fc:9d:ae:a0:75:a1:52:81:1d:ae:2d:ad:42:2f:
3e:f1:21:63:94:0c:0c:54:84:80:eb:79:60:f9:a7:b3:7e:0b:
0a:33:bc:ac:13:6a:c8:35:e1:d4:21:91:49:0f:ec:7e:8d:39:
8c:b7:d9:a9:14:27:e5:1d:fe:73:b1:41:bd:cf:6f:8e:96:23:
88:0f:cf:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdGs2Zwksg2lE5TNS8wZSwSCEqFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkOTU3ZGIzZTk1Mzk0YzE5ZTZlZTYwMjA5M2FhNTk0MWJlNjM3MWMxYzI3
MDJmZTk1NGQ1YzMyNjA2NjM2N2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTyz4Vtm3gqCaNSBf8f/0UvsKF4CLji5b6gfFC012R1TTYi/i7xFjwa3gEx
uITW+CKu1U6iLIziNNGuciDdBHjdEuGkMEJ9pbLugCSTZ5V0DnIQbmkKmDx0TRmn
YP/G8GPkfuH6nPfIEq6u8VZKkNn2l/E88vii5npZHmi74/2Zzeq7537q8B/Jra5y
gpCtVv66lf49w7ARR8POil+0o3EqU7bZfscsWwwyfr3p2cdxriCZjQpeVwMdtCrS
HGelZUnExKSUc3QKaEwcCNcAn0WvVf7VftjPWLNC2+hcfb9LFs1wK0CMEkYvC3PZ
8Xuqd2MjJBWDeqC+P05NA12TYCUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuaJu5
XeN2eaOuu4DMI0wk4I382DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWIyYmQ1NGQtODc2My00OGJkLThkOWEtNTY4ZjNiYWYwYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoBBXgQ
IDANBgkqhkiG9w0BAQsFAAOCAQEAapzT+84MaM3eNXbOEump/wXfUys7kXOlz5sc
W4+v8Ck57t9VDVhHgf+q5cLRas4ou2gp6jB+Aiw1wSO1gYYlNvGw7zEb/JUqQrYN
k3G8nZT8HhxHBoVRwMqjphwG2aHsIOOD7WI2VGIV/Uag2HQ9i5CYzWPcSKWyIBrO
bLp1d7EB3nTKNLXrjdXtdx0LDmWP9qKi/XQrMPWGFcdJ1/rZpAb9wfsSh+XL9PaI
Udwti0xOM1P8aXEF0/ydrqB1oVKBHa4trUIvPvEhY5QMDFSEgOt5YPmns34LCjO8
rBNqyDXh1CGRSQ/sfo05jLfZqRQn5R3+c7FBvc9vjpYjiA/Pxw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:39 2024 by rpki-client on console.sobornost.net