Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac15d5af-b90d-456e-b53e-55f7c17fc512.roa
File: ac15d5af-b90d-456e-b53e-55f7c17fc512.roa (raw, json)
Hash identifier: HTjaP55AAPpP2McBRhNZcrjk4xMfuTZEtXSlcUiEzTc=
Subject key identifier: 33:34:C1:B0:57:36:F4:0B:CC:B0:8C:C9:12:7D:81:FB:78:E4:9F:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2017298727B6AB18EA552601AF43B494AE0C9E49
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac15d5af-b90d-456e-b53e-55f7c17fc512.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:17:29:87:27:b6:ab:18:ea:55:26:01:af:43:b4:94:ae:0c:9e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=620e6244a3b5685c28ebb528edad129fabf36fc4df4591d2d78749861d6b7526, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7a:09:36:53:32:e8:94:27:fe:74:cf:b8:0f:
b2:d0:52:eb:b5:b3:f5:0d:c2:c7:c7:f7:e2:c3:6f:
f1:af:91:4b:0b:d3:cd:c8:9f:fb:25:37:34:76:2a:
97:36:50:96:d4:df:42:a4:50:33:d0:4c:da:50:bb:
e6:c4:ea:6a:d8:82:ec:9c:c4:62:f6:cb:a2:7d:44:
d7:30:21:c9:92:b8:27:7d:e9:d5:7d:5c:df:bb:79:
de:a6:4f:b0:63:a6:cf:a8:37:ce:e0:bd:22:e2:35:
21:34:a4:24:e1:2d:d3:c2:01:7d:b5:3b:cd:9e:96:
7d:a4:ce:e6:50:82:16:1c:31:14:85:72:1b:b2:40:
3b:79:0e:a6:4f:c6:b9:aa:12:32:96:ae:83:1b:9e:
18:8e:48:cb:94:ec:93:58:61:ec:2b:7a:84:42:3f:
e7:27:6e:4e:6a:ef:f5:dd:db:c1:02:3e:31:e6:77:
0e:03:93:e2:56:cf:98:cc:1b:fb:b5:d2:c8:68:6c:
b4:b0:b7:97:b8:2e:1a:24:29:54:a7:28:c3:a7:3d:
5a:5a:b0:31:b0:98:83:0a:21:48:69:88:c4:48:58:
20:c3:2b:61:cf:d1:d2:3a:03:18:a6:e5:26:b2:1b:
0e:31:73:9f:a8:15:8b:e8:21:06:ee:9f:fb:c4:70:
45:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:34:C1:B0:57:36:F4:0B:CC:B0:8C:C9:12:7D:81:FB:78:E4:9F:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac15d5af-b90d-456e-b53e-55f7c17fc512.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:83:db:e3:1a:2c:c8:4a:77:87:0a:8a:32:cf:ae:9f:90:52:
b8:f9:0a:84:b6:54:6d:9f:69:aa:6d:f8:fe:1b:1c:c3:25:75:
b5:2a:2e:6c:be:81:56:dc:22:2b:7e:e2:56:57:cd:45:7c:c3:
11:e8:e5:bb:59:81:05:0a:92:ef:59:b1:57:f4:5b:ba:bb:58:
62:96:d3:6c:e2:26:a9:41:30:33:20:82:d5:23:9a:e2:45:79:
84:30:b8:55:0a:20:88:24:41:37:41:86:ac:0a:7e:15:de:a6:
f3:37:7e:0d:11:b2:e8:0e:75:bc:bc:cd:c4:a1:f5:5a:84:b5:
c2:52:b0:fd:06:6b:cd:54:cd:a9:79:ab:b3:c6:0f:4d:3c:fc:
56:4e:54:f4:a1:1d:1e:ac:d8:f8:a8:93:b0:52:be:5c:cb:43:
0f:5f:7e:17:68:c2:7e:a4:2e:db:c9:94:41:b1:6b:74:65:b0:
43:1f:89:f5:45:a0:de:e4:8d:ae:f3:3b:e4:7d:57:87:44:f9:
6a:1a:8c:46:21:aa:6e:2c:a2:d3:c5:65:4c:fd:f1:79:b2:94:
f2:47:b5:2a:a0:fa:56:cf:27:4f:34:cb:83:3a:c3:de:27:ea:
01:af:c8:2f:9f:7a:67:14:8f:51:a3:34:8d:65:1f:bf:67:40:
49:6f:8c:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIBcphye2qxjqVSYBr0O0lK4MnkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMGU2MjQ0YTNiNTY4NWMyOGViYjUyOGVkYWQxMjlmYWJmMzZmYzRkZjQ1
OTFkMmQ3ODc0OTg2MWQ2Yjc1MjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV6CTZTMuiUJ/50z7gPstBS67Wz9Q3Cx8f34sNv8a+RSwvTzcif+yU3NHYq
lzZQltTfQqRQM9BM2lC75sTqatiC7JzEYvbLon1E1zAhyZK4J33p1X1c37t53qZP
sGOmz6g3zuC9IuI1ITSkJOEt08IBfbU7zZ6WfaTO5lCCFhwxFIVyG7JAO3kOpk/G
uaoSMpaugxueGI5Iy5Tsk1hh7Ct6hEI/5yduTmrv9d3bwQI+MeZ3DgOT4lbPmMwb
+7XSyGhstLC3l7guGiQpVKcow6c9WlqwMbCYgwohSGmIxEhYIMMrYc/R0joDGKbl
JrIbDjFzn6gVi+ghBu6f+8RwRf0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQzNMGw
Vzb0C8ywjMkSfYH7eOSfjjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWMxNWQ1YWYtYjkwZC00NTZlLWI1M2UtNTVmN2MxN2ZjNTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQCBg9vjGizISneHCooyz66fkFK4+QqEtlRtn2mqbfj+
GxzDJXW1Ki5svoFW3CIrfuJWV81FfMMR6OW7WYEFCpLvWbFX9Fu6u1hiltNs4iap
QTAzIILVI5riRXmEMLhVCiCIJEE3QYasCn4V3qbzN34NEbLoDnW8vM3EofVahLXC
UrD9BmvNVM2peauzxg9NPPxWTlT0oR0erNj4qJOwUr5cy0MPX34XaMJ+pC7byZRB
sWt0ZbBDH4n1RaDe5I2u8zvkfVeHRPlqGoxGIapuLKLTxWVM/fF5spTyR7UqoPpW
zydPNMuDOsPeJ+oBr8gvn3pnFI9RozSNZR+/Z0BJb4yx
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net