Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
File: ac4c449e-69e4-45a7-85e4-1915d006207d.roa (raw, json)
Hash identifier: slju4RDEU5ic1WF1bO7KLaZ3G8R6R2EJgSgojvy43mE=
Subject key identifier: 50:5E:4F:3B:70:01:5E:B7:0E:D9:04:A9:A8:98:BA:14:84:D6:33:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 672DC10893A5169F67E11CDC3063E340B5BA9CB5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:2d:c1:08:93:a5:16:9f:67:e1:1c:dc:30:63:e3:40:b5:ba:9c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2ed93f17a2667cf0bdbdd86f192f5217020c7bde9bc0874e7598e0112b0c8256, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:18:40:d8:f1:21:cc:64:de:21:62:9d:92:f8:
80:37:85:64:6d:47:86:02:2c:0f:4b:9c:1c:3a:61:
a6:6a:a0:39:77:04:c2:8a:11:d3:f6:75:17:4f:56:
d2:b0:f1:f6:2c:fb:da:ad:d7:ce:9d:46:55:43:94:
19:0f:8a:05:ca:d9:27:02:44:13:53:5a:73:b1:8e:
7a:be:7e:f3:de:99:f7:a4:a3:41:10:06:00:3e:74:
6e:91:df:31:0f:e4:9e:0f:d7:8d:29:7c:33:55:a4:
0f:77:00:20:1c:62:35:29:d0:5f:94:61:10:f3:82:
de:ff:85:82:27:b6:87:c7:0f:61:59:aa:c6:d1:57:
d8:91:01:7b:15:30:7a:a9:d8:7e:8b:67:f7:6b:c7:
a4:b7:cf:87:17:4c:2a:68:77:52:97:96:6e:b7:99:
25:45:89:e7:91:02:93:9c:c4:11:52:8c:67:ff:a8:
2c:cf:b3:43:b8:dd:78:15:56:2a:f7:74:ab:fc:b3:
dc:bb:07:9f:56:b3:39:47:ca:4a:6d:6c:e8:96:70:
c0:1e:33:97:55:8d:dc:05:6b:58:5f:2f:63:f8:a0:
fd:fe:8f:7a:f6:d4:1b:e1:2a:3e:22:23:ce:9e:f7:
5f:51:7e:78:f5:11:7d:57:7b:f8:41:16:42:17:8e:
24:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5E:4F:3B:70:01:5E:B7:0E:D9:04:A9:A8:98:BA:14:84:D6:33:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
bc:9e:d6:03:05:55:b6:e3:33:34:f7:ee:15:a4:59:e6:3b:a9:
d7:67:8e:0f:67:45:cf:6b:5f:d2:95:1b:9c:bf:d5:7b:4c:19:
79:e5:f8:2d:61:05:97:12:98:38:71:09:7c:3f:68:56:de:8c:
de:31:6b:89:d1:af:52:4e:fe:fe:65:1d:56:4d:f8:1d:79:c6:
47:eb:73:7c:50:74:7b:12:13:4b:6c:b6:18:31:b8:95:09:1f:
88:55:67:69:75:05:44:e6:44:23:ea:c3:39:91:f4:d3:69:96:
c5:d7:3a:4a:c6:d2:d8:dc:cc:6d:d2:86:9b:40:35:3d:7f:18:
21:47:8f:5f:ba:1a:58:22:3d:ce:78:fe:36:dc:19:c8:ea:41:
6d:f7:07:db:ae:37:a4:39:7b:57:d5:22:61:30:b6:96:89:11:
20:2a:c4:ca:85:86:7b:0d:11:2e:4a:5c:81:23:3a:71:44:78:
9c:f1:e2:26:d5:ea:f8:36:75:0d:43:30:8c:b8:b9:5b:18:7a:
73:4e:63:d0:02:e2:fb:ea:0e:aa:e4:24:90:61:08:81:1f:3e:
31:a9:f7:9e:37:e6:21:89:db:b5:cf:05:58:5a:64:36:91:b7:
44:a3:43:d3:7e:43:03:fe:50:b2:2a:9f:2f:40:10:06:9f:76:
56:90:c8:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZy3BCJOlFp9n4RzcMGPjQLW6nLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZDkzZjE3YTI2NjdjZjBiZGJkZDg2ZjE5MmY1MjE3MDIwYzdiZGU5YmMw
ODc0ZTc1OThlMDExMmIwYzgyNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIYQNjxIcxk3iFinZL4gDeFZG1HhgIsD0ucHDphpmqgOXcEwooR0/Z1F09W
0rDx9iz72q3Xzp1GVUOUGQ+KBcrZJwJEE1Nac7GOer5+896Z96SjQRAGAD50bpHf
MQ/kng/XjSl8M1WkD3cAIBxiNSnQX5RhEPOC3v+Fgie2h8cPYVmqxtFX2JEBexUw
eqnYfotn92vHpLfPhxdMKmh3UpeWbreZJUWJ55ECk5zEEVKMZ/+oLM+zQ7jdeBVW
Kvd0q/yz3LsHn1azOUfKSm1s6JZwwB4zl1WN3AVrWF8vY/ig/f6PevbUG+EqPiIj
zp73X1F+ePURfVd7+EEWQheOJIcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQXk87
cAFetw7ZBKmomLoUhNYzhDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YzQ0OWUtNjllNC00NWE3LTg1ZTQtMTkxNWQwMDYyMDdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAvJ7WAwVVtuMzNPfuFaRZ5jup12eOD2dFz2tf
0pUbnL/Ve0wZeeX4LWEFlxKYOHEJfD9oVt6M3jFridGvUk7+/mUdVk34HXnGR+tz
fFB0exITS2y2GDG4lQkfiFVnaXUFROZEI+rDOZH002mWxdc6SsbS2NzMbdKGm0A1
PX8YIUePX7oaWCI9znj+NtwZyOpBbfcH2643pDl7V9UiYTC2lokRICrEyoWGew0R
LkpcgSM6cUR4nPHiJtXq+DZ1DUMwjLi5Wxh6c05j0ALi++oOquQkkGEIgR8+Man3
njfmIYnbtc8FWFpkNpG3RKND035DA/5QsiqfL0AQBp92VpDIhA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:39 2024 by rpki-client on console.sobornost.net