Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
File: b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa (raw, json)
Hash identifier: DVfali+tUNbeRUZgjLiPv7+HuCNVgATpzK+ptCKaPbg=
Subject key identifier: 28:16:BC:08:A9:13:4B:30:9B:BC:E8:EC:72:47:DA:83:57:36:C1:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2795BDACE449FFFAE436A8251B84049176E145D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:95:bd:ac:e4:49:ff:fa:e4:36:a8:25:1b:84:04:91:76:e1:45:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=743a633295d689a2e93ade34f35550fdc97a2d77e49df5d28a68775bece82427, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6e:84:f1:4a:d5:c4:4c:4e:7c:7b:a7:36:bb:
28:d0:90:b0:e5:d7:6e:2c:d4:7a:2b:dc:0f:f7:89:
24:81:eb:74:b4:48:42:95:6b:c5:0b:e8:6f:06:6e:
fe:98:36:b4:69:f4:a8:14:84:31:15:a7:ae:f8:bc:
95:32:60:72:fa:53:c8:ee:90:59:3d:f1:f8:26:a6:
05:ce:37:fe:84:46:d6:80:fd:d9:7f:db:65:22:9b:
a5:f6:7b:b3:82:29:e4:a1:19:77:55:cb:7e:c0:13:
cb:da:64:c4:1c:d6:13:38:c3:22:24:3a:de:c1:2c:
78:6f:31:e9:c7:26:b9:cf:ec:9e:2a:29:a9:3a:26:
29:70:b4:5b:6b:e2:49:e7:66:9f:9f:0f:1b:38:df:
4f:35:f0:15:5b:85:dd:c7:03:f8:19:15:b1:34:38:
36:ec:8f:ef:6c:06:d8:3c:fd:6b:b9:a1:de:9d:7e:
64:df:b0:66:c3:c4:cb:84:82:2a:5b:8d:21:3d:e5:
1c:49:08:21:20:1e:ec:1e:60:74:c5:aa:e0:f9:a3:
95:92:89:ab:47:cc:d4:08:8e:b3:d9:41:3f:bc:a1:
b5:cd:20:4e:3e:44:a7:bc:5b:e7:fb:a3:cb:6d:6d:
70:0f:11:ed:18:a9:fd:ec:cf:bb:c7:21:7b:90:45:
10:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:16:BC:08:A9:13:4B:30:9B:BC:E8:EC:72:47:DA:83:57:36:C1:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:cf:e3:e6:0b:96:eb:e3:64:21:46:a5:2a:f8:e0:f0:68:24:
0c:37:ad:49:14:58:0c:5a:28:89:ab:a2:b3:74:3d:20:80:11:
de:df:99:74:cf:f9:6c:85:64:6f:a9:f1:11:1d:39:76:89:9e:
77:b7:d9:73:ed:8f:a2:84:77:ea:09:4c:a7:c7:f6:d3:d8:d4:
78:13:80:ce:d2:0c:c5:0c:90:8a:4a:af:f8:08:23:d3:1b:29:
68:98:94:6f:16:39:9b:3a:14:4c:b2:75:dc:76:ad:36:fe:c8:
7a:e0:65:ea:24:f8:c6:8a:74:db:04:a4:6b:71:d0:7c:bc:89:
ec:15:98:64:0d:4b:cd:a6:46:90:1a:1a:b7:e0:f2:d7:44:c9:
26:5c:c5:42:5a:3c:fd:a5:6f:18:ee:bc:93:69:e2:95:bf:00:
6f:b3:6e:2b:49:6b:d3:41:3e:e1:a4:2e:ee:37:ed:0a:c1:b2:
97:16:69:db:d6:7e:2c:57:5a:f3:1f:db:58:ad:32:7b:83:c2:
a0:9c:11:c5:43:11:7a:51:0f:93:ea:78:1f:98:b6:b5:bb:eb:
b8:a3:4f:67:37:23:fb:4b:bd:b6:2e:29:df:eb:5c:9c:8f:cb:
36:71:c4:10:3e:d1:ea:e8:e4:9d:3b:33:47:22:d1:79:01:b7:
3b:b8:e1:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ5W9rORJ//rkNqglG4QEkXbhRdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0M2E2MzMyOTVkNjg5YTJlOTNhZGUzNGYzNTU1MGZkYzk3YTJkNzdlNDlk
ZjVkMjhhNjg3NzViZWNlODI0MjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5uhPFK1cRMTnx7pza7KNCQsOXXbizUeivcD/eJJIHrdLRIQpVrxQvobwZu
/pg2tGn0qBSEMRWnrvi8lTJgcvpTyO6QWT3x+CamBc43/oRG1oD92X/bZSKbpfZ7
s4Ip5KEZd1XLfsATy9pkxBzWEzjDIiQ63sEseG8x6ccmuc/sniopqTomKXC0W2vi
Sedmn58PGzjfTzXwFVuF3ccD+BkVsTQ4NuyP72wG2Dz9a7mh3p1+ZN+wZsPEy4SC
KluNIT3lHEkIISAe7B5gdMWq4PmjlZKJq0fM1AiOs9lBP7yhtc0gTj5Ep7xb5/uj
y21tcA8R7Rip/ezPu8che5BFEJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQoFrwI
qRNLMJu86OxyR9qDVzbBJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjNkMWZjZjctZTgyYS00ZmU0LWIxZmUtYWJlYzJjYzcxZDYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQDNz+PmC5br42QhRqUq+ODwaCQMN61JFFgMWiiJq6Kz
dD0ggBHe35l0z/lshWRvqfERHTl2iZ53t9lz7Y+ihHfqCUynx/bT2NR4E4DO0gzF
DJCKSq/4CCPTGylomJRvFjmbOhRMsnXcdq02/sh64GXqJPjGinTbBKRrcdB8vIns
FZhkDUvNpkaQGhq34PLXRMkmXMVCWjz9pW8Y7ryTaeKVvwBvs24rSWvTQT7hpC7u
N+0KwbKXFmnb1n4sV1rzH9tYrTJ7g8KgnBHFQxF6UQ+T6ngfmLa1u+u4o09nNyP7
S722Linf61ycj8s2ccQQPtHq6OSdOzNHItF5Abc7uOF9
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net