Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
File: b76b2450-5088-45d4-a9f3-3c0e092919bd.roa (raw, json)
Hash identifier: QfPdxUSMhioX8/eK3R7uOdNXwbITXspadBh+G+12QXQ=
Subject key identifier: 61:25:31:55:BA:8B:38:CC:7B:48:3F:3C:D5:9E:7A:77:22:1D:5E:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28C4F466D3733933EB00ECB6BD0E5193405A34AA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
Signing time: Fri 06 Dec 2024 00:00:00 +0000
ROA not before: Fri 06 Dec 2024 00:00:00 +0000
ROA not after: Fri 10 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.168.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:c4:f4:66:d3:73:39:33:eb:00:ec:b6:bd:0e:51:93:40:5a:34:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 6 00:00:00 2024 GMT
Not After : Jan 10 23:59:59 2025 GMT
Subject: serialNumber=f3a68643a1d1633dc3486201bfde512aaf383a15459414e4ee363138595fe9eb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:1d:63:46:cc:79:6e:d4:f8:fe:20:ea:0a:
b7:ea:11:28:9e:f1:e8:8f:62:d9:95:87:a8:e5:d5:
8a:16:91:f1:22:ab:14:c8:16:7f:b2:66:6f:7a:51:
47:13:d8:6c:2c:8c:4b:60:07:bb:8e:f2:7a:e0:2a:
28:83:cf:a3:f1:1c:cc:ca:61:5f:9b:f8:46:f9:39:
0f:5f:76:35:bd:07:c8:ca:d3:33:1d:d5:20:00:7b:
ae:39:ce:a9:cd:d9:2b:5c:66:a1:9f:ea:6d:b0:0e:
91:13:80:58:fa:74:96:c4:aa:61:be:0b:54:5d:3b:
97:08:fd:24:dc:fa:3d:02:24:76:fe:78:7e:30:4f:
ad:04:6f:90:15:fc:03:59:e7:f6:a5:50:48:c9:9c:
e4:a9:1f:d3:80:b0:ce:73:cb:22:40:b3:19:f1:0d:
91:a5:d7:ef:5b:c2:b6:ce:87:b7:e4:33:84:6d:d1:
16:e0:e6:a7:75:67:2a:f7:30:2f:db:8a:68:90:8c:
f1:17:4f:4c:36:bc:be:17:f3:64:08:4b:41:00:66:
67:90:86:b6:0e:64:1f:80:eb:ee:85:38:21:3d:63:
17:0c:c9:bf:88:e4:14:ef:52:d1:71:e4:fa:0e:ba:
f8:c4:77:68:8a:60:68:16:09:cf:3e:7b:e2:95:ff:
bd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:25:31:55:BA:8B:38:CC:7B:48:3F:3C:D5:9E:7A:77:22:1D:5E:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
72:de:b5:fb:13:66:68:5c:25:c9:d6:80:49:5d:3f:b9:cb:13:
cb:94:3d:88:4b:8c:ac:87:c5:fe:d4:d1:10:c4:2d:75:98:05:
bb:e2:e2:1c:f8:c1:24:14:7f:6b:16:ce:fc:37:bf:20:e5:56:
f2:a1:e2:3a:68:e6:33:8c:53:fb:29:25:51:b8:e4:01:38:b5:
3c:70:bc:fb:cb:b4:e4:f9:70:23:21:59:ca:c0:e6:af:34:af:
70:54:d8:35:ad:1a:8d:59:44:9e:01:ff:7f:09:92:f3:99:dc:
51:4f:d4:0e:ad:50:8c:b0:6d:3e:ce:e2:c0:fc:c7:26:de:6f:
03:91:ae:82:6a:ae:af:c3:67:ff:16:86:ae:0d:3f:3f:c5:48:
60:3f:2d:f2:0c:e8:fd:c8:be:51:9d:d5:a2:c6:48:2f:89:92:
91:78:8e:cb:7f:19:4b:61:85:5e:d7:b9:67:af:43:47:af:b1:
59:a6:b2:df:f0:15:4c:b4:50:9c:a3:aa:c9:31:11:e9:1d:ba:
14:7b:87:25:f2:13:a7:5e:95:2d:83:2b:2f:ca:d4:fd:48:9b:
e3:b4:6c:28:3e:ec:47:f6:54:05:6f:66:55:20:7f:2d:a6:b5:
1b:a0:55:1d:a8:4a:2d:8c:b4:09:f5:cc:4b:65:62:e0:e4:42:
2c:66:a7:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKMT0ZtNzOTPrAOy2vQ5Rk0BaNKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDYwMDAwMDBaFw0yNTAxMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYTY4NjQzYTFkMTYzM2RjMzQ4NjIwMWJmZGU1MTJhYWYzODNhMTU0NTk0
MTRlNGVlMzYzMTM4NTk1ZmU5ZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK22HWNGzHlu1Pj+IOoKt+oRKJ7x6I9i2ZWHqOXVihaR8SKrFMgWf7Jmb3pR
RxPYbCyMS2AHu47yeuAqKIPPo/EczMphX5v4Rvk5D192Nb0HyMrTMx3VIAB7rjnO
qc3ZK1xmoZ/qbbAOkROAWPp0lsSqYb4LVF07lwj9JNz6PQIkdv54fjBPrQRvkBX8
A1nn9qVQSMmc5Kkf04CwznPLIkCzGfENkaXX71vCts6Ht+QzhG3RFuDmp3VnKvcw
L9uKaJCM8RdPTDa8vhfzZAhLQQBmZ5CGtg5kH4Dr7oU4IT1jFwzJv4jkFO9S0XHk
+g66+MR3aIpgaBYJzz574pX/ve0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhJTFV
uos4zHtIPzzVnnp3Ih1e5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjc2YjI0NTAtNTA4OC00NWQ0LWE5ZjMtM2MwZTA5MjkxOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQBy3rX7E2ZoXCXJ1oBJXT+5yxPLlD2IS4ysh8X+1NEQ
xC11mAW74uIc+MEkFH9rFs78N78g5VbyoeI6aOYzjFP7KSVRuOQBOLU8cLz7y7Tk
+XAjIVnKwOavNK9wVNg1rRqNWUSeAf9/CZLzmdxRT9QOrVCMsG0+zuLA/Mcm3m8D
ka6Caq6vw2f/FoauDT8/xUhgPy3yDOj9yL5RndWixkgviZKReI7LfxlLYYVe17ln
r0NHr7FZprLf8BVMtFCco6rJMRHpHboUe4cl8hOnXpUtgysvytT9SJvjtGwoPuxH
9lQFb2ZVIH8tprUboFUdqEotjLQJ9cxLZWLg5EIsZqeZ
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net