Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
File: b8f4b2da-8da0-4108-b565-e257413d5a23.roa (raw, json)
Hash identifier: 0vMqzT0TzHVoKwUPblrt9fuyNCyNUNMpTw5piAbTCP4=
Subject key identifier: 62:69:3D:1B:59:92:68:41:EF:02:C0:65:87:E9:35:10:6D:79:C1:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A8DE43EBA1D88F7E60E795EE760748F84EBBAAB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:8d:e4:3e:ba:1d:88:f7:e6:0e:79:5e:e7:60:74:8f:84:eb:ba:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=b8996cfc03e315f0bf84436d8b94bbbc1440628e47106aed06bb9b47720c5b9b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:66:ee:09:ef:4b:a2:2b:d1:b8:f9:73:e2:56:
a0:47:79:bd:04:46:df:72:1f:4e:c8:d3:e5:31:dd:
30:ee:1d:8e:b7:88:d1:f3:4a:1d:ed:d7:4d:b6:9d:
e4:ed:aa:39:31:28:4d:67:70:47:04:48:60:0b:bd:
9d:bb:48:aa:0b:fb:9a:4b:c3:ea:d1:4d:19:26:8b:
2b:7f:ba:c9:41:34:09:fc:ef:1d:64:ed:7b:af:44:
2a:68:0a:b2:bf:66:a8:b4:4c:3e:da:b6:ba:d0:29:
de:22:01:26:38:7b:d8:b9:2e:61:30:7c:00:39:e3:
fe:b6:e3:d7:b9:e0:de:a9:c0:f3:a9:70:95:80:74:
35:e0:7e:48:0b:ac:af:4d:2d:fb:cb:58:12:b2:17:
ee:9e:5e:88:76:fd:b4:f4:cf:a3:06:07:9b:7d:ce:
02:3d:57:d4:28:9b:c7:57:94:54:ab:5d:80:7c:03:
93:b2:22:4e:62:4a:6e:83:32:1a:bb:aa:8f:09:e0:
98:d7:cc:bf:c4:14:51:0f:73:de:58:00:85:62:63:
e8:3d:2f:f8:cd:fe:cf:fe:e8:f4:69:92:1c:14:38:
87:e6:13:d4:99:ab:e4:79:13:95:f2:e7:4c:d8:3c:
2d:db:38:d0:65:25:69:0e:30:d3:93:2f:0b:96:1f:
1a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:69:3D:1B:59:92:68:41:EF:02:C0:65:87:E9:35:10:6D:79:C1:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:bd:a5:a7:3f:71:9b:b1:64:aa:10:19:16:c8:04:54:de:03:
a2:ee:ec:67:55:2d:63:8c:ce:3d:c5:bf:8c:cb:f1:36:51:6c:
bd:e0:12:71:c5:76:f3:ba:2d:47:c9:2d:2b:12:c5:d0:ba:51:
81:09:c2:d8:c0:fc:86:33:45:74:b7:60:a4:d5:8d:b7:c2:0d:
6d:cc:a1:16:97:f4:b2:ae:55:a9:b4:14:b7:3e:6b:b5:ca:d8:
90:c6:4d:af:fa:70:1d:9a:74:ac:4c:c1:e6:55:7b:36:ef:df:
dc:88:6c:16:60:a8:8d:46:76:9f:f7:1d:9c:0e:91:85:7e:d1:
0f:1c:90:9c:e0:6a:0c:b2:ac:0c:a3:16:74:2b:10:39:53:9d:
4e:23:c5:ed:dd:e0:4d:cd:b2:8c:35:0e:dd:91:df:6a:fb:b9:
ff:20:c9:5f:80:67:e7:82:f6:88:45:42:63:f3:99:4c:5c:72:
09:3a:e4:0e:b6:ec:6e:38:1f:dc:49:28:16:da:de:b2:4a:9f:
63:f6:05:de:bc:6a:03:51:35:57:c8:54:7d:7b:5a:f9:f4:85:
70:0b:85:68:0a:48:47:f6:ad:39:1e:75:f8:5a:dd:83:ca:fa:
67:e2:d8:7e:c6:ab:80:4a:41:95:04:af:b0:62:6b:68:d6:8d:
50:16:47:e7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeo3kProdiPfmDnle52B0j4TruqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4OTk2Y2ZjMDNlMzE1ZjBiZjg0NDM2ZDhiOTRiYmJjMTQ0MDYyOGU0NzEw
NmFlZDA2YmI5YjQ3NzIwYzViOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpm7gnvS6Ir0bj5c+JWoEd5vQRG33IfTsjT5THdMO4djreI0fNKHe3XTbad
5O2qOTEoTWdwRwRIYAu9nbtIqgv7mkvD6tFNGSaLK3+6yUE0CfzvHWTte69EKmgK
sr9mqLRMPtq2utAp3iIBJjh72LkuYTB8ADnj/rbj17ng3qnA86lwlYB0NeB+SAus
r00t+8tYErIX7p5eiHb9tPTPowYHm33OAj1X1Cibx1eUVKtdgHwDk7IiTmJKboMy
GruqjwngmNfMv8QUUQ9z3lgAhWJj6D0v+M3+z/7o9GmSHBQ4h+YT1Jmr5HkTlfLn
TNg8Lds40GUlaQ4w05MvC5YfGhECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRiaT0b
WZJoQe8CwGWH6TUQbXnBnzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhmNGIyZGEtOGRhMC00MTA4LWI1NjUtZTI1NzQxM2Q1YTIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAPr2lpz9xm7FkqhAZFsgEVN4Dou7sZ1UtY4zOPcW/
jMvxNlFsveASccV287otR8ktKxLF0LpRgQnC2MD8hjNFdLdgpNWNt8INbcyhFpf0
sq5VqbQUtz5rtcrYkMZNr/pwHZp0rEzB5lV7Nu/f3IhsFmCojUZ2n/cdnA6RhX7R
DxyQnOBqDLKsDKMWdCsQOVOdTiPF7d3gTc2yjDUO3ZHfavu5/yDJX4Bn54L2iEVC
Y/OZTFxyCTrkDrbsbjgf3EkoFtreskqfY/YF3rxqA1E1V8hUfXta+fSFcAuFaApI
R/atOR51+Frdg8r6Z+LYfsargEpBlQSvsGJraNaNUBZH5w==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net