Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa
File: ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa (raw, json)
Hash identifier: S+xuDrU6buUip44L066T5OT6/fdJmWMlg+GN/GTagps=
Subject key identifier: 0D:84:A7:EB:77:22:F4:59:AC:91:51:B1:04:44:CB:48:32:EE:70:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C20AAAFB2240051FCA8EFE9BEF7F3C6FBA0AE7D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:20:aa:af:b2:24:00:51:fc:a8:ef:e9:be:f7:f3:c6:fb:a0:ae:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=7f3205410fedb84a1158621a91be743521b5eab370335e4231392b118084b446, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:92:06:49:c7:64:07:c8:1d:60:2a:04:ec:ac:
b8:85:a7:e7:28:55:0e:83:15:7a:49:df:4c:72:7e:
25:1e:8c:bd:97:67:2c:d6:74:b5:c0:f1:6d:f6:70:
a4:d4:8c:ce:aa:33:e0:4d:8d:53:1c:51:ea:80:73:
15:88:91:61:a1:6b:cd:57:ac:86:00:3e:19:84:1d:
fd:ea:50:cd:3c:02:08:69:4b:26:03:9f:a7:e2:44:
86:03:5e:e9:f8:b2:8a:aa:fe:f2:a2:d2:82:01:eb:
f3:89:b7:ea:63:10:12:d3:31:30:27:95:a0:a4:0b:
4d:ba:23:bb:21:6c:43:ed:dc:56:10:d8:06:a0:a6:
75:bd:94:9e:8f:39:5d:68:d1:c9:8a:85:22:5c:bb:
83:81:3a:17:65:f4:01:7f:17:c7:07:5b:95:86:17:
ba:f1:0b:55:28:37:c0:64:8d:ed:30:5e:db:fc:10:
d1:d3:a0:41:11:30:a4:af:59:5f:3c:48:c1:4a:99:
c5:e9:a8:21:2c:8c:2d:22:ae:b2:0e:c2:67:0a:85:
11:87:ba:b3:bf:98:a0:9a:c3:3e:4c:0c:72:ae:34:
41:34:32:cf:40:f7:14:2f:f9:d5:e6:3d:02:6c:a6:
ed:fa:ab:d7:a5:2f:ad:24:ab:56:90:2e:40:e5:7c:
66:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:84:A7:EB:77:22:F4:59:AC:91:51:B1:04:44:CB:48:32:EE:70:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:89:3d:74:09:c0:a0:11:2c:ba:7c:a3:cf:ac:b8:30:5d:cd:
98:9a:d2:dc:9c:13:91:82:6f:61:ce:86:2b:99:a7:a0:9e:af:
b7:58:16:dc:2f:46:b0:2e:97:38:61:22:1d:f9:44:71:76:77:
0f:e4:0f:62:58:42:99:b6:b2:40:e4:cd:a7:a2:42:4f:f2:a3:
8e:65:97:1a:27:03:ea:12:96:74:07:b7:8f:d8:2a:cb:20:85:
bc:df:bd:fb:76:27:63:6d:e9:8a:f6:8c:68:96:04:ce:f2:de:
70:a0:cd:54:8a:0f:90:5f:28:4e:69:c0:01:19:c4:5e:3a:19:
a1:aa:a9:43:b4:7d:6c:00:94:cf:d3:e2:7e:a9:6e:a3:a6:af:
ad:de:f6:de:bd:65:a8:bf:80:5c:69:ce:a6:b8:fa:ee:22:2b:
92:7b:2c:8d:aa:68:58:4a:0e:61:58:a2:a8:22:b1:c1:2e:75:
e9:dd:b8:17:c0:54:df:08:a4:9e:0d:8c:cc:d7:82:fb:c9:4d:
b7:fb:02:8d:48:8b:32:2f:d7:4c:fe:a1:50:13:00:9f:ac:af:
46:0a:03:63:74:5f:60:97:64:41:75:69:7f:f6:27:e9:c8:55:
98:3b:fb:4b:c0:39:51:21:db:8e:4f:7c:48:5b:9a:ba:dc:dd:
74:e5:5a:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTCCqr7IkAFH8qO/pvvfzxvugrn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMzIwNTQxMGZlZGI4NGExMTU4NjIxYTkxYmU3NDM1MjFiNWVhYjM3MDMz
NWU0MjMxMzkyYjExODA4NGI0NDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeSBknHZAfIHWAqBOysuIWn5yhVDoMVeknfTHJ+JR6MvZdnLNZ0tcDxbfZw
pNSMzqoz4E2NUxxR6oBzFYiRYaFrzVeshgA+GYQd/epQzTwCCGlLJgOfp+JEhgNe
6fiyiqr+8qLSggHr84m36mMQEtMxMCeVoKQLTbojuyFsQ+3cVhDYBqCmdb2Uno85
XWjRyYqFIly7g4E6F2X0AX8XxwdblYYXuvELVSg3wGSN7TBe2/wQ0dOgQREwpK9Z
XzxIwUqZxemoISyMLSKusg7CZwqFEYe6s7+YoJrDPkwMcq40QTQyz0D3FC/51eY9
Amym7fqr16UvrSSrVpAuQOV8ZhECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNhKfr
dyL0WayRUbEERMtIMu5w5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmE2OGZlZGMtYzlhZS00NjA1LThhYzUtM2I3ZTViODVlZmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQALiT10CcCgESy6fKPPrLgwXc2YmtLcnBORgm9hzoYr
maegnq+3WBbcL0awLpc4YSId+URxdncP5A9iWEKZtrJA5M2nokJP8qOOZZcaJwPq
EpZ0B7eP2CrLIIW83737didjbemK9oxolgTO8t5woM1Uig+QXyhOacABGcReOhmh
qqlDtH1sAJTP0+J+qW6jpq+t3vbevWWov4Bcac6muPruIiuSeyyNqmhYSg5hWKKo
IrHBLnXp3bgXwFTfCKSeDYzM14L7yU23+wKNSIsyL9dM/qFQEwCfrK9GCgNjdF9g
l2RBdWl/9ifpyFWYO/tLwDlRIduOT3xIW5q63N105VoO
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net