Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
File: baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa (raw, json)
Hash identifier: ywNYT9LSE4Wb2UbS3aNf5M/km7Dl329Zcst6/vtIPp8=
Subject key identifier: 46:10:53:60:6D:F7:53:57:51:20:42:95:C2:36:48:6E:35:E9:E1:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 761454AD6B2A2A340AB8A7C4137B337EB6BF2E9A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:14:54:ad:6b:2a:2a:34:0a:b8:a7:c4:13:7b:33:7e:b6:bf:2e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=5a11a3feafe96691a19b810a4dbca2ec671a8b3edfa3f9a77731c4f5e6730090, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:ce:d2:7c:bc:57:cc:8d:86:a3:23:2a:2d:
e0:96:c4:8d:18:eb:32:63:13:f5:f3:1d:e2:75:54:
74:5a:61:70:9c:d2:ba:02:0a:cd:2e:d8:71:e6:81:
2a:df:5d:3a:14:b7:b8:d4:44:1c:aa:33:07:b9:a0:
57:c3:a4:78:a7:7b:5a:21:42:5d:30:96:d8:6d:49:
60:01:dc:af:32:29:01:50:38:84:22:bd:f7:f5:52:
ed:05:23:9f:30:f6:f4:fe:12:22:a6:de:dd:7e:7a:
05:03:b0:9f:a3:8a:0e:8c:cd:e9:23:7a:b8:69:2d:
8b:7a:e9:82:a9:03:eb:15:70:08:85:92:ce:6d:22:
4c:ab:62:df:83:8e:ce:07:52:fa:50:56:bb:25:e5:
a1:b4:d9:88:54:a9:1b:6a:70:a4:79:e1:16:7f:8c:
df:b8:ef:d0:29:1b:a0:70:f3:f7:dc:25:f0:d3:df:
dc:7f:65:b6:9c:fb:e2:94:e3:7e:95:52:1c:c6:48:
45:46:97:67:eb:7f:99:be:7b:a8:99:a9:44:68:b9:
ca:a6:a1:c5:a5:bc:27:5f:a6:90:30:19:37:0a:99:
36:e2:bc:bd:79:7c:f5:35:86:b1:97:1b:30:45:d4:
cd:fa:40:ad:b7:fe:18:c9:7b:d5:d7:f7:95:cf:b2:
ca:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:10:53:60:6D:F7:53:57:51:20:42:95:C2:36:48:6E:35:E9:E1:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d8:20:b4:92:99:72:f8:8b:6e:31:c7:fb:e0:37:6a:a6:20:ac:
08:74:1c:3c:b8:5a:10:39:e2:d1:ef:58:18:55:e9:ae:f6:43:
c0:62:dc:4d:6a:92:6d:74:cd:23:f8:21:1a:5c:18:41:08:fc:
7e:41:14:f5:4f:80:9f:73:c4:8c:17:f0:39:1a:c2:e5:53:b7:
02:6d:26:a0:a5:6a:d0:2f:dd:76:5a:a1:e5:19:68:4d:7d:16:
29:45:ae:ba:f7:de:35:65:3e:ef:80:f2:6e:b2:59:94:21:39:
c6:82:a1:f2:2c:7e:a0:f3:88:a1:8d:08:f2:38:64:bc:dd:11:
3a:a0:3b:7c:bc:85:86:df:98:b8:f8:85:a3:7a:db:44:bd:5d:
be:d2:57:f6:91:ee:80:b8:ff:c1:8f:3d:e6:79:fd:01:e5:0e:
7c:4f:21:c0:df:64:7d:63:da:9d:b4:48:a2:4b:33:7e:b0:80:
47:8d:d7:05:70:51:93:fb:27:09:db:f7:f2:0d:b4:cb:1c:22:
55:01:a6:e4:c1:5b:4a:0d:28:65:f1:83:55:67:52:d3:3b:7b:
ce:41:b2:23:f4:a6:b6:9d:63:16:b3:a2:85:26:2e:81:ca:cb:
a3:f7:63:3a:7f:09:00:89:76:30:d2:c2:f0:93:19:6f:da:c2:
76:c9:98:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdhRUrWsqKjQKuKfEE3szfra/LpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhMTFhM2ZlYWZlOTY2OTFhMTliODEwYTRkYmNhMmVjNjcxYThiM2VkZmEz
ZjlhNzc3MzFjNGY1ZTY3MzAwOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIaDztJ8vFfMjYajIyot4JbEjRjrMmMT9fMd4nVUdFphcJzSugIKzS7YceaB
Kt9dOhS3uNREHKozB7mgV8OkeKd7WiFCXTCW2G1JYAHcrzIpAVA4hCK99/VS7QUj
nzD29P4SIqbe3X56BQOwn6OKDozN6SN6uGkti3rpgqkD6xVwCIWSzm0iTKti34OO
zgdS+lBWuyXlobTZiFSpG2pwpHnhFn+M37jv0CkboHDz99wl8NPf3H9ltpz74pTj
fpVSHMZIRUaXZ+t/mb57qJmpRGi5yqahxaW8J1+mkDAZNwqZNuK8vXl89TWGsZcb
MEXUzfpArbf+GMl71df3lc+yynUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGEFNg
bfdTV1EgQpXCNkhuNenhQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFhYWM1MGItZWM0Yy00MDY0LWFlNWYtOWQwYzE2ODA2ZDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQDYILSSmXL4i24xx/vgN2qmIKwIdBw8uFoQOeLR71gY
Vemu9kPAYtxNapJtdM0j+CEaXBhBCPx+QRT1T4Cfc8SMF/A5GsLlU7cCbSagpWrQ
L912WqHlGWhNfRYpRa669941ZT7vgPJuslmUITnGgqHyLH6g84ihjQjyOGS83RE6
oDt8vIWG35i4+IWjettEvV2+0lf2ke6AuP/Bjz3mef0B5Q58TyHA32R9Y9qdtEii
SzN+sIBHjdcFcFGT+ycJ2/fyDbTLHCJVAabkwVtKDShl8YNVZ1LTO3vOQbIj9Ka2
nWMWs6KFJi6Bysuj92M6fwkAiXYw0sLwkxlv2sJ2yZgV
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net