Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
File: bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa (raw, json)
Hash identifier: 978FAarguA14mm741WblQrzIZhCQuXFAnfaKQXp5Ud0=
Subject key identifier: 90:FF:0B:16:54:38:B6:26:EF:CC:AF:D6:71:C7:9E:66:F2:7B:3E:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0224C2FABA64A1960CE0AE5CA94AB7D4846F3466
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:24:c2:fa:ba:64:a1:96:0c:e0:ae:5c:a9:4a:b7:d4:84:6f:34:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=17cc86cb51e8de98459d1e7d897a2aefbc4ef222efec693de78a9fa9b4d99d8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:70:5d:c2:3e:2b:36:27:89:78:f4:bf:fb:40:
66:de:20:4d:b7:1b:56:c1:95:d2:5f:f9:1c:c3:6c:
38:d4:24:db:71:c7:bf:61:0f:ed:0f:67:a8:d0:61:
84:06:89:11:9f:f5:23:d6:12:d9:82:70:41:5a:b9:
6e:06:87:e0:e7:3a:20:3d:2c:9e:11:1b:af:08:ef:
ed:0d:55:87:ed:a2:ad:3d:cc:4f:81:d7:02:79:6e:
86:82:82:1f:96:de:02:a3:d9:95:09:e1:c1:84:da:
a7:f9:27:fc:1f:f5:50:a1:50:29:30:ae:18:3b:82:
13:e5:ae:12:4c:4c:59:c5:55:61:61:73:fd:7a:fd:
f2:e4:ef:63:fc:93:c3:9b:61:b2:24:e5:e7:1e:b8:
99:da:cf:3e:34:60:a9:3d:b3:74:12:d9:2a:b5:da:
c3:c8:71:e3:c7:56:10:9e:bd:eb:4b:c5:86:cd:39:
89:51:c2:5f:35:3b:bd:cf:2c:81:da:c0:73:4e:3b:
4d:77:1b:e0:c9:e3:81:8e:29:c6:c0:8a:a7:22:f1:
b1:c1:f1:03:3e:08:b5:a9:9f:f0:20:67:7e:e0:5c:
82:92:ef:84:1a:2f:e5:6c:5a:74:6d:40:81:5f:36:
bd:6e:54:7d:20:09:31:62:4c:15:45:87:e6:af:eb:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FF:0B:16:54:38:B6:26:EF:CC:AF:D6:71:C7:9E:66:F2:7B:3E:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1b:c2:1a:cb:f3:33:62:ac:7c:5c:35:04:ae:2c:e4:c1:30:a3:
e2:7c:3a:92:38:b9:e7:de:d9:fb:5b:6e:85:dc:75:57:09:1f:
ca:88:cb:9a:f7:d3:97:c3:61:40:bc:e7:8c:56:98:47:2d:7e:
ec:53:ca:29:5b:c1:79:ee:c9:54:57:a9:be:7e:d4:8a:e3:06:
58:0b:d0:52:2e:29:10:8b:aa:2e:6b:e9:9c:dd:08:50:b5:d8:
cf:e9:b8:d5:1f:a9:53:e1:07:91:b4:2f:45:24:72:24:af:54:
77:04:7e:1c:f5:0f:19:01:4f:b3:a4:8f:96:13:99:72:67:d2:
3c:dc:69:61:6c:df:32:a4:fa:f8:b3:f3:fc:4f:7e:74:d6:f5:
d8:ee:e4:4a:3c:48:8f:39:ef:bc:81:da:3b:4e:f6:8e:17:b8:
30:42:af:b0:6b:ce:b6:f0:3b:1e:55:15:7b:ea:06:4b:42:17:
12:1f:25:69:77:b3:6d:83:b8:7c:01:4b:22:71:a0:30:a0:36:
94:b1:7f:ed:7e:0f:c4:c4:3e:ed:a6:9b:17:a5:62:fb:a9:2e:
5d:0d:4d:6f:46:19:be:68:6e:05:75:5a:bc:5f:1a:b2:82:42:
36:40:34:62:02:79:18:b3:f4:ee:1a:1e:d7:06:ad:cc:40:98:
6b:cd:94:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAiTC+rpkoZYM4K5cqUq31IRvNGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3Y2M4NmNiNTFlOGRlOTg0NTlkMWU3ZDg5N2EyYWVmYmM0ZWYyMjJlZmVj
NjkzZGU3OGE5ZmE5YjRkOTlkOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhwXcI+KzYniXj0v/tAZt4gTbcbVsGV0l/5HMNsONQk23HHv2EP7Q9nqNBh
hAaJEZ/1I9YS2YJwQVq5bgaH4Oc6ID0snhEbrwjv7Q1Vh+2irT3MT4HXAnluhoKC
H5beAqPZlQnhwYTap/kn/B/1UKFQKTCuGDuCE+WuEkxMWcVVYWFz/Xr98uTvY/yT
w5thsiTl5x64mdrPPjRgqT2zdBLZKrXaw8hx48dWEJ6960vFhs05iVHCXzU7vc8s
gdrAc047TXcb4MnjgY4pxsCKpyLxscHxAz4Itamf8CBnfuBcgpLvhBov5WxadG1A
gV82vW5UfSAJMWJMFUWH5q/rsdECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQ/wsW
VDi2Ju/Mr9Zxx55m8ns+azAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmMyZjRmOWYtNjJhYi00ZDUzLTg5NWMtMjI0NjlmNWNiZWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAbwhrL8zNirHxcNQSuLOTBMKPifDqSOLnn3tn7W26F
3HVXCR/KiMua99OXw2FAvOeMVphHLX7sU8opW8F57slUV6m+ftSK4wZYC9BSLikQ
i6oua+mc3QhQtdjP6bjVH6lT4QeRtC9FJHIkr1R3BH4c9Q8ZAU+zpI+WE5lyZ9I8
3GlhbN8ypPr4s/P8T3501vXY7uRKPEiPOe+8gdo7TvaOF7gwQq+wa8628DseVRV7
6gZLQhcSHyVpd7Ntg7h8AUsicaAwoDaUsX/tfg/ExD7tppsXpWL7qS5dDU1vRhm+
aG4FdVq8XxqygkI2QDRiAnkYs/TuGh7XBq3MQJhrzZTY
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net