Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bccdd23d-b92c-4f87-ada7-26de87fddc89.roa
File: bccdd23d-b92c-4f87-ada7-26de87fddc89.roa (raw, json)
Hash identifier: K1cl5INCFt1ES2IzpgPe5soOn0H7I8x4w8VqeQDeiTg=
Subject key identifier: 72:F0:C8:12:22:A5:0C:73:C4:35:60:C3:CF:E2:27:DD:FB:9E:CB:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 223B34B2FE5F9423D3D409720B38782C86B948D1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bccdd23d-b92c-4f87-ada7-26de87fddc89.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:3b:34:b2:fe:5f:94:23:d3:d4:09:72:0b:38:78:2c:86:b9:48:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=f408c34df5b01eb9b33e7f134469e2b2f66c397e5e16ffad05af9dc2939cd00a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:57:08:44:99:96:82:b6:a4:38:f1:6e:2b:9e:
fd:f8:2e:35:00:86:9e:15:58:58:fe:ba:df:2d:e1:
48:c3:36:10:cd:39:b2:5a:ea:73:dd:66:89:d5:12:
eb:4c:44:b0:39:3a:b9:f0:7c:df:1d:c7:fe:ac:b2:
89:96:cf:88:07:50:5b:ba:d2:ca:0e:38:f3:71:72:
f5:0a:85:a4:0c:dc:d1:11:cc:51:f7:6f:37:c0:4f:
26:27:0e:fa:18:33:15:bf:04:a7:57:dd:be:e6:78:
8a:e3:6e:e5:34:8e:16:40:88:e6:01:d4:f4:5c:81:
69:44:c9:ae:69:5a:7b:3d:06:a6:82:24:b0:dc:93:
06:ec:5e:90:53:0d:67:9c:db:0f:c5:7e:70:39:3a:
0d:ee:e8:38:b7:43:81:f1:ee:81:61:70:e4:6e:f2:
d1:e8:92:6f:db:2c:a7:9f:8d:0a:a7:ec:dc:fc:8a:
6e:9b:c4:de:d7:5d:9f:92:6c:a1:21:4d:35:fd:7f:
09:06:d6:d7:3a:09:8b:84:ff:44:6a:3e:ef:aa:b7:
f6:1c:2f:d0:5a:67:c9:03:8a:7d:72:0c:5c:aa:ec:
09:16:c3:97:d3:b7:93:d6:88:bb:81:69:96:0b:fe:
59:69:ab:07:cc:f5:e8:51:fe:b5:61:37:52:07:53:
f8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F0:C8:12:22:A5:0C:73:C4:35:60:C3:CF:E2:27:DD:FB:9E:CB:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bccdd23d-b92c-4f87-ada7-26de87fddc89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
44:aa:1d:8b:f2:20:35:e3:3c:27:74:ba:fc:b5:93:a3:22:8a:
1c:c0:d8:5e:be:da:3e:fc:63:06:a6:55:33:c5:0d:6c:55:f1:
ee:5e:68:b9:84:5a:5b:bf:d5:12:28:c8:5c:bd:b8:17:95:dc:
5e:1b:26:cc:04:86:9d:e3:ae:4e:2a:47:08:95:0d:e1:b7:86:
ac:fc:dd:18:35:74:48:78:03:b5:0a:7d:0a:db:09:c1:ec:2c:
db:87:06:27:f2:df:d6:e2:20:b5:75:f1:e2:ce:e5:04:39:3d:
3b:6c:83:69:50:e2:dd:3c:10:45:2b:7b:a5:20:31:8c:c8:0d:
80:fa:65:34:be:96:4b:cb:2c:90:c2:0e:23:e0:b3:f0:54:21:
86:14:24:36:df:b3:6d:ac:b3:e3:c4:32:53:55:d0:e6:d4:09:
69:c6:aa:6d:0d:66:90:ef:31:d5:01:7b:8c:de:0f:60:56:ad:
2c:b4:92:bc:46:7f:37:48:88:02:f1:12:5c:2d:80:8f:69:6a:
2b:75:fd:3c:ae:95:48:13:73:45:63:fc:9c:68:45:12:f5:b4:
30:a6:88:ed:ab:66:32:0b:82:8e:cb:08:1a:b7:2c:5b:64:86:
51:70:95:dd:df:98:3a:33:f0:10:b9:97:ea:ff:19:98:95:58:
40:a6:c3:a4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIjs0sv5flCPT1AlyCzh4LIa5SNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MDhjMzRkZjViMDFlYjliMzNlN2YxMzQ0NjllMmIyZjY2YzM5N2U1ZTE2
ZmZhZDA1YWY5ZGMyOTM5Y2QwMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdXCESZloK2pDjxbiue/fguNQCGnhVYWP663y3hSMM2EM05slrqc91midUS
60xEsDk6ufB83x3H/qyyiZbPiAdQW7rSyg4483Fy9QqFpAzc0RHMUfdvN8BPJicO
+hgzFb8Ep1fdvuZ4iuNu5TSOFkCI5gHU9FyBaUTJrmlaez0GpoIksNyTBuxekFMN
Z5zbD8V+cDk6De7oOLdDgfHugWFw5G7y0eiSb9ssp5+NCqfs3PyKbpvE3tddn5Js
oSFNNf1/CQbW1zoJi4T/RGo+76q39hwv0FpnyQOKfXIMXKrsCRbDl9O3k9aIu4Fp
lgv+WWmrB8z16FH+tWE3UgdT+LUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRy8MgS
IqUMc8Q1YMPP4ifd+57L7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmNjZGQyM2QtYjkyYy00Zjg3LWFkYTctMjZkZTg3ZmRkYzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQBEqh2L8iA14zwndLr8tZOjIoocwNhevto+/GMGplUz
xQ1sVfHuXmi5hFpbv9USKMhcvbgXldxeGybMBIad465OKkcIlQ3ht4as/N0YNXRI
eAO1Cn0K2wnB7CzbhwYn8t/W4iC1dfHizuUEOT07bINpUOLdPBBFK3ulIDGMyA2A
+mU0vpZLyyyQwg4j4LPwVCGGFCQ237NtrLPjxDJTVdDm1AlpxqptDWaQ7zHVAXuM
3g9gVq0stJK8Rn83SIgC8RJcLYCPaWordf08rpVIE3NFY/ycaEUS9bQwpojtq2Yy
C4KOywgatyxbZIZRcJXd35g6M/AQuZfq/xmYlVhApsOk
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net