Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
File: bd71a746-3cc9-4570-bf5d-cc70358205b8.roa (raw, json)
Hash identifier: syNMrDSC5kuLX0by1EnE3ywNxdgK+/blN1Xj86V8hX8=
Subject key identifier: E2:8D:55:28:E7:E1:B8:64:E1:D0:CD:2C:C0:88:D0:5F:EF:6D:69:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2926F9B4C8280AF08656A66EF2CCF59D45277EA8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:26:f9:b4:c8:28:0a:f0:86:56:a6:6e:f2:cc:f5:9d:45:27:7e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=27ecd069c70422069988620e2498c6cc41de66f3d43a2a8140da50f188b8fb23, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8f:9c:9f:be:b9:a9:0e:de:a6:00:db:78:8d:
81:e5:8a:1f:c0:bc:eb:13:54:e8:9c:f6:8f:0b:29:
e4:92:98:d4:13:65:5e:c4:eb:51:18:dd:39:8e:11:
36:5c:05:41:30:17:9a:36:cc:8b:d4:08:dc:33:5e:
dd:2c:19:31:1a:7b:5c:2c:5a:d3:3e:de:63:eb:3a:
bf:be:ff:66:d0:d9:9f:8c:29:15:74:eb:15:c4:19:
90:21:42:91:62:ea:68:12:d3:e5:42:67:65:a0:eb:
5c:b0:12:1d:65:d7:4b:4b:63:0a:ac:2f:59:fc:81:
be:4d:7b:a8:c0:cc:56:01:32:fb:9d:0a:46:10:cd:
7a:92:d5:11:a2:9e:38:02:96:8f:4d:02:d5:50:ab:
c9:7c:d6:c7:44:19:e6:73:27:01:bc:4e:6d:d4:3c:
1d:7a:d1:7f:30:ea:c7:f6:7e:19:7e:7f:c0:8e:29:
e6:88:8b:73:af:8c:cd:3f:c1:22:22:dd:87:5b:55:
1a:89:3c:8e:c0:39:2c:f0:14:79:d9:69:7c:6f:da:
df:b0:ce:bb:2a:fd:86:d6:a8:ad:23:97:b1:59:35:
75:4e:18:80:88:94:d6:44:96:8d:3d:93:02:96:0a:
7d:65:66:d9:2c:c0:15:c9:58:7e:07:38:5d:79:f9:
40:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8D:55:28:E7:E1:B8:64:E1:D0:CD:2C:C0:88:D0:5F:EF:6D:69:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
81:7c:b3:5c:85:29:52:99:dd:03:e2:85:61:f4:b3:1a:5a:46:
6e:10:ac:41:fd:87:d1:f2:09:5c:6d:1d:b3:e3:11:15:d3:c5:
29:39:2e:ce:d3:3d:a9:5b:cc:18:c0:9b:87:4b:cf:91:90:19:
7e:37:be:f5:5a:97:84:5b:cb:46:7f:a1:37:c4:d3:c6:14:13:
8d:15:f7:82:87:b4:34:fa:fd:af:0c:a8:1b:18:f2:cc:e7:7d:
0a:41:c4:c1:b4:3b:3e:81:44:a3:23:53:d5:aa:ed:97:77:e8:
fa:6a:f1:63:24:68:e3:fb:4f:e6:8b:b1:ff:3f:bd:81:4d:5a:
ed:b1:65:b3:ea:8e:f0:bb:a0:8b:cc:14:b9:4e:44:fa:c2:ee:
9f:a4:8c:ab:1e:19:9c:87:0a:bb:64:08:5e:1c:ef:25:ac:c9:
f0:65:d0:63:18:e1:ed:4f:29:c9:24:ee:16:b4:e4:68:92:6e:
19:f9:ca:b9:27:6c:b5:55:e6:78:34:f0:ae:79:78:be:57:5d:
82:5c:14:66:c1:2d:d1:e7:08:c5:92:ef:ef:0b:bf:43:aa:97:
26:83:9f:1f:7f:c7:c2:cf:fd:04:2f:05:e7:3d:88:ea:60:9f:
3e:aa:7e:8f:03:ba:df:19:1a:35:f6:f1:72:ea:f0:71:18:a6:
d6:23:1e:a4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKSb5tMgoCvCGVqZu8sz1nUUnfqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ZWNkMDY5YzcwNDIyMDY5OTg4NjIwZTI0OThjNmNjNDFkZTY2ZjNkNDNh
MmE4MTQwZGE1MGYxODhiOGZiMjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuPnJ++uakO3qYA23iNgeWKH8C86xNU6Jz2jwsp5JKY1BNlXsTrURjdOY4R
NlwFQTAXmjbMi9QI3DNe3SwZMRp7XCxa0z7eY+s6v77/ZtDZn4wpFXTrFcQZkCFC
kWLqaBLT5UJnZaDrXLASHWXXS0tjCqwvWfyBvk17qMDMVgEy+50KRhDNepLVEaKe
OAKWj00C1VCryXzWx0QZ5nMnAbxObdQ8HXrRfzDqx/Z+GX5/wI4p5oiLc6+MzT/B
IiLdh1tVGok8jsA5LPAUedlpfG/a37DOuyr9htaorSOXsVk1dU4YgIiU1kSWjT2T
ApYKfWVm2SzAFclYfgc4XXn5QCsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTijVUo
5+G4ZOHQzSzAiNBf721ppzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmQ3MWE3NDYtM2NjOS00NTcwLWJmNWQtY2M3MDM1ODIwNWI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAgXyzXIUpUpndA+KFYfSzGlpGbhCsQf2H0fIJXG0d
s+MRFdPFKTkuztM9qVvMGMCbh0vPkZAZfje+9VqXhFvLRn+hN8TTxhQTjRX3goe0
NPr9rwyoGxjyzOd9CkHEwbQ7PoFEoyNT1artl3fo+mrxYyRo4/tP5oux/z+9gU1a
7bFls+qO8Lugi8wUuU5E+sLun6SMqx4ZnIcKu2QIXhzvJazJ8GXQYxjh7U8pySTu
FrTkaJJuGfnKuSdstVXmeDTwrnl4vlddglwUZsEt0ecIxZLv7wu/Q6qXJoOfH3/H
ws/9BC8F5z2I6mCfPqp+jwO63xkaNfbxcurwcRim1iMepA==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net