Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
File: c339f126-7fea-49c7-a129-4df9886e5309.roa (raw, json)
Hash identifier: v2U1NTV/sxFEWfxdHrjNZ3P5eOkesPRBcBNC2XHPCbQ=
Subject key identifier: 29:3B:B2:47:4E:72:4E:D8:FF:9B:38:D9:8F:C4:65:F8:C2:31:73:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6EFD765FDE188E0C8F96E5F09A264E0D45B33B83
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:fd:76:5f:de:18:8e:0c:8f:96:e5:f0:9a:26:4e:0d:45:b3:3b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=3d539b9e77ab5833958d59cb3a8e9ab88ee1e20b76acdc233f41123feff00e26, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d1:06:4e:e2:b9:7b:29:2f:f2:0d:c1:7c:d9:
63:a6:5a:48:f5:6c:ee:75:36:39:fa:db:39:01:da:
f4:1c:22:8d:8e:46:d5:8f:b9:d5:77:fd:74:7b:cf:
e5:f0:73:71:12:28:e1:af:8f:4e:5a:67:f3:1b:1e:
80:c3:69:92:a9:9e:ab:ac:2f:c4:e2:cf:10:bb:ac:
06:d8:c3:09:ab:e8:79:e6:9b:ee:df:84:32:39:3f:
79:ab:5a:f8:ec:3c:a8:97:c1:a5:84:74:cb:ae:11:
57:f6:05:e8:87:94:e5:5b:b0:27:eb:81:87:2f:46:
8a:91:8b:9a:89:11:4e:54:86:10:a7:ae:4e:d0:f3:
1d:dd:d8:48:3c:e5:40:46:85:ac:34:60:1c:3c:7f:
e7:b3:d5:c2:d3:e0:c0:e1:62:aa:ef:5c:42:c3:dc:
cb:fc:fc:e2:b6:a5:4e:e3:5a:2c:76:c4:45:67:dc:
93:9b:d2:fa:08:47:ad:fc:77:68:a3:b5:21:77:80:
45:f1:2f:02:68:9c:43:cc:84:dc:b3:e4:ee:37:79:
7d:0b:b6:03:d1:3d:52:46:de:e6:0e:ec:79:3a:e5:
c3:f8:42:cb:7b:aa:f7:96:d3:71:0d:bf:ba:fd:5f:
20:2a:f8:12:c5:e0:de:55:cd:52:fa:73:12:15:b9:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3B:B2:47:4E:72:4E:D8:FF:9B:38:D9:8F:C4:65:F8:C2:31:73:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:47:32:f8:5a:21:a8:7b:aa:b2:10:9d:7f:6b:a6:61:d5:49:
97:4a:34:56:75:dd:7d:ee:dc:4a:80:98:a2:b5:96:a8:44:fc:
23:35:45:77:66:a1:24:b8:ce:13:56:87:66:91:a7:a4:d2:40:
32:e8:b8:67:38:fe:f6:9d:1a:39:9f:e5:37:b4:09:33:2f:cc:
03:6f:59:b1:b5:0d:ed:0e:7c:98:cb:51:90:70:30:34:df:4c:
aa:59:da:40:55:c4:a1:85:10:5e:4a:20:28:03:a4:fa:95:b2:
7c:0f:c4:d0:7f:1b:22:8d:9e:c5:3b:6d:ab:fc:a0:78:39:77:
48:7f:00:be:ad:e4:a2:02:85:77:00:64:c5:25:00:47:59:f4:
5d:28:28:4f:16:87:5f:54:08:9f:11:ee:4f:d6:20:24:4e:64:
be:78:ef:a8:5e:b0:cb:8e:9e:84:31:fd:3a:25:de:c8:67:a5:
16:ed:9b:e0:66:18:6b:3a:b0:5d:e6:7b:9d:5e:d6:cb:ab:1e:
8c:78:fd:bd:da:cd:70:e0:20:2a:7e:65:9b:e2:66:c3:1a:30:
1d:df:f0:73:37:af:e9:21:62:a9:a1:da:d1:86:d4:77:1f:8c:
6d:de:ed:e3:be:61:f9:ea:f7:b1:8c:da:7c:03:a0:dd:5d:bd:
23:44:ef:63
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbv12X94YjgyPluXwmiZODUWzO4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkNTM5YjllNzdhYjU4MzM5NThkNTljYjNhOGU5YWI4OGVlMWUyMGI3NmFj
ZGMyMzNmNDExMjNmZWZmMDBlMjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPRBk7iuXspL/INwXzZY6ZaSPVs7nU2OfrbOQHa9BwijY5G1Y+51Xf9dHvP
5fBzcRIo4a+PTlpn8xsegMNpkqmeq6wvxOLPELusBtjDCavoeeab7t+EMjk/eata
+Ow8qJfBpYR0y64RV/YF6IeU5VuwJ+uBhy9GipGLmokRTlSGEKeuTtDzHd3YSDzl
QEaFrDRgHDx/57PVwtPgwOFiqu9cQsPcy/z84ralTuNaLHbERWfck5vS+ghHrfx3
aKO1IXeARfEvAmicQ8yE3LPk7jd5fQu2A9E9Ukbe5g7seTrlw/hCy3uq95bTcQ2/
uv1fICr4EsXg3lXNUvpzEhW5KpkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQpO7JH
TnJO2P+bONmPxGX4wjFzETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzMzOWYxMjYtN2ZlYS00OWM3LWExMjktNGRmOTg4NmU1MzA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAjkcy+FohqHuqshCdf2umYdVJl0o0VnXdfe7cSoCY
orWWqET8IzVFd2ahJLjOE1aHZpGnpNJAMui4Zzj+9p0aOZ/lN7QJMy/MA29ZsbUN
7Q58mMtRkHAwNN9MqlnaQFXEoYUQXkogKAOk+pWyfA/E0H8bIo2exTttq/ygeDl3
SH8Avq3kogKFdwBkxSUAR1n0XSgoTxaHX1QInxHuT9YgJE5kvnjvqF6wy46ehDH9
OiXeyGelFu2b4GYYazqwXeZ7nV7Wy6sejHj9vdrNcOAgKn5lm+JmwxowHd/wczev
6SFiqaHa0YbUdx+Mbd7t475h+er3sYzafAOg3V29I0TvYw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:40 2024 by rpki-client on console.sobornost.net