Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
File: c63a942e-d503-44eb-93c8-2fd6f249002f.roa (raw, json)
Hash identifier: s/d/2CXbuqfrGfrYCY3fvHdN2gGNGFLYKr+9ZemndGo=
Subject key identifier: 1A:52:25:9A:D3:DD:2A:1F:76:DF:2D:C2:75:BC:04:4A:1F:C3:90:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2750BA9EB6B6B54F1DED5483EAD5BB77E04A05BA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:50:ba:9e:b6:b6:b5:4f:1d:ed:54:83:ea:d5:bb:77:e0:4a:05:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=2a2521287eb2799995e74c54f4b616aec76dec1a0d415601e4501660e5c78726, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d2:b7:94:d7:9c:81:74:87:4d:a6:6e:37:3a:
a2:33:20:56:c4:5f:28:6f:48:14:10:c0:33:54:ab:
2f:f7:1b:0d:6e:48:5d:11:75:c1:55:77:c5:fc:48:
27:19:32:d6:59:df:a8:b0:81:81:1a:f8:f8:c3:c7:
86:48:96:53:8d:18:bd:a3:33:2e:2b:30:6d:2f:6d:
b6:9b:c2:23:57:1c:2e:f0:f9:9e:8b:de:1b:72:f6:
9e:8b:95:0b:f8:35:3a:30:da:aa:49:4d:64:89:1a:
ab:40:b4:ba:62:bd:2d:e3:34:18:55:f9:be:5e:eb:
d9:b6:3a:00:d3:84:34:8b:f9:76:89:11:c7:0f:b4:
6c:b4:2e:cb:e0:bf:ec:f7:f6:3d:e1:e8:8a:a7:20:
00:23:49:95:8f:f5:b7:cc:47:da:6f:fc:0f:84:e6:
eb:31:a3:f7:db:ad:62:af:b2:45:09:70:26:81:c7:
04:e1:d3:fa:d8:42:75:43:64:7e:21:91:49:91:a0:
6a:5c:36:f5:5e:16:ef:9e:c5:af:f1:62:eb:51:b6:
78:70:eb:85:b2:52:8e:3a:8a:84:ad:40:0d:7a:68:
b7:df:03:e0:30:0e:b8:3b:93:60:04:d2:25:a2:b5:
ca:76:e0:be:22:ca:fb:0b:7a:ff:ad:87:54:21:e8:
fe:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:52:25:9A:D3:DD:2A:1F:76:DF:2D:C2:75:BC:04:4A:1F:C3:90:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b2:cc:d0:d4:96:c9:47:83:11:72:99:41:a8:39:17:43:34:d6:
d1:1f:6f:a7:67:7b:58:41:4a:bc:ee:ee:01:97:57:f7:47:07:
2f:14:cb:b6:50:c7:dd:a8:cb:13:63:7e:09:9a:c7:fb:5d:79:
eb:2d:8a:e2:96:bb:62:9d:af:e4:87:84:27:b8:bb:7f:1c:e5:
d3:f3:dd:c5:d9:e3:c4:21:37:30:33:54:38:7a:f4:db:f3:4e:
9e:7c:b8:72:cf:8c:78:04:aa:1a:25:ed:f6:4b:c1:ed:0e:6e:
99:a5:60:81:3d:58:ab:d4:02:ea:24:c4:16:a0:a4:9a:41:d9:
25:d6:8a:c8:95:04:58:f2:57:45:61:a0:4c:10:cd:6b:00:cc:
09:97:1c:bf:25:49:b5:d6:2b:27:cc:71:4b:fe:6b:5d:44:bd:
c5:28:85:ed:46:95:d2:d9:2d:a5:df:f4:85:2b:bb:40:f0:4c:
7d:c1:a8:92:f5:96:4d:cb:ac:a6:2e:14:f2:c0:eb:79:a3:c2:
43:51:46:e0:e2:8b:db:6c:66:24:73:cd:78:c5:85:15:cc:b1:
0b:09:fa:4d:88:3e:99:df:33:ff:da:62:43:06:1d:16:20:c5:
fc:77:46:37:03:23:6a:03:f1:03:da:9a:93:45:e1:1b:31:d3:
4f:0b:84:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ1C6nra2tU8d7VSD6tW7d+BKBbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhMjUyMTI4N2ViMjc5OTk5NWU3NGM1NGY0YjYxNmFlYzc2ZGVjMWEwZDQx
NTYwMWU0NTAxNjYwZTVjNzg3MjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDSt5TXnIF0h02mbjc6ojMgVsRfKG9IFBDAM1SrL/cbDW5IXRF1wVV3xfxI
Jxky1lnfqLCBgRr4+MPHhkiWU40YvaMzLiswbS9ttpvCI1ccLvD5noveG3L2nouV
C/g1OjDaqklNZIkaq0C0umK9LeM0GFX5vl7r2bY6ANOENIv5dokRxw+0bLQuy+C/
7Pf2PeHoiqcgACNJlY/1t8xH2m/8D4Tm6zGj99utYq+yRQlwJoHHBOHT+thCdUNk
fiGRSZGgalw29V4W757Fr/Fi61G2eHDrhbJSjjqKhK1ADXpot98D4DAOuDuTYATS
JaK1ynbgviLK+wt6/62HVCHo/q8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQaUiWa
090qH3bfLcJ1vARKH8OQzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzYzYTk0MmUtZDUwMy00NGViLTkzYzgtMmZkNmYyNDkwMDJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCyzNDUlslHgxFymUGoORdDNNbRH2+nZ3tYQUq87u4B
l1f3RwcvFMu2UMfdqMsTY34Jmsf7XXnrLYrilrtina/kh4QnuLt/HOXT893F2ePE
ITcwM1Q4evTb806efLhyz4x4BKoaJe32S8HtDm6ZpWCBPVir1ALqJMQWoKSaQdkl
1orIlQRY8ldFYaBMEM1rAMwJlxy/JUm11isnzHFL/mtdRL3FKIXtRpXS2S2l3/SF
K7tA8Ex9waiS9ZZNy6ymLhTywOt5o8JDUUbg4ovbbGYkc814xYUVzLELCfpNiD6Z
3zP/2mJDBh0WIMX8d0Y3AyNqA/ED2pqTReEbMdNPC4QK
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net