Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
File: c64c4a95-84a7-4a8b-8228-9d83b2456072.roa (raw, json)
Hash identifier: HkpFDJEVozjOgWlbGoL4dv5Tj37ZuCrxscdNON8T5N0=
Subject key identifier: D2:C8:00:60:0F:DB:73:D1:22:AC:EE:04:F0:BE:0D:78:AA:32:4D:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 768CF12DB0660B20ABC9B43F30467000133E37DE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
Signing time: Mon 02 Sep 2024 00:00:00 +0000
ROA not before: Mon 02 Sep 2024 00:00:00 +0000
ROA not after: Mon 07 Oct 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:8c:f1:2d:b0:66:0b:20:ab:c9:b4:3f:30:46:70:00:13:3e:37:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 2 00:00:00 2024 GMT
Not After : Oct 7 23:59:59 2024 GMT
Subject: serialNumber=eb2c9a65a9ebad176ec478a4e58dc13e76bb3c6eac5493fc8c5b09c0d006548f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4a:76:47:1f:f7:45:5e:38:b3:33:61:d5:ac:
89:2d:70:b7:8e:c9:b6:7e:ec:80:09:06:b0:e2:7a:
eb:54:3b:c3:96:08:39:95:ae:77:8a:39:c5:30:01:
5d:4c:20:be:fc:af:14:fe:b6:56:42:c2:54:7e:c1:
f4:13:db:cc:c4:23:00:5a:4d:a9:6c:09:7b:7d:f8:
e5:57:85:ce:00:68:e6:63:a3:8d:e3:91:d5:3a:62:
bd:b5:e5:a8:a2:41:22:7d:66:06:7e:7b:59:96:a4:
af:ab:52:a7:7f:97:92:78:85:65:2f:c3:3d:1c:d3:
44:be:d5:63:18:45:df:28:a0:fc:f5:1d:ec:d9:fb:
a9:10:ea:b4:25:fe:63:22:9b:25:c9:b3:6d:7b:e2:
1d:4c:b5:5a:63:d9:5a:b7:38:5d:1c:75:95:96:19:
3b:e4:1a:87:31:fc:f7:aa:25:35:02:9a:8d:76:9e:
39:6c:1a:b3:b4:a2:1f:8b:28:11:31:06:83:f9:6e:
94:e0:7d:97:bf:18:fc:d2:b4:8a:fc:8e:f8:74:39:
04:19:02:c3:30:49:45:4d:a0:bf:24:9e:db:7c:ec:
d7:d3:be:b7:63:fc:e4:91:7a:c0:27:05:1f:33:7c:
f9:91:ea:a5:4e:30:1e:c4:45:33:d6:9a:ca:55:96:
36:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C8:00:60:0F:DB:73:D1:22:AC:EE:04:F0:BE:0D:78:AA:32:4D:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
d0:51:cc:71:48:d4:0f:11:13:ea:df:a2:2c:3d:df:c0:94:f1:
cf:80:d6:34:45:84:71:89:19:f2:a0:eb:f6:5d:dd:23:fe:43:
d6:ad:f2:89:f4:40:05:7e:35:66:22:0b:99:7a:7d:9d:cb:5b:
f2:e5:c2:80:2b:24:e0:8b:ea:55:a0:6f:6a:a2:e1:c3:a7:91:
51:95:33:2c:28:fa:85:a6:20:c3:45:38:28:c4:15:bb:14:46:
f5:7c:90:35:3b:01:12:09:d4:6e:65:66:c0:65:ac:3b:66:b9:
4f:c6:cb:5a:ba:0f:55:34:4a:09:be:a4:fa:e0:73:c4:45:5f:
89:5c:6a:0b:2b:2f:db:47:8d:15:8b:39:c0:e5:0c:91:68:d5:
03:d4:40:43:43:2f:1e:ed:c4:ef:86:4d:38:67:ff:7e:73:e3:
bc:09:49:e3:c7:15:d2:15:81:39:2c:e7:a2:a7:83:e3:d9:b8:
1d:26:64:48:7a:14:62:a8:2d:b8:b0:57:de:62:d8:11:ca:d1:
02:e6:80:e6:3b:73:89:14:70:8b:4e:03:91:88:2a:e7:f7:2c:
7f:8c:87:37:13:59:9a:b6:a6:6b:77:6d:9a:7c:0c:52:a7:7e:
e4:b5:ab:16:e4:5b:5e:bb:b8:de:ac:e7:ec:78:a7:b3:3a:f4:
ee:e7:f0:3f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdozxLbBmCyCrybQ/MEZwABM+N94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MDIwMDAwMDBaFw0yNDEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMmM5YTY1YTllYmFkMTc2ZWM0NzhhNGU1OGRjMTNlNzZiYjNjNmVhYzU0
OTNmYzhjNWIwOWMwZDAwNjU0OGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBKdkcf90VeOLMzYdWsiS1wt47Jtn7sgAkGsOJ661Q7w5YIOZWud4o5xTAB
XUwgvvyvFP62VkLCVH7B9BPbzMQjAFpNqWwJe3345VeFzgBo5mOjjeOR1TpivbXl
qKJBIn1mBn57WZakr6tSp3+XkniFZS/DPRzTRL7VYxhF3yig/PUd7Nn7qRDqtCX+
YyKbJcmzbXviHUy1WmPZWrc4XRx1lZYZO+QahzH896olNQKajXaeOWwas7SiH4so
ETEGg/lulOB9l78Y/NK0ivyO+HQ5BBkCwzBJRU2gvySe23zs19O+t2P85JF6wCcF
HzN8+ZHqpU4wHsRFM9aaylWWNgkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTSyABg
D9tz0SKs7gTwvg14qjJNpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzY0YzRhOTUtODRhNy00YThiLTgyMjgtOWQ4M2IyNDU2MDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEA0FHMcUjUDxET6t+iLD3fwJTxz4DWNEWEcYkZ8qDr
9l3dI/5D1q3yifRABX41ZiILmXp9nctb8uXCgCsk4IvqVaBvaqLhw6eRUZUzLCj6
haYgw0U4KMQVuxRG9XyQNTsBEgnUbmVmwGWsO2a5T8bLWroPVTRKCb6k+uBzxEVf
iVxqCysv20eNFYs5wOUMkWjVA9RAQ0MvHu3E74ZNOGf/fnPjvAlJ48cV0hWBOSzn
oqeD49m4HSZkSHoUYqgtuLBX3mLYEcrRAuaA5jtziRRwi04DkYgq5/csf4yHNxNZ
mrama3dtmnwMUqd+5LWrFuRbXru43qzn7Hinszr07ufwPw==
-----END CERTIFICATE-----
Generated at Fri Sep 27 20:06:51 2024 by rpki-client on console.sobornost.net