Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa
File: c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa (raw, json)
Hash identifier: XYSwGTTf/MhzC4yIr/wRz0/hRlvC2CWfzdQY3mIu2y8=
Subject key identifier: 61:B1:4E:06:CB:5B:D3:18:C7:9C:98:14:AF:D4:24:E2:76:29:F7:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AF1A7AD5D08DE6BB5D7E95E5B918A73039C9548
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:f1:a7:ad:5d:08:de:6b:b5:d7:e9:5e:5b:91:8a:73:03:9c:95:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=4c71aa947fa994018745c6fffb2e76a42fa0bc19dd686e5c6641b9fd8493dadc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:46:15:75:00:a8:d3:2d:17:8b:25:05:39:
0f:94:1c:a4:65:60:45:d3:9d:2b:84:8c:1c:03:9f:
3a:cb:29:5b:ed:ad:e1:24:32:70:a1:6e:43:d5:36:
08:b8:c1:7b:9b:71:8d:af:09:7f:7d:53:07:c8:d4:
2e:df:ae:89:a9:5f:48:19:7c:2f:8d:08:99:96:89:
82:09:b7:b4:ef:42:13:ec:86:f4:3d:7a:bf:6e:c0:
8a:23:26:69:86:54:05:ed:ce:60:df:25:bd:64:69:
29:7a:cb:d3:72:12:0f:03:7c:54:00:1e:e0:ea:31:
d0:27:06:16:5a:43:39:21:02:63:d2:0c:cb:d5:9e:
e8:81:47:ef:4f:b9:1c:f6:87:a0:99:c9:d1:36:8b:
b2:af:ce:53:0a:09:47:b6:60:1d:64:14:fb:28:7a:
55:c0:18:0c:ed:c4:7d:f5:70:1e:4c:b6:c1:5e:e6:
72:40:d5:9e:c5:57:a2:49:6f:93:ac:13:37:ea:6f:
fd:aa:eb:08:79:16:d5:0d:e0:d3:79:cb:fc:af:e3:
c3:d7:87:9e:9c:fb:dc:db:b4:fe:81:6a:dd:c7:1b:
4b:4d:4f:4c:24:d0:94:c4:b4:17:ea:ef:ae:84:84:
07:d6:d6:b0:f4:49:1f:53:d1:d0:7a:52:17:fa:96:
f3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B1:4E:06:CB:5B:D3:18:C7:9C:98:14:AF:D4:24:E2:76:29:F7:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
50:52:94:52:f4:87:d2:0f:12:c8:eb:df:67:58:6d:28:07:4f:
da:ad:b2:d4:96:c7:e7:e3:01:e0:bf:4c:c3:49:c8:e4:20:4b:
2e:c8:28:47:11:ef:07:b7:11:8d:58:13:29:92:d1:9b:51:55:
3d:09:8a:2d:1e:51:08:90:78:d9:28:96:3f:f6:a6:17:a8:d5:
cc:c1:be:55:dc:06:0b:6f:58:f1:14:99:ae:4b:53:b8:5f:1d:
f5:14:8e:05:5a:2f:95:49:76:69:69:08:31:31:1d:25:88:bf:
19:83:7c:14:9b:f4:17:8c:82:60:7e:5f:c3:03:14:86:26:e0:
cb:6b:23:97:46:6e:dc:99:72:db:98:ff:57:f9:d3:14:40:84:
36:9d:81:5e:d2:ae:c5:84:39:e5:3e:06:18:c7:e7:44:a6:0d:
b6:b3:c5:83:8a:98:00:73:de:72:5e:7b:40:93:9a:6a:3c:8e:
a4:ac:98:7f:cc:aa:33:0b:7a:77:39:32:8b:25:0f:53:12:a3:
73:3b:8d:73:e0:fb:11:53:8e:d4:c7:2d:9a:02:d9:7a:d9:c1:
7f:ae:1d:50:c5:c8:3f:34:97:22:5e:51:8c:64:f4:d6:a6:29:
02:70:e3:84:3b:3a:18:d6:e9:15:57:1b:d7:03:23:8a:bf:0c:
d4:ea:6c:35
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWvGnrV0I3mu11+leW5GKcwOclUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNzFhYTk0N2ZhOTk0MDE4NzQ1YzZmZmZiMmU3NmE0MmZhMGJjMTlkZDY4
NmU1YzY2NDFiOWZkODQ5M2RhZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/+RhV1AKjTLReLJQU5D5QcpGVgRdOdK4SMHAOfOsspW+2t4SQycKFuQ9U2
CLjBe5txja8Jf31TB8jULt+uialfSBl8L40ImZaJggm3tO9CE+yG9D16v27AiiMm
aYZUBe3OYN8lvWRpKXrL03ISDwN8VAAe4Oox0CcGFlpDOSECY9IMy9We6IFH70+5
HPaHoJnJ0TaLsq/OUwoJR7ZgHWQU+yh6VcAYDO3EffVwHky2wV7mckDVnsVXoklv
k6wTN+pv/arrCHkW1Q3g03nL/K/jw9eHnpz73Nu0/oFq3ccbS01PTCTQlMS0F+rv
roSEB9bWsPRJH1PR0HpSF/qW80kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhsU4G
y1vTGMecmBSv1CTidin3jjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzdlYmUxOWYtODQ3Ny00NzZhLTg5NGEtY2U1NWViNzJjZTRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAUFKUUvSH0g8SyOvfZ1htKAdP2q2y1JbH5+MB4L9M
w0nI5CBLLsgoRxHvB7cRjVgTKZLRm1FVPQmKLR5RCJB42SiWP/amF6jVzMG+VdwG
C29Y8RSZrktTuF8d9RSOBVovlUl2aWkIMTEdJYi/GYN8FJv0F4yCYH5fwwMUhibg
y2sjl0Zu3Jly25j/V/nTFECENp2BXtKuxYQ55T4GGMfnRKYNtrPFg4qYAHPecl57
QJOaajyOpKyYf8yqMwt6dzkyiyUPUxKjczuNc+D7EVOO1MctmgLZetnBf64dUMXI
PzSXIl5RjGT01qYpAnDjhDs6GNbpFVcb1wMjir8M1OpsNQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net