Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2561b6b-625a-4201-a629-d003cd150890.roa
File: d2561b6b-625a-4201-a629-d003cd150890.roa (raw, json)
Hash identifier: N1jcZMS8rFjpGGFwo6m1Z6DN/PCLE47Bx871vvK7gS8=
Subject key identifier: 45:0B:95:D7:11:58:BF:F1:54:C3:90:20:48:5F:DF:6A:E5:64:52:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 539F42D0AD71677DDB7AC248E507107DBB7D0355
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2561b6b-625a-4201-a629-d003cd150890.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:9f:42:d0:ad:71:67:7d:db:7a:c2:48:e5:07:10:7d:bb:7d:03:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=322234c56959e1cc3810e14c23741538b596c06189a599ecc67f9794af01da84, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:fe:37:c4:72:ca:ab:cf:3f:c9:d6:65:40:
8d:bb:7d:50:0c:9b:ef:42:c8:6a:f4:6b:d4:1c:2b:
e8:69:6e:4f:38:13:9b:f2:48:12:fd:ac:ce:28:b2:
6d:52:43:0c:c6:3d:cb:a2:99:ed:31:b9:b4:ad:56:
de:a2:0c:16:6f:36:86:a5:ad:33:89:fb:12:aa:f4:
dc:37:99:79:f0:ec:f8:4e:fc:bc:58:15:aa:9f:47:
fa:76:b7:5b:90:95:dd:c9:1f:2a:ab:5d:a7:49:08:
22:c2:ef:fd:32:8c:a0:e3:e9:9a:77:63:ef:32:9f:
5f:45:82:5c:da:2e:67:9c:5f:b0:f3:4f:a3:8a:24:
41:a3:bf:aa:c1:ae:e1:6c:7d:20:d1:a6:2f:33:1a:
c9:42:b5:e9:0f:e2:c7:51:79:b2:e3:5e:96:e4:82:
5d:b9:af:cb:c6:c8:65:75:e8:cc:d6:6c:86:0b:b7:
cb:16:f4:44:8c:59:cf:30:a8:90:27:8e:66:26:00:
0b:ec:4e:a1:34:e9:a3:7f:a5:af:b8:88:c9:f7:87:
29:4f:9d:20:b0:34:53:2d:5b:e8:d0:66:48:e7:53:
8d:9f:ba:ea:7f:d7:29:0f:bc:8a:56:4e:67:86:13:
80:4a:ad:20:29:b2:f5:95:95:8e:0b:19:40:d5:57:
5a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0B:95:D7:11:58:BF:F1:54:C3:90:20:48:5F:DF:6A:E5:64:52:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2561b6b-625a-4201-a629-d003cd150890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:00:14:b3:92:38:f9:0d:cc:42:98:36:38:92:de:c4:b1:44:
31:2f:fa:44:64:d0:e6:37:1b:50:4d:d9:11:8f:33:cb:db:1f:
e7:97:c0:92:7b:e9:33:8f:60:8b:e4:71:1e:29:ef:7f:1e:6c:
46:4c:10:0b:20:c4:2d:bf:7f:f6:ca:c5:ac:5b:6a:55:bf:62:
1f:dc:13:72:7b:62:cc:fb:8e:35:a1:7f:c3:20:8a:ee:f5:3b:
69:ce:75:9e:19:aa:82:21:4d:81:1f:7d:4d:3d:86:7a:14:fe:
3a:fe:11:4b:e2:4f:a2:ff:8c:2b:3c:a8:5d:f3:8a:5e:29:1a:
4e:f7:06:f6:bb:33:ce:9b:29:1a:2d:93:e7:70:61:fa:a3:72:
a4:f5:d1:22:8c:ef:94:a1:c8:35:26:12:dc:c1:54:59:d4:95:
a8:03:11:12:14:83:26:13:29:5b:0f:5f:30:36:07:be:5d:1c:
76:9f:ea:4d:91:63:4c:30:1f:6c:4b:03:5f:b9:51:69:f2:08:
28:f8:3e:e3:5a:93:f4:04:99:e2:48:a1:53:17:a9:32:00:d4:
7b:1c:f4:5e:45:3d:1d:90:bc:65:52:0a:fa:f5:99:af:4a:45:
de:53:51:e7:4b:28:b0:0e:cf:b7:f3:d7:0e:f0:d9:ca:47:6e:
69:28:5d:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU59C0K1xZ33besJI5QcQfbt9A1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyMjIzNGM1Njk1OWUxY2MzODEwZTE0YzIzNzQxNTM4YjU5NmMwNjE4OWE1
OTllY2M2N2Y5Nzk0YWYwMWRhODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdn/jfEcsqrzz/J1mVAjbt9UAyb70LIavRr1Bwr6GluTzgTm/JIEv2sziiy
bVJDDMY9y6KZ7TG5tK1W3qIMFm82hqWtM4n7Eqr03DeZefDs+E78vFgVqp9H+na3
W5CV3ckfKqtdp0kIIsLv/TKMoOPpmndj7zKfX0WCXNouZ5xfsPNPo4okQaO/qsGu
4Wx9INGmLzMayUK16Q/ix1F5suNeluSCXbmvy8bIZXXozNZshgu3yxb0RIxZzzCo
kCeOZiYAC+xOoTTpo3+lr7iIyfeHKU+dILA0Uy1b6NBmSOdTjZ+66n/XKQ+8ilZO
Z4YTgEqtICmy9ZWVjgsZQNVXWgkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRFC5XX
EVi/8VTDkCBIX99q5WRSMTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI1NjFiNmItNjI1YS00MjAxLWE2MjktZDAwM2NkMTUwODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQDIABSzkjj5DcxCmDY4kt7EsUQxL/pEZNDmNxtQTdkR
jzPL2x/nl8CSe+kzj2CL5HEeKe9/HmxGTBALIMQtv3/2ysWsW2pVv2If3BNye2LM
+441oX/DIIru9TtpznWeGaqCIU2BH31NPYZ6FP46/hFL4k+i/4wrPKhd84peKRpO
9wb2uzPOmykaLZPncGH6o3Kk9dEijO+Uocg1JhLcwVRZ1JWoAxESFIMmEylbD18w
Nge+XRx2n+pNkWNMMB9sSwNfuVFp8ggo+D7jWpP0BJniSKFTF6kyANR7HPReRT0d
kLxlUgr69ZmvSkXeU1HnSyiwDs+389cO8NnKR25pKF09
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:40 2024 by rpki-client on console.sobornost.net