Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
File: da784055-12b4-4572-86a3-e152a8681c7c.roa (raw, json)
Hash identifier: yfpzgWPdWXnUIGtkTHMQJGgw0OAGBhTJZVI1635M7sU=
Subject key identifier: 1E:42:86:48:F4:2D:AD:2F:C4:51:06:A2:4D:80:2B:F0:9E:A3:AA:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1803B53746985C42764C3378750A819435350BE5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:03:b5:37:46:98:5c:42:76:4c:33:78:75:0a:81:94:35:35:0b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=1bc25753302700941bf258c98fb9ab775560b70e9db49ea29b4cc6789f258a98, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1c:68:4a:b2:ba:19:e4:23:53:95:63:75:9e:
8d:a4:8d:a1:d2:72:50:5a:71:40:8c:d9:41:8a:75:
c2:a9:f0:14:ec:f7:2c:ed:24:7f:3d:05:8c:a1:0a:
28:25:41:05:71:46:b6:e2:91:cf:68:20:76:ec:ba:
56:95:e2:a2:fa:a5:7e:65:6d:fa:77:88:fc:9c:63:
41:0a:00:7a:e3:a4:9f:2d:89:96:a5:4d:b1:96:e1:
d2:5f:dd:35:6e:c6:a3:e8:14:c1:8a:91:f2:e5:92:
64:42:a5:dc:9a:35:ff:4e:c7:cc:e1:37:31:60:ca:
0e:89:2f:f8:62:99:c6:b5:dd:0a:e6:fe:03:d8:fb:
ff:e8:33:2f:67:43:25:8c:79:bb:90:62:e4:56:9d:
5f:d8:74:5d:dd:0c:97:8b:5e:f4:b8:b6:ea:97:c7:
e7:aa:eb:c2:a1:b9:ed:76:a1:39:22:69:b3:b7:a3:
83:2c:39:1d:65:9c:f1:c1:5c:5b:00:13:38:85:ba:
13:1f:3e:6b:b0:cc:98:02:cb:f5:08:ac:d5:28:94:
9c:d4:50:43:6f:f4:9f:fd:76:9c:ef:33:96:7e:81:
35:0a:2a:ac:bb:dc:a9:3f:43:8a:8a:0c:46:ef:b5:
71:f9:23:04:c7:65:0d:04:16:13:38:46:a0:21:47:
90:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:42:86:48:F4:2D:AD:2F:C4:51:06:A2:4D:80:2B:F0:9E:A3:AA:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
54:12:b4:28:dc:f6:ab:3d:0d:fc:f5:44:e9:29:1c:54:08:54:
6a:30:80:38:88:22:b8:de:a0:10:37:8b:fd:66:c3:d0:01:18:
08:0a:ef:8d:29:18:0c:8d:65:2f:30:84:71:ee:50:f1:76:7a:
0c:94:c2:5d:e6:45:6c:69:b2:52:2f:5a:b3:47:d4:84:4a:ac:
18:8e:0b:b9:b0:6c:bb:cb:3f:62:2b:d5:0b:fb:27:d9:da:ba:
a4:de:bd:2a:29:a4:ea:08:d5:ec:81:91:fb:e7:37:0c:f6:5c:
a2:3e:4f:c7:e4:6d:68:46:16:9b:24:b2:6a:87:6a:cd:fc:39:
8a:99:6d:08:43:87:65:5e:62:f3:e8:dd:ee:ae:2a:44:2c:76:
cf:27:7e:a4:3c:a2:80:b0:ab:53:20:c7:53:71:2d:dd:9c:eb:
6c:3e:d6:5b:45:4b:45:63:72:f7:c2:3b:e9:00:7d:d5:8c:17:
70:a2:ac:81:86:e5:0d:c9:dd:60:22:ad:cc:39:4a:20:3f:ca:
2c:2d:a3:c0:c7:e6:de:7f:a5:3b:78:58:d9:ca:71:87:73:e5:
b5:8b:21:cd:4a:74:cb:5c:c5:b7:73:1b:73:02:40:3e:9d:c1:
f1:ce:dc:00:0e:27:8a:2b:d3:48:f3:c3:d8:e6:d8:1b:f1:3c:
c0:90:c7:5e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGAO1N0aYXEJ2TDN4dQqBlDU1C+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiYzI1NzUzMzAyNzAwOTQxYmYyNThjOThmYjlhYjc3NTU2MGI3MGU5ZGI0
OWVhMjliNGNjNjc4OWYyNThhOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOocaEqyuhnkI1OVY3WejaSNodJyUFpxQIzZQYp1wqnwFOz3LO0kfz0FjKEK
KCVBBXFGtuKRz2ggduy6VpXiovqlfmVt+neI/JxjQQoAeuOkny2JlqVNsZbh0l/d
NW7Go+gUwYqR8uWSZEKl3Jo1/07HzOE3MWDKDokv+GKZxrXdCub+A9j7/+gzL2dD
JYx5u5Bi5FadX9h0Xd0Ml4te9Li26pfH56rrwqG57XahOSJps7ejgyw5HWWc8cFc
WwATOIW6Ex8+a7DMmALL9Qis1SiUnNRQQ2/0n/12nO8zln6BNQoqrLvcqT9DiooM
Ru+1cfkjBMdlDQQWEzhGoCFHkC8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQeQoZI
9C2tL8RRBqJNgCvwnqOq8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGE3ODQwNTUtMTJiNC00NTcyLTg2YTMtZTE1MmE4NjgxYzdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVBK0KNz2qz0N/PVE6SkcVAhUajCAOIgiuN6gEDeL
/WbD0AEYCArvjSkYDI1lLzCEce5Q8XZ6DJTCXeZFbGmyUi9as0fUhEqsGI4LubBs
u8s/YivVC/sn2dq6pN69Kimk6gjV7IGR++c3DPZcoj5Px+RtaEYWmySyaodqzfw5
ipltCEOHZV5i8+jd7q4qRCx2zyd+pDyigLCrUyDHU3Et3ZzrbD7WW0VLRWNy98I7
6QB91YwXcKKsgYblDcndYCKtzDlKID/KLC2jwMfm3n+lO3hY2cpxh3PltYshzUp0
y1zFt3MbcwJAPp3B8c7cAA4niivTSPPD2ObYG/E8wJDHXg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:40 2024 by rpki-client on console.sobornost.net