Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa
File: dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa (raw, json)
Hash identifier: nzcUOQynQNZwxuScRJ4TADDtojfU2zad9Dedag6yIZc=
Subject key identifier: 88:3E:DC:42:91:9D:43:F5:1B:8F:73:FA:EC:43:BC:A7:00:EA:9E:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5189BD050E2A444EEAD46477B93D7FEEA30008CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1010::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:89:bd:05:0e:2a:44:4e:ea:d4:64:77:b9:3d:7f:ee:a3:00:08:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8a7a2e75468638228910e44579660492b5435e834727f3bdafaa4b453f66f69a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e7:76:4d:22:df:72:f4:e7:17:50:9a:11:4a:
db:10:c1:9d:0f:fc:b8:e3:7a:c6:f7:46:16:87:f8:
06:66:7a:a0:5f:e7:db:79:1e:76:1b:15:c3:6a:c6:
19:28:9a:a6:94:95:b4:0f:ad:b1:3e:ad:c0:d6:3e:
6a:0d:50:92:5b:76:07:c7:33:d4:c5:22:2c:37:8c:
79:6d:89:cd:17:da:a1:1d:58:fa:22:80:9f:b7:57:
2c:b5:06:39:e2:0e:76:8e:c5:40:22:e0:ba:c8:a5:
d5:64:84:a0:8c:00:a8:10:d0:01:17:53:8c:c8:9a:
5b:d2:14:cd:d7:6b:4e:3d:36:fe:ac:5b:32:2c:84:
e7:25:ee:0c:23:7f:88:1e:21:54:7d:f9:b8:e9:a3:
d2:06:5a:fc:cb:af:f2:ed:04:3e:be:5c:16:b2:6e:
f4:ba:6f:7d:2c:4b:c6:3b:05:ff:ef:31:de:dc:23:
60:0e:34:a4:89:f0:d0:4e:54:d1:ac:fe:4f:e7:23:
50:f7:8c:67:9f:83:d2:44:a7:01:ba:6b:7b:5e:3a:
3e:b9:b4:8e:40:4f:1d:9f:72:3c:5d:2e:9c:43:b2:
40:64:94:31:63:c9:1d:c3:30:3a:0a:c2:88:50:00:
be:7c:92:f4:03:43:f3:b2:4f:71:c7:af:26:87:3b:
1b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3E:DC:42:91:9D:43:F5:1B:8F:73:FA:EC:43:BC:A7:00:EA:9E:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1010::/44
Signature Algorithm: sha256WithRSAEncryption
9d:fc:83:99:a7:9f:e9:96:67:fa:9e:e5:82:7f:d8:10:58:f4:
a6:9b:4f:86:09:85:bd:5e:fd:7f:6f:24:97:ba:c6:9d:76:b9:
27:7e:b1:d8:87:c9:f8:f2:14:de:85:ad:0a:19:95:5a:7d:fd:
2b:dd:bb:cc:02:e7:c2:b2:9f:e6:37:53:45:47:53:ca:96:1b:
1e:61:d8:be:6c:d9:82:05:dc:3e:0c:fd:f8:13:9d:2e:c5:1d:
56:f9:a1:d1:13:66:15:97:98:a5:14:fc:1d:83:42:04:f5:ba:
ad:4f:9e:b6:a6:04:25:7c:da:22:69:12:41:38:ed:e3:1a:82:
d7:ef:66:08:f0:10:0b:d2:6b:ce:c3:cc:20:3c:66:14:27:ba:
a1:58:18:1e:52:6b:22:a5:a5:9e:88:de:59:58:35:25:ea:cc:
e1:53:c1:d7:1a:0e:7e:7a:92:0d:1a:5e:0b:2e:2b:08:02:51:
9a:54:5f:46:ba:f3:49:77:0d:0b:04:ae:b5:da:67:f9:db:a0:
f7:33:68:25:0d:ea:51:25:52:af:28:8c:86:12:00:33:90:11:
b5:75:fa:b9:9f:d2:c8:82:2e:31:77:9d:8c:14:55:19:f8:48:
39:6b:64:71:b4:b9:0d:87:cc:f8:20:52:99:7c:2f:4e:d6:bd:
11:58:b2:52
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUYm9BQ4qRE7q1GR3uT1/7qMACMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhN2EyZTc1NDY4NjM4MjI4OTEwZTQ0NTc5NjYwNDkyYjU0MzVlODM0NzI3
ZjNiZGFmYWE0YjQ1M2Y2NmY2OWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPTndk0i33L05xdQmhFK2xDBnQ/8uON6xvdGFof4BmZ6oF/n23kedhsVw2rG
GSiappSVtA+tsT6twNY+ag1Qklt2B8cz1MUiLDeMeW2JzRfaoR1Y+iKAn7dXLLUG
OeIOdo7FQCLgusil1WSEoIwAqBDQARdTjMiaW9IUzddrTj02/qxbMiyE5yXuDCN/
iB4hVH35uOmj0gZa/Muv8u0EPr5cFrJu9LpvfSxLxjsF/+8x3twjYA40pInw0E5U
0az+T+cjUPeMZ5+D0kSnAbpre146Prm0jkBPHZ9yPF0unEOyQGSUMWPJHcMwOgrC
iFAAvnyS9AND87JPccevJoc7G80CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIPtxC
kZ1D9RuPc/rsQ7ynAOqeVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGMzY2M4NzQtMjliMC00ZjljLTkwYWEtOTA2ZmE5ZGNhMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoBBXgQ
EDANBgkqhkiG9w0BAQsFAAOCAQEAnfyDmaef6ZZn+p7lgn/YEFj0pptPhgmFvV79
f28kl7rGnXa5J36x2IfJ+PIU3oWtChmVWn39K927zALnwrKf5jdTRUdTypYbHmHY
vmzZggXcPgz9+BOdLsUdVvmh0RNmFZeYpRT8HYNCBPW6rU+etqYEJXzaImkSQTjt
4xqC1+9mCPAQC9JrzsPMIDxmFCe6oVgYHlJrIqWlnojeWVg1JerM4VPB1xoOfnqS
DRpeCy4rCAJRmlRfRrrzSXcNCwSutdpn+dug9zNoJQ3qUSVSryiMhhIAM5ARtXX6
uZ/SyIIuMXedjBRVGfhIOWtkcbS5DYfM+CBSmXwvTta9EViyUg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:11:40 2024 by rpki-client on console.sobornost.net