Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
File: e18380f1-6ccd-4170-b605-ff97745298e0.roa (raw, json)
Hash identifier: oDJnitJg4AVVjZHvU6OIFT2cV9cDB98rKwKX0RoEE4o=
Subject key identifier: 8F:16:75:B0:CD:5B:D0:8D:25:E7:1B:40:A5:49:2C:1E:69:67:9D:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 323E2E8342AF0789423F0F8AD0965BDED35954C3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:3e:2e:83:42:af:07:89:42:3f:0f:8a:d0:96:5b:de:d3:59:54:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=bb3ac43fa32f8c1e5844ea785a3ca7b6a7a368fcfd3cbb2868ff26de52217cba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:45:e1:96:dc:25:4c:41:95:9f:9b:0f:fd:d3:
d2:81:b5:ef:29:bf:3f:08:d5:77:eb:41:fb:fe:be:
97:83:73:13:fa:f1:a6:f8:13:54:20:28:02:60:fb:
e4:14:79:e1:56:0b:d0:36:00:d0:2d:45:15:94:6d:
95:9e:54:1e:94:39:d7:5a:48:a2:b8:ec:1e:5c:95:
e9:6c:d4:d5:21:25:8d:32:50:e6:a3:01:1c:c1:a0:
b7:ca:ca:58:e3:4c:00:b1:1f:1d:30:d7:4e:06:6b:
17:b9:74:68:01:40:94:40:c9:a0:f9:52:cd:1a:88:
37:89:64:7b:7f:93:aa:af:85:ec:8e:bc:ba:89:9c:
7b:4e:38:30:ee:c4:e5:06:f4:ca:90:10:25:49:93:
3a:a9:8a:48:f7:d9:50:a4:dc:7d:fb:c0:0b:e2:3e:
c4:0c:92:27:c9:ed:1c:23:95:d0:41:fe:53:3d:0c:
bb:bc:df:b9:5b:70:e1:cc:35:f6:34:52:42:a6:68:
52:ad:ed:df:63:e8:22:7a:9e:3b:b5:37:0d:22:4e:
ee:9d:30:1a:8c:9a:fb:65:44:6e:7b:0e:cb:e9:48:
91:6e:e3:55:24:2e:80:22:0d:e3:f8:c2:7e:d5:5e:
da:ee:bc:18:68:3f:92:62:0a:8f:b5:46:53:e5:62:
ac:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:16:75:B0:CD:5B:D0:8D:25:E7:1B:40:A5:49:2C:1E:69:67:9D:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d0:2b:d2:b2:0e:f2:cd:dc:14:f9:b1:6a:d1:25:b5:c1:e7:5e:
00:4a:44:35:55:f0:a2:b2:61:8e:ea:02:2b:72:55:13:20:1d:
71:37:b0:89:42:d7:72:ca:93:d0:b4:0b:d8:cd:76:a5:69:1a:
54:7b:96:91:99:cb:7f:7f:37:c8:3d:9e:52:c5:19:6e:b5:b1:
2f:16:e9:d3:35:d7:2f:d9:65:ea:74:6e:89:71:8d:bd:96:a8:
8e:d5:90:9a:bf:44:6f:fd:2f:c6:42:5e:de:42:b7:e1:97:ab:
48:86:f9:c9:51:a2:2f:ec:6a:59:30:de:cb:86:30:0f:8f:58:
0a:e0:c2:6e:49:a4:fd:8d:da:f3:a9:fb:f4:af:d2:ce:e2:c4:
02:38:43:cc:b8:a7:c9:f2:41:a2:83:84:fc:c1:83:c1:d3:e1:
b6:76:b0:21:1f:06:cc:99:f7:e0:d1:6c:b0:fb:63:8d:8e:46:
e0:3d:16:bc:15:4d:29:f4:a2:d2:ab:8a:c4:11:8f:55:a0:21:
fb:a9:62:5a:c0:05:9c:27:d9:ef:e0:ab:d6:12:fc:7f:6a:5b:
7e:af:93:35:a3:21:b5:9a:4a:ad:51:3e:d6:44:6a:6b:62:95:
1d:12:48:50:46:90:f0:ac:bf:e8:72:89:49:2f:a5:29:f1:6f:
1f:78:56:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMj4ug0KvB4lCPw+K0JZb3tNZVMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiM2FjNDNmYTMyZjhjMWU1ODQ0ZWE3ODVhM2NhN2I2YTdhMzY4ZmNmZDNj
YmIyODY4ZmYyNmRlNTIyMTdjYmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9F4ZbcJUxBlZ+bD/3T0oG17ym/PwjVd+tB+/6+l4NzE/rxpvgTVCAoAmD7
5BR54VYL0DYA0C1FFZRtlZ5UHpQ511pIorjsHlyV6WzU1SEljTJQ5qMBHMGgt8rK
WONMALEfHTDXTgZrF7l0aAFAlEDJoPlSzRqIN4lke3+Tqq+F7I68uomce044MO7E
5Qb0ypAQJUmTOqmKSPfZUKTcffvAC+I+xAySJ8ntHCOV0EH+Uz0Mu7zfuVtw4cw1
9jRSQqZoUq3t32PoInqeO7U3DSJO7p0wGoya+2VEbnsOy+lIkW7jVSQugCIN4/jC
ftVe2u68GGg/kmIKj7VGU+VirFkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSPFnWw
zVvQjSXnG0ClSSweaWedkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTE4MzgwZjEtNmNjZC00MTcwLWI2MDUtZmY5Nzc0NTI5OGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQDQK9KyDvLN3BT5sWrRJbXB514ASkQ1VfCismGO6gIr
clUTIB1xN7CJQtdyypPQtAvYzXalaRpUe5aRmct/fzfIPZ5SxRlutbEvFunTNdcv
2WXqdG6JcY29lqiO1ZCav0Rv/S/GQl7eQrfhl6tIhvnJUaIv7GpZMN7LhjAPj1gK
4MJuSaT9jdrzqfv0r9LO4sQCOEPMuKfJ8kGig4T8wYPB0+G2drAhHwbMmffg0Wyw
+2ONjkbgPRa8FU0p9KLSq4rEEY9VoCH7qWJawAWcJ9nv4KvWEvx/alt+r5M1oyG1
mkqtUT7WRGprYpUdEkhQRpDwrL/ocolJL6Up8W8feFYv
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net