Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
File: e1a46896-dfc0-4be1-91be-62fd0626c291.roa (raw, json)
Hash identifier: v/Dy09AFjVxYsTn/KvwQz6JxfgArFxAuZ3TvUXfk1b0=
Subject key identifier: 06:FF:D9:79:A4:D6:EC:89:08:A6:35:01:55:A5:D9:11:3A:ED:B9:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21E175A4862CEEF121CC28AFFEAAF09D66E9A733
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e1:75:a4:86:2c:ee:f1:21:cc:28:af:fe:aa:f0:9d:66:e9:a7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=9f508d6cd1f6201c42fdd55632c2db4f56bd058b59e43a959e2aaa95127a7eb0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e8:8a:af:72:61:63:90:d9:ef:cb:92:64:f4:
8a:9b:a1:de:1c:3d:ac:85:2e:d9:3c:75:c7:95:3e:
61:5a:31:64:4c:df:3c:f6:1c:46:f0:9c:74:38:ef:
b3:3c:0b:32:9b:d5:73:6b:4a:05:53:df:34:fc:0c:
a3:9a:a5:8b:f9:47:5e:4d:bc:13:fd:53:3f:a5:64:
0c:57:42:34:da:a5:f3:1f:ca:45:66:49:e6:f1:c0:
c2:21:4a:c2:33:38:40:80:16:18:f7:78:c5:3b:a8:
91:7e:35:7b:38:ea:c2:46:39:85:30:42:31:87:a8:
16:08:7e:c8:03:5e:59:a0:e6:63:a5:17:62:2f:d7:
30:ad:3f:15:e8:b0:26:21:f4:4b:1c:41:a8:77:0f:
48:37:f0:f9:8c:52:4c:2b:a0:81:c0:d8:26:bd:e6:
d8:21:56:2b:c1:78:44:b5:18:02:2b:a8:c4:1b:49:
c7:e6:d9:c9:9a:af:3c:25:24:9b:59:77:45:ee:95:
5e:fd:59:53:df:8c:49:7e:0b:6e:27:a9:f6:20:0b:
24:9d:b4:e0:a0:ba:85:5b:b8:ba:34:9c:66:9d:ab:
0e:5c:26:39:97:3c:4a:8a:fa:7f:bb:47:dc:09:c8:
d3:3d:75:73:a3:b8:c7:53:30:ae:2b:ec:5f:7d:9a:
e4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FF:D9:79:A4:D6:EC:89:08:A6:35:01:55:A5:D9:11:3A:ED:B9:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:59:09:a5:d2:bc:f7:ad:c7:9d:98:21:a1:e6:57:3e:79:a3:
ef:16:ad:89:4c:a6:b6:cb:40:ea:7c:c2:bf:7a:71:1f:5c:a7:
50:00:0f:69:71:03:0f:89:57:0e:4e:12:7c:f6:bc:ff:84:24:
c3:9c:98:f4:3d:da:b5:68:b1:0c:3f:7b:5e:b7:14:0f:65:44:
31:27:cb:e0:22:6a:66:91:ec:bf:4d:15:97:b7:13:62:af:8a:
5f:19:9a:74:46:69:31:eb:6e:db:df:c2:33:b9:77:84:41:6f:
36:5d:4e:e8:9b:16:7c:5d:a7:dc:41:0c:5a:7c:56:48:45:0e:
5c:80:b8:ba:d8:0d:f8:fd:fb:a4:19:2c:e0:64:81:ea:b1:68:
d0:fd:69:99:13:ee:ed:0d:58:48:50:84:62:4e:1d:b7:9c:51:
ec:eb:f4:eb:53:7d:ff:02:b6:f3:81:be:1b:06:2b:32:c4:05:
af:1f:99:3d:49:f9:95:b3:df:39:ef:77:cf:17:01:c4:1b:4b:
1c:6e:e0:c2:24:63:78:e5:74:76:12:b2:ac:34:7c:c9:c5:fd:
44:d6:8d:53:95:1c:1a:ce:75:3e:70:aa:42:93:32:01:56:29:
5d:f2:15:53:e2:68:81:cd:32:54:db:50:c0:71:92:1e:5d:03:
1a:63:59:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIeF1pIYs7vEhzCiv/qrwnWbppzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNTA4ZDZjZDFmNjIwMWM0MmZkZDU1NjMyYzJkYjRmNTZiZDA1OGI1OWU0
M2E5NTllMmFhYTk1MTI3YTdlYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDoiq9yYWOQ2e/LkmT0ipuh3hw9rIUu2Tx1x5U+YVoxZEzfPPYcRvCcdDjv
szwLMpvVc2tKBVPfNPwMo5qli/lHXk28E/1TP6VkDFdCNNql8x/KRWZJ5vHAwiFK
wjM4QIAWGPd4xTuokX41ezjqwkY5hTBCMYeoFgh+yANeWaDmY6UXYi/XMK0/Feiw
JiH0SxxBqHcPSDfw+YxSTCuggcDYJr3m2CFWK8F4RLUYAiuoxBtJx+bZyZqvPCUk
m1l3Re6VXv1ZU9+MSX4Lbiep9iALJJ204KC6hVu4ujScZp2rDlwmOZc8Sor6f7tH
3AnI0z11c6O4x1MwrivsX32a5OECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQG/9l5
pNbsiQimNQFVpdkROu25wDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFhNDY4OTYtZGZjMC00YmUxLTkxYmUtNjJmZDA2MjZjMjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQCzWQml0rz3rcedmCGh5lc+eaPvFq2JTKa2y0DqfMK/
enEfXKdQAA9pcQMPiVcOThJ89rz/hCTDnJj0Pdq1aLEMP3tetxQPZUQxJ8vgImpm
key/TRWXtxNir4pfGZp0Rmkx627b38IzuXeEQW82XU7omxZ8XafcQQxafFZIRQ5c
gLi62A34/fukGSzgZIHqsWjQ/WmZE+7tDVhIUIRiTh23nFHs6/TrU33/Arbzgb4b
BisyxAWvH5k9SfmVs98573fPFwHEG0scbuDCJGN45XR2ErKsNHzJxf1E1o1TlRwa
znU+cKpCkzIBVild8hVT4miBzTJU21DAcZIeXQMaY1nU
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net