Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
File: e4b516c1-e154-4f18-af17-f71694b6015c.roa (raw, json)
Hash identifier: gKoHorupRhHAgx/swTIVYFw+PCBkVQoG9KwZgJconkY=
Subject key identifier: 8D:DB:58:7E:C7:23:49:62:62:89:95:4B:7B:7F:B3:49:7F:57:AF:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35BF0C3A61C37CF441438BE95BA9768A9409AA77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:bf:0c:3a:61:c3:7c:f4:41:43:8b:e9:5b:a9:76:8a:94:09:aa:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=61094c15e4df6883ca1c36e6aa11159982a6512bd910040e9af070b4b34d0d1f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8d:ca:d9:c7:7c:0d:06:af:aa:02:71:f4:71:
dd:2b:53:4a:dc:17:5f:f4:2a:50:f8:8e:0e:f1:f7:
7b:44:dc:76:c9:23:91:4d:84:b5:34:36:68:22:94:
d3:fd:4e:14:00:4b:8c:95:9e:00:26:2e:38:0d:29:
fe:fe:07:17:4e:ae:84:78:07:db:55:b9:02:15:87:
76:d7:13:95:40:79:01:8c:c3:3c:2b:7b:d5:80:ad:
a1:b4:d3:56:e6:39:ee:c7:c8:83:6b:c9:88:07:c7:
27:4c:6c:ea:db:20:7f:21:a5:60:ac:bb:e6:75:94:
33:ca:d1:50:10:2e:b3:54:1c:64:c2:dd:44:4f:21:
83:78:ee:69:b8:61:9a:e9:08:5d:36:f5:8e:0f:1c:
d4:eb:e4:d0:98:1a:9a:ae:72:fb:f3:a6:d7:22:7e:
6e:8d:90:eb:08:e1:f5:5d:a5:1f:52:19:0c:6b:58:
03:61:f6:d5:f3:17:0c:5d:37:4d:50:5e:7c:51:c7:
b5:96:fd:6b:b2:28:c4:8a:fb:93:27:8e:c2:65:d9:
bf:5a:f7:4d:8f:3a:cb:bb:c6:74:ee:3b:8c:e7:c8:
ff:98:44:4c:2e:a7:58:79:03:83:4b:96:f2:51:7c:
07:75:c3:0f:97:05:a4:b9:0d:d3:97:96:2e:ef:27:
5b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DB:58:7E:C7:23:49:62:62:89:95:4B:7B:7F:B3:49:7F:57:AF:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:cf:d0:c7:40:f7:47:68:60:5d:8f:19:51:de:53:62:c9:9d:
a5:8d:66:e9:1d:1f:17:f8:eb:b1:38:50:a6:d7:7f:05:6d:d3:
22:56:38:75:b5:4d:ea:9b:50:08:4e:cd:c4:ae:00:9d:36:2c:
b2:c9:9a:25:85:b4:cc:d4:90:75:a8:ea:0f:0f:ee:df:ef:b4:
e5:ab:23:37:55:22:91:de:72:2c:92:70:d2:80:f3:22:8a:7e:
b9:7b:da:79:22:a7:5a:3b:5b:f5:a8:d1:83:4f:db:a4:73:af:
64:86:16:ac:52:ae:43:cf:f2:45:50:4c:27:2e:d0:5b:c5:6d:
7d:9f:0e:b0:83:86:88:d5:ca:ae:82:1b:fc:3b:77:e6:f1:eb:
8a:71:9e:ff:2b:75:87:49:7e:20:9a:99:6c:bd:0a:97:3a:7f:
d8:24:ee:7b:0a:e1:73:bc:8d:d1:a9:17:8f:8a:da:b8:a1:91:
81:5d:8f:64:c5:aa:40:3e:08:b9:cb:e6:d8:1e:34:a0:d0:84:
e1:53:9a:cb:ae:59:a3:cb:ef:11:7e:dd:69:c5:6f:4b:a4:ab:
6a:31:cd:f2:9d:77:1b:41:e3:16:8a:ce:cb:07:e8:83:90:17:
57:e9:e5:c8:d1:88:ed:a0:82:4a:ae:4b:13:94:50:9a:e0:64:
13:95:18:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNb8MOmHDfPRBQ4vpW6l2ipQJqncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxMDk0YzE1ZTRkZjY4ODNjYTFjMzZlNmFhMTExNTk5ODJhNjUxMmJkOTEw
MDQwZTlhZjA3MGI0YjM0ZDBkMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKNytnHfA0Gr6oCcfRx3StTStwXX/QqUPiODvH3e0TcdskjkU2EtTQ2aCKU
0/1OFABLjJWeACYuOA0p/v4HF06uhHgH21W5AhWHdtcTlUB5AYzDPCt71YCtobTT
VuY57sfIg2vJiAfHJ0xs6tsgfyGlYKy75nWUM8rRUBAus1QcZMLdRE8hg3juabhh
mukIXTb1jg8c1Ovk0Jgamq5y+/Om1yJ+bo2Q6wjh9V2lH1IZDGtYA2H21fMXDF03
TVBefFHHtZb9a7IoxIr7kyeOwmXZv1r3TY86y7vGdO47jOfI/5hETC6nWHkDg0uW
8lF8B3XDD5cFpLkN05eWLu8nWykCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSN21h+
xyNJYmKJlUt7f7NJf1evszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTRiNTE2YzEtZTE1NC00ZjE4LWFmMTctZjcxNjk0YjYwMTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQCWz9DHQPdHaGBdjxlR3lNiyZ2ljWbpHR8X+OuxOFCm
138FbdMiVjh1tU3qm1AITs3ErgCdNiyyyZolhbTM1JB1qOoPD+7f77TlqyM3VSKR
3nIsknDSgPMiin65e9p5IqdaO1v1qNGDT9ukc69khhasUq5Dz/JFUEwnLtBbxW19
nw6wg4aI1cqughv8O3fm8euKcZ7/K3WHSX4gmplsvQqXOn/YJO57CuFzvI3RqReP
itq4oZGBXY9kxapAPgi5y+bYHjSg0IThU5rLrlmjy+8Rft1pxW9LpKtqMc3ynXcb
QeMWis7LB+iDkBdX6eXI0YjtoIJKrksTlFCa4GQTlRid
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net