Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
File: e6175d79-8819-47e6-b539-4bfb28fe7389.roa (raw, json)
Hash identifier: k1GPGwJbf6z2pNEaRghp09woNZAMxhqvpLglHZXTpXE=
Subject key identifier: 39:75:C8:D1:D9:06:35:84:09:8D:91:68:25:59:57:DE:82:A3:AD:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2447C65EB4C0B2F10CF7D3BB5A84EE492F6DD2E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:47:c6:5e:b4:c0:b2:f1:0c:f7:d3:bb:5a:84:ee:49:2f:6d:d2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=a401a9e73351ee4486c5c55625032da035334bdc7983fd14ecaa292773c91fa4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:08:de:10:92:3d:54:54:02:f5:15:75:1f:f8:
00:f9:5f:12:7d:0b:93:5e:4d:89:a9:96:b3:74:59:
9c:46:29:82:d3:43:c1:39:c5:c5:3a:ac:01:34:52:
c1:69:27:4c:0e:76:f9:66:5c:e5:3f:db:44:2d:a9:
fa:fc:e3:04:d1:54:42:27:d3:89:b2:af:3e:b6:ba:
89:54:09:1c:d5:ac:07:bd:6e:ae:16:6f:67:e1:7b:
e7:f2:9a:2d:c9:fa:cb:cc:d6:b1:1d:86:14:8f:7e:
8e:72:4c:be:e2:09:ad:17:16:3f:85:3e:ae:91:25:
d8:d7:3c:c3:2f:72:53:7f:7f:f0:72:5c:74:3c:59:
4e:88:b5:53:5d:8d:66:25:c2:fa:d9:43:a3:3c:53:
e3:6c:72:6a:a4:21:ec:c7:4a:d1:8f:d8:5e:b1:f9:
f0:78:3f:95:ec:70:af:18:9f:e5:df:1a:29:21:8d:
78:b8:c1:48:6c:b9:c7:cb:a5:a9:60:99:f0:e4:5b:
a5:4e:8a:6d:a4:d7:81:9e:bb:34:54:21:0c:ca:ef:
74:c1:77:fe:fa:f6:35:c3:7a:e3:fb:fb:87:60:65:
53:32:fa:ed:94:67:de:88:46:1f:40:06:03:d0:31:
4e:1c:a9:19:07:0e:c6:1d:6e:9b:17:06:13:df:2d:
89:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:75:C8:D1:D9:06:35:84:09:8D:91:68:25:59:57:DE:82:A3:AD:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:48:1f:06:22:3a:f3:fd:59:f1:bc:27:63:f2:fd:8c:c3:0a:
46:28:71:76:98:a7:66:e7:8b:f7:e0:75:e2:98:a6:55:ef:f3:
cc:75:49:66:99:4e:5c:1a:a4:a5:10:32:ca:c4:d8:36:87:fd:
b8:8e:d4:4a:6c:87:88:d3:68:a1:a6:14:1e:9e:59:60:41:d9:
3b:fd:8d:ef:e2:68:00:f1:cd:d7:35:21:f3:7d:a6:32:42:a3:
e2:78:8d:b1:5f:3c:5e:03:de:fc:72:c4:05:16:6a:37:44:87:
b5:c4:0e:c7:eb:84:48:66:d1:5b:b6:34:94:20:ca:9b:32:1c:
c5:86:af:91:c3:33:ae:90:eb:f9:aa:f0:c0:12:36:11:cc:f1:
31:a2:b3:97:13:a5:e8:05:4e:c3:1c:74:43:ea:92:82:77:43:
35:e8:cc:18:0c:b0:ec:81:ab:da:d0:20:39:40:b5:b6:17:7a:
c5:28:72:a6:71:84:82:52:e3:dd:fa:78:ca:e3:5c:40:76:d5:
55:0e:5d:6a:44:9d:cf:c4:44:2a:80:1d:b7:52:12:41:e2:44:
13:6a:19:00:7c:cf:7a:d2:36:5a:40:51:9f:f3:0e:c1:ab:61:
3b:45:10:e6:89:1c:1a:18:ce:a6:73:69:32:67:f6:ff:92:aa:
45:90:27:34
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJEfGXrTAsvEM99O7WoTuSS9t0uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0MDFhOWU3MzM1MWVlNDQ4NmM1YzU1NjI1MDMyZGEwMzUzMzRiZGM3OTgz
ZmQxNGVjYWEyOTI3NzNjOTFmYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoI3hCSPVRUAvUVdR/4APlfEn0Lk15NiamWs3RZnEYpgtNDwTnFxTqsATRS
wWknTA52+WZc5T/bRC2p+vzjBNFUQifTibKvPra6iVQJHNWsB71urhZvZ+F75/Ka
Lcn6y8zWsR2GFI9+jnJMvuIJrRcWP4U+rpEl2Nc8wy9yU39/8HJcdDxZToi1U12N
ZiXC+tlDozxT42xyaqQh7MdK0Y/YXrH58Hg/lexwrxif5d8aKSGNeLjBSGy5x8ul
qWCZ8ORbpU6KbaTXgZ67NFQhDMrvdMF3/vr2NcN64/v7h2BlUzL67ZRn3ohGH0AG
A9AxThypGQcOxh1umxcGE98tifECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5dcjR
2QY1hAmNkWglWVfegqOtUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYxNzVkNzktODgxOS00N2U2LWI1MzktNGJmYjI4ZmU3Mzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBBSB8GIjrz/VnxvCdj8v2MwwpGKHF2mKdm54v34HXi
mKZV7/PMdUlmmU5cGqSlEDLKxNg2h/24jtRKbIeI02ihphQenllgQdk7/Y3v4mgA
8c3XNSHzfaYyQqPieI2xXzxeA978csQFFmo3RIe1xA7H64RIZtFbtjSUIMqbMhzF
hq+RwzOukOv5qvDAEjYRzPExorOXE6XoBU7DHHRD6pKCd0M16MwYDLDsgava0CA5
QLW2F3rFKHKmcYSCUuPd+njK41xAdtVVDl1qRJ3PxEQqgB23UhJB4kQTahkAfM96
0jZaQFGf8w7Bq2E7RRDmiRwaGM6mc2kyZ/b/kqpFkCc0
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net