Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
File: f09fd926-3f61-4391-9843-738e03da5e6a.roa (raw, json)
Hash identifier: ST8gfbi078LmI4+FCyRkZE1wKIcMSAoLWJ5YB386EVc=
Subject key identifier: E6:3E:19:E6:2E:02:11:49:4D:C7:1B:A0:F2:E7:99:E8:91:A3:AC:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C09973F44B5B69371201A9F48E3654641BA12C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:09:97:3f:44:b5:b6:93:71:20:1a:9f:48:e3:65:46:41:ba:12:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=3ce7bd10cae1fa4d0b1a406b3e9f21f0ea1c7191f4cbc3e93d83c5b3d89c512d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:02:f9:c0:1e:4f:db:24:08:44:c8:64:9a:91:
e3:dd:68:39:09:df:8a:b3:a2:59:28:6e:82:57:8c:
26:8b:75:4f:c1:33:39:0e:34:1e:bd:4e:36:54:b3:
37:10:a7:c6:19:84:8f:85:bc:ba:31:fc:c5:4b:8a:
33:d3:c5:92:19:3e:15:e9:01:b7:4f:ff:fe:b3:63:
d1:66:15:48:a6:56:a6:6b:80:1d:f8:0f:64:1d:76:
17:14:9e:a6:35:90:42:0f:0c:66:fe:c1:ab:e1:d8:
51:10:df:5d:97:a5:2f:ae:92:54:28:eb:31:45:61:
31:43:a2:6d:42:a7:33:3a:0a:54:7e:c6:0f:80:f6:
81:a1:23:67:23:c3:d3:c0:88:87:c8:28:24:9d:29:
6c:59:9a:34:86:f3:db:ed:7b:3c:10:78:1e:69:73:
f0:a1:37:46:d4:d6:3a:26:ee:50:9e:79:ac:c9:30:
3e:1b:62:64:9f:e6:af:40:07:bf:42:19:fb:da:aa:
a7:f4:23:ae:71:26:04:96:4b:83:3d:c2:31:a3:85:
a3:19:b8:8d:2a:b5:97:87:ae:ae:0e:af:86:7b:06:
1d:34:9d:cf:51:b4:9c:ec:dc:fc:67:2d:b8:50:9c:
37:50:a0:2c:d7:b3:c1:82:bc:df:db:57:21:45:4a:
bd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:3E:19:E6:2E:02:11:49:4D:C7:1B:A0:F2:E7:99:E8:91:A3:AC:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:0e:ec:07:c2:69:c8:2c:9f:e9:f4:ea:0c:78:72:5d:21:ea:
67:5c:84:e6:44:b0:a9:ac:bc:36:b8:52:7f:fa:9a:80:8e:1b:
77:0b:64:4e:1d:b2:58:7a:94:f7:00:88:0a:c9:04:cb:6f:33:
f4:4a:2c:81:35:de:d7:32:a0:90:a0:ab:8f:19:96:d2:60:c9:
87:80:e4:37:7f:95:24:5e:97:c0:d5:75:de:26:ef:d0:e3:8e:
11:d1:ba:43:c3:1e:57:70:02:34:f6:b2:97:3f:3a:95:f2:5b:
cb:2d:a2:16:65:75:00:c9:aa:2d:a6:b9:f6:fa:c0:03:44:53:
46:a4:0f:63:ca:76:43:e0:32:2e:71:1f:cb:a4:46:1d:5a:11:
53:2d:06:8f:00:88:20:86:3f:56:2d:8b:2e:29:af:75:ef:5f:
2a:f8:2e:b5:b3:19:43:47:80:c6:bb:dd:ff:12:10:8c:ed:a0:
06:dc:6d:03:06:ce:a2:9d:de:01:27:c5:43:c5:cc:63:ff:91:
24:f1:f3:0b:9a:ec:a4:da:03:c6:d1:dc:02:18:7a:69:e9:50:
5d:0c:12:d3:ba:c6:80:03:c1:90:31:eb:66:b7:ac:13:3d:cf:
ae:76:5f:64:06:5b:eb:f5:18:32:4b:7b:ad:94:64:b3:d0:9e:
f9:4a:1e:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbAmXP0S1tpNxIBqfSONlRkG6EskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjZTdiZDEwY2FlMWZhNGQwYjFhNDA2YjNlOWYyMWYwZWExYzcxOTFmNGNi
YzNlOTNkODNjNWIzZDg5YzUxMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEC+cAeT9skCETIZJqR491oOQnfirOiWShugleMJot1T8EzOQ40Hr1ONlSz
NxCnxhmEj4W8ujH8xUuKM9PFkhk+FekBt0///rNj0WYVSKZWpmuAHfgPZB12FxSe
pjWQQg8MZv7Bq+HYURDfXZelL66SVCjrMUVhMUOibUKnMzoKVH7GD4D2gaEjZyPD
08CIh8goJJ0pbFmaNIbz2+17PBB4Hmlz8KE3RtTWOibuUJ55rMkwPhtiZJ/mr0AH
v0IZ+9qqp/QjrnEmBJZLgz3CMaOFoxm4jSq1l4eurg6vhnsGHTSdz1G0nOzc/Gct
uFCcN1CgLNezwYK839tXIUVKvdECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmPhnm
LgIRSU3HG6Dy55nokaOsozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5ZmQ5MjYtM2Y2MS00MzkxLTk4NDMtNzM4ZTAzZGE1ZTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQCkDuwHwmnILJ/p9OoMeHJdIepnXITmRLCprLw2uFJ/
+pqAjht3C2ROHbJYepT3AIgKyQTLbzP0SiyBNd7XMqCQoKuPGZbSYMmHgOQ3f5Uk
XpfA1XXeJu/Q444R0bpDwx5XcAI09rKXPzqV8lvLLaIWZXUAyaotprn2+sADRFNG
pA9jynZD4DIucR/LpEYdWhFTLQaPAIgghj9WLYsuKa91718q+C61sxlDR4DGu93/
EhCM7aAG3G0DBs6ind4BJ8VDxcxj/5Ek8fMLmuyk2gPG0dwCGHpp6VBdDBLTusaA
A8GQMetmt6wTPc+udl9kBlvr9RgyS3utlGSz0J75Sh5O
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net