Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f8b035ba-37a6-4775-8f17-c23da022b897.roa
File: f8b035ba-37a6-4775-8f17-c23da022b897.roa (raw, json)
Hash identifier: l9Ug5OLBbyTrSdSoPEyS7I7GpWYMb1T/6r7M5PKu9oY=
Subject key identifier: CA:71:C9:C5:9F:21:97:A1:58:0F:B7:4F:C0:33:1C:31:89:69:CF:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F3D5EDC7BB4A722A7A83771194E4263A7846150
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f8b035ba-37a6-4775-8f17-c23da022b897.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:3d:5e:dc:7b:b4:a7:22:a7:a8:37:71:19:4e:42:63:a7:84:61:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=66b30555c282b15f54edcb8f89632d12bf91bd56742f1b882ecec1f286db5468, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f9:85:72:4a:bd:f9:bb:6b:b9:5a:29:fe:2e:
c6:25:be:11:dd:b7:6b:0d:ba:22:4f:bb:56:f4:53:
73:c2:dd:e6:93:c9:c8:ba:ef:c9:ea:63:62:4b:eb:
6e:09:ff:5c:3f:1d:17:db:df:25:90:83:4f:31:61:
4c:1b:7a:b1:29:8c:31:28:da:e3:25:09:0c:e3:4d:
7c:da:4b:8c:b6:5c:68:5d:19:bd:5b:e4:35:8a:45:
e2:d4:3a:04:69:3f:83:ac:55:88:2a:fe:66:01:43:
09:09:63:7f:d0:0b:ca:30:05:89:53:d6:e7:63:ac:
ef:f1:aa:e3:d6:5a:f6:3a:13:82:9a:b8:3a:76:85:
df:ab:c3:83:00:d8:16:24:d2:6b:2e:d3:0e:e1:17:
33:d1:a6:92:5b:b9:c5:5d:33:f0:63:22:c8:31:c6:
d6:7f:3d:60:ca:f3:15:31:73:d5:74:e0:e0:83:97:
e2:31:7b:23:ff:3b:c0:66:93:13:77:bd:37:5b:06:
1e:18:fc:ef:e2:fe:3b:3b:76:f7:ed:0a:26:8a:67:
43:98:e9:db:04:e0:49:fc:de:04:03:4e:5b:a6:3a:
45:9a:bf:bd:71:4f:60:a3:75:b6:c7:8a:70:cf:88:
9c:60:5f:35:87:83:da:45:68:f3:88:63:fa:38:27:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:71:C9:C5:9F:21:97:A1:58:0F:B7:4F:C0:33:1C:31:89:69:CF:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f8b035ba-37a6-4775-8f17-c23da022b897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8d:ca:35:d3:99:bf:4d:8a:1f:fb:ea:ea:75:71:e4:29:f3:ea:
d7:c4:fc:5f:e1:ad:de:80:fe:ef:ea:20:da:31:ae:ff:28:98:
2c:3c:1a:be:d6:64:ba:29:5f:1d:19:31:25:7d:39:97:a0:e4:
14:5f:51:79:97:4d:99:81:bb:59:3a:b6:66:6c:7d:6a:cb:e9:
94:a6:67:6b:a4:dc:c4:7d:7a:f7:f4:37:8c:23:e9:2d:29:d2:
10:40:11:bf:ce:5d:4e:dd:69:11:df:b7:47:9c:f4:b2:76:1c:
5f:4a:14:1a:59:8a:b8:98:e7:74:4f:5f:6c:34:bd:29:d1:fc:
da:37:bc:b0:d7:6f:e3:83:ad:ac:0c:0f:38:51:70:69:cc:75:
3d:e8:eb:d8:a5:a2:10:ce:14:f8:10:0a:b4:b5:b0:3c:cb:a8:
0e:90:12:e9:01:55:ec:e9:08:d1:c7:59:ed:9a:28:ac:74:27:
95:f2:f1:8b:a5:3f:c6:1e:4b:39:a0:62:83:53:ff:08:18:49:
b1:08:bd:72:86:33:20:0c:06:8f:29:8d:bd:04:93:24:04:0d:
63:c1:1c:53:bc:25:a0:94:6f:42:ce:c4:e4:29:20:84:aa:e4:
f4:8d:0a:83:f3:8e:e4:70:ac:e1:8b:70:f1:af:1f:93:07:d5:
ea:7f:61:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULz1e3Hu0pyKnqDdxGU5CY6eEYVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2YjMwNTU1YzI4MmIxNWY1NGVkY2I4Zjg5NjMyZDEyYmY5MWJkNTY3NDJm
MWI4ODJlY2VjMWYyODZkYjU0NjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKf5hXJKvfm7a7laKf4uxiW+Ed23aw26Ik+7VvRTc8Ld5pPJyLrvyepjYkvr
bgn/XD8dF9vfJZCDTzFhTBt6sSmMMSja4yUJDONNfNpLjLZcaF0ZvVvkNYpF4tQ6
BGk/g6xViCr+ZgFDCQljf9ALyjAFiVPW52Os7/Gq49Za9joTgpq4OnaF36vDgwDY
FiTSay7TDuEXM9Gmklu5xV0z8GMiyDHG1n89YMrzFTFz1XTg4IOX4jF7I/87wGaT
E3e9N1sGHhj87+L+Ozt29+0KJopnQ5jp2wTgSfzeBANOW6Y6RZq/vXFPYKN1tseK
cM+InGBfNYeD2kVo84hj+jgnteUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTKccnF
nyGXoVgPt0/AMxwxiWnPqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjhiMDM1YmEtMzdhNi00Nzc1LThmMTctYzIzZGEwMjJiODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQCNyjXTmb9Nih/76up1ceQp8+rXxPxf4a3egP7v6iDa
Ma7/KJgsPBq+1mS6KV8dGTElfTmXoOQUX1F5l02ZgbtZOrZmbH1qy+mUpmdrpNzE
fXr39DeMI+ktKdIQQBG/zl1O3WkR37dHnPSydhxfShQaWYq4mOd0T19sNL0p0fza
N7yw12/jg62sDA84UXBpzHU96OvYpaIQzhT4EAq0tbA8y6gOkBLpAVXs6QjRx1nt
miisdCeV8vGLpT/GHks5oGKDU/8IGEmxCL1yhjMgDAaPKY29BJMkBA1jwRxTvCWg
lG9CzsTkKSCEquT0jQqD847kcKzhi3Dxrx+TB9Xqf2Gn
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net