Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa
File: 1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa (raw, json)
Hash identifier: TomltnKaIf4cdt4V5ZPaGjRuhaABuCyNvvBR0tTshFM=
Subject key identifier: E3:B9:03:54:38:20:C9:BA:73:81:79:B4:60:8C:BE:87:E1:CD:C9:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21D54397F8D7548369A2C88A9DBE8181A9B33126
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 176.32.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d5:43:97:f8:d7:54:83:69:a2:c8:8a:9d:be:81:81:a9:b3:31:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=ff0cf647be6b0c7eab7c4e0d1113b79366576cb2ac9852ae8ecc2f133f8e0879, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:29:45:59:4c:74:4d:64:62:dc:75:ec:fd:ca:
73:35:43:cf:f3:33:c3:ca:2b:ea:9a:55:79:16:8b:
a6:15:38:d6:cb:9a:41:08:43:91:2a:fc:e9:2d:6a:
1a:59:72:c6:27:0f:79:20:2a:0c:53:f5:db:41:17:
38:36:bd:19:65:08:f4:e8:53:1d:0f:e0:1f:8d:f0:
45:4e:fd:67:c1:ea:96:8e:81:09:ac:b8:e5:2f:28:
ab:50:8a:53:14:f6:ea:83:2b:2d:c4:55:3c:3c:a0:
bc:7d:3c:89:06:e7:b7:d3:b9:9e:c1:59:a6:0f:00:
69:0f:8f:87:7d:13:fa:30:71:cf:11:32:3b:ad:4c:
e1:9e:39:d5:2e:e8:bb:a6:68:d5:48:bc:04:31:69:
c0:a5:75:0c:e1:44:f6:ef:75:c8:4d:e1:c6:34:bf:
53:64:f6:04:9a:fa:92:bb:ae:9c:98:e4:d0:f8:96:
ac:f7:13:ff:a7:2a:41:80:62:6e:07:8a:74:d5:3d:
e7:7e:bf:90:32:c0:eb:0c:1d:41:90:10:05:41:8d:
59:31:5f:8a:da:25:f7:8d:98:e7:fb:2d:70:25:fe:
ab:9a:fa:50:e1:b3:2d:f1:be:80:8a:40:d6:ab:56:
45:9c:8c:1a:45:c5:f5:1f:e4:e9:ad:26:18:c0:a8:
a2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B9:03:54:38:20:C9:BA:73:81:79:B4:60:8C:BE:87:E1:CD:C9:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
32:cb:8e:26:07:f6:18:8a:1b:0c:37:4f:8f:78:b0:23:ab:09:
fa:1a:0e:d0:42:1a:1b:c9:f9:17:44:44:89:58:0d:60:63:43:
fb:9a:06:f0:ed:51:bf:42:4f:0b:fc:1e:74:3d:0d:0e:aa:7f:
11:9c:1d:2b:f7:35:5a:1d:57:e5:40:01:85:af:2b:8c:be:04:
6e:6f:6d:81:9f:d5:75:08:83:4b:e9:d9:4f:ec:d8:f2:73:45:
b2:15:63:71:6e:bc:d7:78:a3:55:6d:18:18:07:67:d1:2e:ad:
a6:dc:ce:84:f6:4f:55:a7:e4:a0:f5:51:2d:ae:53:a0:fe:21:
58:7e:b6:8c:61:1d:be:58:ef:69:32:72:20:08:78:50:ec:b8:
3a:ab:52:e4:63:46:02:b7:ef:df:11:39:ad:d7:09:22:56:a2:
87:55:79:bd:c8:84:19:e1:7e:fb:e0:de:fe:b8:75:da:60:17:
c3:3e:73:1a:ef:a9:69:6a:cf:ae:ec:4e:a8:30:2e:19:15:6b:
df:99:7f:15:89:70:81:93:52:6f:9c:5f:6c:bd:18:1b:52:8c:
53:92:62:b7:42:8f:58:46:2e:1b:ae:2e:df:f3:ef:5e:aa:d4:
bc:a7:d6:06:bc:46:39:fa:cb:26:c3:ba:a1:53:da:71:a0:01:
3f:a9:7a:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIdVDl/jXVINposiKnb6BgamzMSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMGNmNjQ3YmU2YjBjN2VhYjdjNGUwZDExMTNiNzkzNjY1NzZjYjJhYzk4
NTJhZThlY2MyZjEzM2Y4ZTA4NzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8pRVlMdE1kYtx17P3KczVDz/Mzw8or6ppVeRaLphU41suaQQhDkSr86S1q
GllyxicPeSAqDFP120EXODa9GWUI9OhTHQ/gH43wRU79Z8Hqlo6BCay45S8oq1CK
UxT26oMrLcRVPDygvH08iQbnt9O5nsFZpg8AaQ+Ph30T+jBxzxEyO61M4Z451S7o
u6Zo1Ui8BDFpwKV1DOFE9u91yE3hxjS/U2T2BJr6kruunJjk0PiWrPcT/6cqQYBi
bgeKdNU9536/kDLA6wwdQZAQBUGNWTFfitol942Y5/stcCX+q5r6UOGzLfG+gIpA
1qtWRZyMGkXF9R/k6a0mGMCootsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjuQNU
OCDJunOBebRgjL6H4c3JGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRlMDllNmEtNGIyNC00YWFiLTk1ZDYtOWUxYjhmZDM0ZjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAMsuOJgf2GIobDDdPj3iwI6sJ+hoO0EIaG8n5F0RE
iVgNYGND+5oG8O1Rv0JPC/wedD0NDqp/EZwdK/c1Wh1X5UABha8rjL4Ebm9tgZ/V
dQiDS+nZT+zY8nNFshVjcW6813ijVW0YGAdn0S6tptzOhPZPVafkoPVRLa5ToP4h
WH62jGEdvljvaTJyIAh4UOy4OqtS5GNGArfv3xE5rdcJIlaih1V5vciEGeF+++De
/rh12mAXwz5zGu+paWrPruxOqDAuGRVr35l/FYlwgZNSb5xfbL0YG1KMU5Jit0KP
WEYuG64u3/PvXqrUvKfWBrxGOfrLJsO6oVPacaABP6l6GQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net