Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d02ab68-bf89-433a-a40b-18cc72270181.roa
File: 4d02ab68-bf89-433a-a40b-18cc72270181.roa (raw, json)
Hash identifier: v0SJZzfGRO8hLdGDOUI3zVbk/cUfxLGK8RwW1YfER/U=
Subject key identifier: 31:1D:49:0F:94:B6:81:4A:27:AC:8B:81:C7:E9:2D:6C:14:98:4E:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FBABF2FB75BA3B189FF1C8F406B145A77ED7ECF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d02ab68-bf89-433a-a40b-18cc72270181.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.34.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ba:bf:2f:b7:5b:a3:b1:89:ff:1c:8f:40:6b:14:5a:77:ed:7e:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=d3f25f43044b06b8b71daaf97402e436224de4fee5ca05493ecd42ae66f2f3b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:69:8f:af:f9:24:c5:58:51:75:57:83:8d:a9:
7e:88:59:af:0f:7c:90:6c:ac:aa:45:e5:20:21:14:
5a:9c:0b:40:0d:4d:5b:94:b8:23:3e:33:c1:60:34:
32:57:84:a6:93:da:cd:cf:84:85:b1:a9:f8:d8:62:
6c:51:8d:ce:9e:63:16:9f:0e:6a:11:3d:6b:d3:f4:
3f:f8:8c:b1:6e:e8:68:a8:59:1c:25:8c:d8:24:93:
75:bd:b9:25:01:b0:4e:a3:96:68:43:89:49:12:10:
c6:e1:08:d9:78:dc:cf:f4:5f:73:57:7c:41:ae:a0:
46:63:19:7d:8a:2d:34:88:aa:19:2a:ed:30:98:fc:
c1:73:31:71:a5:72:6f:5e:e8:ce:0a:f0:3d:42:4a:
9c:ac:57:d4:68:ec:4c:87:d4:f9:3b:02:68:a2:d7:
99:89:6a:be:0a:2c:61:35:91:18:47:55:52:fc:4b:
b2:94:03:c0:4d:2a:2d:95:e3:ec:57:84:c7:d6:9e:
5c:ed:47:bd:df:0b:3b:4b:dc:16:42:44:a2:ab:e0:
05:08:30:7b:98:f1:17:32:aa:b7:80:c1:71:dd:1e:
ab:e1:e4:81:34:cb:49:fa:8a:f6:e7:c7:d5:a3:81:
92:8e:e7:cd:bc:4a:06:2c:ec:24:10:7f:6f:f6:f7:
8d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1D:49:0F:94:B6:81:4A:27:AC:8B:81:C7:E9:2D:6C:14:98:4E:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d02ab68-bf89-433a-a40b-18cc72270181.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:d8:0e:30:ee:36:e1:bb:85:65:ab:a5:6b:1e:44:08:2e:41:
ca:91:2d:8e:10:64:82:fc:87:81:ac:d7:e2:75:20:bd:04:3b:
ad:fd:f1:66:4e:9d:ab:62:0e:d6:d3:5b:e1:8d:c1:1e:df:df:
08:a0:38:ab:ba:49:95:ad:1d:20:d8:37:7e:0c:3f:b3:7b:c1:
a7:74:cf:05:fe:f9:4c:5d:d1:72:16:3f:41:e3:86:ea:0b:06:
b4:61:6b:a2:cc:b9:ec:97:25:09:be:38:2d:ed:33:4f:3b:e6:
12:3c:ba:3e:ce:51:ac:55:6a:c6:da:f1:53:e9:73:b4:11:d1:
26:a0:c8:69:5b:0b:45:06:3d:f8:8f:52:0b:75:a2:0a:53:11:
52:79:32:d1:b8:c2:27:35:3f:93:54:e7:29:3d:6d:52:c6:40:
51:23:e3:db:56:18:f1:2d:aa:21:f1:ed:63:b4:25:f1:de:ea:
c3:d5:59:7e:28:ee:69:b5:73:0a:42:c3:a6:39:5c:ed:2c:b2:
10:0b:8f:5d:8a:4f:1e:e0:11:a0:70:71:ad:99:bf:76:a7:f8:
b4:cb:fb:02:5d:06:ad:dd:24:d4:ff:ff:ff:57:b0:3d:0e:5d:
00:29:d3:a6:c7:07:88:6c:e5:f9:0c:f8:d9:14:3a:de:14:dd:
93:5c:f4:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH7q/L7dbo7GJ/xyPQGsUWnftfs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzZjI1ZjQzMDQ0YjA2YjhiNzFkYWFmOTc0MDJlNDM2MjI0ZGU0ZmVlNWNh
MDU0OTNlY2Q0MmFlNjZmMmYzYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1pj6/5JMVYUXVXg42pfohZrw98kGysqkXlICEUWpwLQA1NW5S4Iz4zwWA0
MleEppPazc+EhbGp+NhibFGNzp5jFp8OahE9a9P0P/iMsW7oaKhZHCWM2CSTdb25
JQGwTqOWaEOJSRIQxuEI2Xjcz/Rfc1d8Qa6gRmMZfYotNIiqGSrtMJj8wXMxcaVy
b17ozgrwPUJKnKxX1GjsTIfU+TsCaKLXmYlqvgosYTWRGEdVUvxLspQDwE0qLZXj
7FeEx9aeXO1Hvd8LO0vcFkJEoqvgBQgwe5jxFzKqt4DBcd0eq+HkgTTLSfqK9ufH
1aOBko7nzbxKBizsJBB/b/b3jYMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxHUkP
lLaBSiesi4HH6S1sFJhOrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGQwMmFiNjgtYmY4OS00MzNhLWE0MGItMThjYzcyMjcwMTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQC02A4w7jbhu4Vlq6VrHkQILkHKkS2OEGSC/IeBrNfi
dSC9BDut/fFmTp2rYg7W01vhjcEe398IoDirukmVrR0g2Dd+DD+ze8GndM8F/vlM
XdFyFj9B44bqCwa0YWuizLnslyUJvjgt7TNPO+YSPLo+zlGsVWrG2vFT6XO0EdEm
oMhpWwtFBj34j1ILdaIKUxFSeTLRuMInNT+TVOcpPW1SxkBRI+PbVhjxLaoh8e1j
tCXx3urD1Vl+KO5ptXMKQsOmOVztLLIQC49dik8e4BGgcHGtmb92p/i0y/sCXQat
3STU////V7A9Dl0AKdOmxweIbOX5DPjZFDreFN2TXPTZ
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net