Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/SUNtdcg9utjyQ5q78Lw5OODvXys.roa
File: SUNtdcg9utjyQ5q78Lw5OODvXys.roa (raw, json)
Hash identifier: u7OA7Ds6zhoqBPGHy3pkOrjz5cxVCW+WLTEho8V74jU=
Subject key identifier: 49:43:6D:75:C8:3D:BA:D8:F2:43:9A:BB:F0:BC:39:38:E0:EF:5F:2B
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 4598
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/SUNtdcg9utjyQ5q78Lw5OODvXys.roa
Signing time: Thu 31 Mar 2022 00:30:08 +0000
ROA not before: Thu 31 Mar 2022 00:30:08 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 51224
IP address blocks: 147.28.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17816 (0x4598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 31 00:30:08 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=49436D75C83DBAD8F2439ABBF0BC3938E0EF5F2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:75:65:e2:de:5c:c4:22:dc:89:22:8a:17:f8:
6a:82:ae:a0:9e:ac:cd:a9:85:5a:c5:69:5d:45:cb:
27:72:55:7d:d8:5f:fc:b4:43:1c:84:fe:d4:1d:c9:
1a:2a:e0:91:18:3a:d8:f0:33:2d:5d:d1:55:81:df:
dc:10:af:1a:38:72:a5:e3:7c:ff:a3:d3:26:74:0c:
f3:55:c8:f2:a4:c9:ae:a9:5f:9e:cc:9f:eb:b8:65:
02:59:c4:0b:54:9d:a9:69:31:7d:cd:12:7b:61:0b:
7a:c2:77:28:a5:b2:9b:2c:7a:19:43:92:f3:92:dd:
32:f3:b6:c1:8a:66:b8:9c:5e:80:69:8d:81:54:e7:
cf:70:52:70:dd:33:ce:38:d8:4f:1f:7f:1b:be:b6:
f5:e9:c6:0a:6d:fe:e0:f5:76:13:5f:d9:fa:d3:f0:
4d:a2:2d:59:2b:3c:e2:6f:33:51:51:ec:8d:8d:be:
bf:40:c3:ea:7e:87:b2:08:4c:66:3a:b5:db:7c:90:
01:3f:61:b0:81:95:6a:c4:0f:b4:38:94:15:26:22:
02:b6:50:ea:c3:60:09:7d:45:24:fe:92:c8:54:f3:
72:ff:16:81:60:ec:7d:7d:c8:f2:bd:24:4f:b6:2c:
2d:fd:88:bd:2a:8b:4b:67:24:b1:00:f8:f1:c9:4f:
a3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:43:6D:75:C8:3D:BA:D8:F2:43:9A:BB:F0:BC:39:38:E0:EF:5F:2B
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/SUNtdcg9utjyQ5q78Lw5OODvXys.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
74:3d:d3:62:07:0d:5d:df:ce:a3:b3:f3:68:e1:fb:5b:71:93:
63:10:7f:90:ac:18:8a:a8:6b:b2:64:5b:e0:d8:68:7b:ae:32:
ae:ee:df:3e:bc:64:15:90:a2:ac:8d:d0:2b:8d:99:06:0c:cf:
47:e2:98:43:cb:35:62:6c:54:74:50:fa:4e:ab:38:99:ae:b2:
f1:4e:e4:2b:99:2f:d7:88:f8:a5:d0:65:b8:d6:80:9d:39:50:
6e:c9:29:44:be:01:1b:78:e9:35:6f:30:fb:73:c3:9e:e5:39:
9e:4f:64:e5:7e:ce:69:50:26:4d:6c:db:0d:c8:70:c2:99:36:
0e:f7:c1:d0:fb:52:bd:44:bf:57:69:bf:c8:f9:a4:a8:42:4e:
b3:2f:8d:28:eb:94:c6:66:fa:df:a2:d2:8d:bc:51:cf:95:ec:
18:e1:e8:d0:8d:23:26:40:fa:94:c3:36:79:00:05:04:2b:94:
d1:53:8e:a3:f9:02:75:d5:74:bc:0f:84:f6:75:c6:19:dc:30:
a6:41:7a:b5:2e:cb:59:3f:2c:5b:0f:e7:e9:4d:15:15:bc:a4:
b7:b5:ed:4f:60:11:ef:09:48:46:7e:a5:7e:49:3b:90:89:34:
2f:57:c9:ee:70:5c:cd:a9:99:86:d9:dc:07:3f:16:21:be:bf:
56:55:11:5d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRZgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMzEw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQ5NDM2RDc1QzgzREJB
RDhGMjQzOUFCQkYwQkMzOTM4RTBFRjVGMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZdWXi3lzEItyJIooX+GqCrqCerM2phVrFaV1FyydyVX3YX/y0
QxyE/tQdyRoq4JEYOtjwMy1d0VWB39wQrxo4cqXjfP+j0yZ0DPNVyPKkya6pX57M
n+u4ZQJZxAtUnalpMX3NEnthC3rCdyilspssehlDkvOS3TLztsGKZricXoBpjYFU
589wUnDdM8442E8ffxu+tvXpxgpt/uD1dhNf2frT8E2iLVkrPOJvM1FR7I2Nvr9A
w+p+h7IITGY6tdt8kAE/YbCBlWrED7Q4lBUmIgK2UOrDYAl9RST+kshU83L/FoFg
7H19yPK9JE+2LC39iL0qi0tnJLEA+PHJT6MXAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUSUNtdcg9utjyQ5q78Lw5OODvXyswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9TVU50ZGNnOXV0anlRNXE3OEx3NU9PRHZYeXMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AHQ902IHDV3fzqOz82jh+1txk2MQf5CsGIqoa7JkW+DYaHuuMq7u3z68ZBWQoqyN
0CuNmQYMz0fimEPLNWJsVHRQ+k6rOJmusvFO5CuZL9eI+KXQZbjWgJ05UG7JKUS+
ARt46TVvMPtzw57lOZ5PZOV+zmlQJk1s2w3IcMKZNg73wdD7Ur1Ev1dpv8j5pKhC
TrMvjSjrlMZm+t+i0o28Uc+V7Bjh6NCNIyZA+pTDNnkABQQrlNFTjqP5AnXVdLwP
hPZ1xhncMKZBerUuy1k/LFsP5+lNFRW8pLe17U9gEe8JSEZ+pX5JO5CJNC9Xye5w
XM2pmYbZ3Ac/FiG+v1ZVEV0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:51 2023 by rpki-client on console-ams.rpki-client.org