Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/aeroJBzapA8jFTgbghZbcYgguCY.roa
File: aeroJBzapA8jFTgbghZbcYgguCY.roa (raw, json)
Hash identifier: d6xMGZWaxY8YEk9h/kNbsDKnHpEXVbnL6KxLGXkE1ug=
Subject key identifier: 69:EA:E8:24:1C:DA:A4:0F:23:15:38:1B:82:16:5B:71:88:20:B8:26
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 44DF
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aeroJBzapA8jFTgbghZbcYgguCY.roa
Signing time: Fri 18 Mar 2022 00:30:10 +0000
ROA not before: Fri 18 Mar 2022 00:30:10 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17631 (0x44df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Mar 18 00:30:10 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=69EAE8241CDAA40F2315381B82165B718820B826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:94:c7:c1:08:ef:29:1f:9b:ac:41:d4:39:15:
b7:7e:62:d8:9e:4e:e6:08:a5:89:fa:89:f6:d1:90:
6b:32:c5:fa:f0:10:ce:12:8d:93:ae:cf:eb:dd:c4:
a7:71:ed:01:51:72:0f:87:0b:5a:f7:21:6c:ee:25:
11:fe:1a:09:e5:35:ca:fe:72:43:1b:b6:e2:e0:03:
b6:9b:c7:8d:20:da:d7:30:ee:56:95:88:16:42:1c:
58:f1:82:b5:22:6d:cd:28:bd:bd:a9:94:a3:82:c1:
10:71:01:53:68:77:fb:f1:63:d3:1a:92:98:cb:59:
3a:98:1e:28:bf:d8:ec:5a:96:ea:a7:c5:9d:5d:86:
ab:ed:e3:42:75:12:04:15:bd:79:d6:12:90:92:e0:
fb:6a:e0:91:a6:f1:d9:1f:2f:ca:97:e4:2b:5b:c0:
dc:2b:6d:73:e4:49:75:57:55:a6:12:3a:5c:6f:77:
bc:aa:61:32:db:7c:3c:05:5e:df:e1:83:f1:de:a7:
c6:41:5c:d2:86:70:5d:a5:ff:19:08:1e:0e:fb:f4:
4e:52:f9:6a:ce:ba:ce:10:26:df:c4:cf:37:0a:bf:
88:df:1d:6d:e0:a4:59:21:f1:62:a6:51:8d:76:de:
05:f4:32:c2:77:40:e3:65:84:9a:c2:3a:04:74:91:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EA:E8:24:1C:DA:A4:0F:23:15:38:1B:82:16:5B:71:88:20:B8:26
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/aeroJBzapA8jFTgbghZbcYgguCY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:65:92:13:04:77:2f:23:a9:12:85:2e:c2:27:fe:b1:c0:59:
7a:5d:30:ed:ca:39:1b:55:0f:c8:40:28:b7:c4:35:e8:89:73:
51:57:f3:ec:da:8a:af:47:09:24:45:6a:76:b5:d6:49:39:6a:
8b:6e:50:72:03:00:3d:6f:67:b1:57:e1:6c:50:70:36:e8:6c:
10:85:80:6e:43:12:10:00:78:a5:7f:d4:86:bd:bd:ac:b1:cc:
5c:c5:04:3f:84:f0:44:e8:3a:6f:a4:03:47:d8:ca:a1:03:cd:
1e:e4:49:6d:fe:a7:2f:b9:eb:dd:f2:8a:ae:54:78:70:a8:35:
c3:34:8a:47:ab:cc:31:06:a9:57:92:74:eb:24:b5:c8:01:c8:
80:4b:25:28:a1:00:a4:9b:ac:23:18:d3:e3:b6:23:3c:88:25:
05:da:40:56:95:90:70:7a:da:2a:49:ca:56:46:38:14:ca:c8:
ef:33:69:26:bf:c7:6d:73:ec:f6:79:59:17:46:0c:c8:46:9c:
ca:cf:02:67:64:4b:f5:f2:d6:cc:da:3e:9f:55:44:b5:29:ca:
d5:4c:60:d4:10:2e:99:af:d9:66:04:5e:99:97:fc:e4:9c:2e:
b0:ec:e3:18:6e:46:ec:06:a9:f7:dd:6b:af:cb:15:ba:5b:70:
ad:22:da:d2
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTgw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDY5RUFFODI0MUNEQUE0
MEYyMzE1MzgxQjgyMTY1QjcxODgyMEI4MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+lMfBCO8pH5usQdQ5Fbd+YtieTuYIpYn6ifbRkGsyxfrwEM4S
jZOuz+vdxKdx7QFRcg+HC1r3IWzuJRH+GgnlNcr+ckMbtuLgA7abx40g2tcw7laV
iBZCHFjxgrUibc0ovb2plKOCwRBxAVNod/vxY9MakpjLWTqYHii/2OxaluqnxZ1d
hqvt40J1EgQVvXnWEpCS4Ptq4JGm8dkfL8qX5CtbwNwrbXPkSXVXVaYSOlxvd7yq
YTLbfDwFXt/hg/Hep8ZBXNKGcF2l/xkIHg779E5S+WrOus4QJt/EzzcKv4jfHW3g
pFkh8WKmUY123gX0MsJ3QONlhJrCOgR0kW1NAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUaeroJBzapA8jFTgbghZbcYgguCYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9hZXJvSkJ6YXBBOGpGVGdiZ2haYmNZZ2d1Q1kucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AB1lkhMEdy8jqRKFLsIn/rHAWXpdMO3KORtVD8hAKLfENeiJc1FX8+zaiq9HCSRF
ana11kk5aotuUHIDAD1vZ7FX4WxQcDbobBCFgG5DEhAAeKV/1Ia9vayxzFzFBD+E
8EToOm+kA0fYyqEDzR7kSW3+py+5693yiq5UeHCoNcM0ikerzDEGqVeSdOsktcgB
yIBLJSihAKSbrCMY0+O2IzyIJQXaQFaVkHB62ipJylZGOBTKyO8zaSa/x21z7PZ5
WRdGDMhGnMrPAmdkS/Xy1szaPp9VRLUpytVMYNQQLpmv2WYEXpmX/OScLrDs4xhu
RuwGqffda6/LFbpbcK0i2tI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org