Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/nx9YA63Z4s6GPWYsogdW80bJgi4.roa
File: nx9YA63Z4s6GPWYsogdW80bJgi4.roa (raw, json)
Hash identifier: sKaAvr6yAMkS8LCS14zKdKZpOQcyvh0ffksd9NGaKk4=
Subject key identifier: 9F:1F:58:03:AD:D9:E2:CE:86:3D:66:2C:A2:07:56:F3:46:C9:82:2E
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 472D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nx9YA63Z4s6GPWYsogdW80bJgi4.roa
Signing time: Fri 29 Apr 2022 00:30:10 +0000
ROA not before: Fri 29 Apr 2022 00:30:10 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18221 (0x472d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Apr 29 00:30:10 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=9F1F5803ADD9E2CE863D662CA20756F346C9822E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:4e:ab:3c:83:cc:54:7e:77:1a:a8:59:04:
51:25:ff:a9:31:15:fc:ae:f5:82:72:62:6d:80:61:
e7:98:aa:b5:50:e1:d0:8c:46:71:8e:8a:02:00:9d:
26:2d:ea:c3:0a:d3:1e:91:bb:23:36:4f:3c:16:a0:
93:d8:2f:32:f8:6c:36:ad:3e:99:d5:b8:e8:d4:34:
b0:6c:9e:fb:cf:3e:20:a5:14:6d:fe:1f:c0:d4:4f:
77:f2:90:6c:f8:04:4c:5c:73:ef:bf:e5:93:ba:14:
15:c0:39:bb:ef:8a:d9:c8:24:d0:b9:64:6a:78:fc:
90:52:91:59:2d:cf:f2:e9:ed:92:8c:91:9b:b6:07:
a1:06:1f:24:6c:83:66:32:b0:49:e7:ac:0b:7a:c5:
4b:e4:12:95:af:4a:b8:c9:12:1a:7b:0d:88:cb:8e:
0a:71:1f:66:d9:b2:96:e3:fe:57:be:0c:b4:86:61:
84:b0:f0:db:a0:5e:4d:7f:ab:8c:fd:12:e4:53:dc:
28:db:c4:66:c6:00:58:21:56:de:60:01:06:7a:75:
6c:48:ec:71:68:d5:b2:e1:5a:86:ac:0d:d3:0e:50:
95:b8:0a:4e:68:da:12:b0:a8:ef:fd:e8:d1:58:33:
b9:48:04:99:b3:46:bc:a0:10:32:17:a1:25:ef:f4:
8f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1F:58:03:AD:D9:E2:CE:86:3D:66:2C:A2:07:56:F3:46:C9:82:2E
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nx9YA63Z4s6GPWYsogdW80bJgi4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:30:5e:cc:70:95:f2:8f:e5:53:35:e3:b4:38:1a:80:d8:0a:
78:1a:03:e8:fb:5d:f6:5d:ea:1e:be:7e:89:1c:7f:28:b3:97:
02:16:da:c4:04:2d:46:ad:b5:59:19:f4:0d:79:45:18:3f:67:
0a:bf:55:66:7f:d4:9b:95:1f:81:70:9c:0d:1e:26:f5:6b:0b:
ec:d9:6a:db:95:08:8f:b5:2e:56:46:53:4f:f7:ab:35:7c:60:
43:59:1c:20:49:65:9e:14:35:77:d8:38:c5:ce:fc:ab:78:d1:
c3:e7:0e:b1:4e:0a:5d:b5:35:7b:f3:a9:c5:13:c1:22:07:b1:
99:ab:bb:b1:3d:e4:25:09:11:33:4b:4a:4e:1c:12:5c:d4:fe:
de:c6:14:76:72:0d:42:63:4e:85:23:cc:06:dc:37:96:7c:63:
b8:28:f7:97:81:a5:75:d4:0c:36:8b:64:27:fa:21:1e:aa:a9:
d6:d1:b2:dc:79:48:f4:43:98:f8:3f:bb:5b:0e:ed:59:fe:2b:
0d:c7:f8:e0:4e:e4:c0:36:c9:bf:06:64:79:d2:19:2b:dd:84:
36:18:78:a7:82:f5:9e:ff:89:26:80:a7:74:05:ba:b7:9f:2f:
10:8a:31:8e:7a:8a:d0:db:c4:d3:dc:e4:54:58:35:99:19:49:
5e:aa:38:f6
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjkw
MDMwMTBaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDlGMUY1ODAzQUREOUUy
Q0U4NjNENjYyQ0EyMDc1NkYzNDZDOTgyMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9BE6rPIPMVH53GqhZBFEl/6kxFfyu9YJyYm2AYeeYqrVQ4dCM
RnGOigIAnSYt6sMK0x6RuyM2TzwWoJPYLzL4bDatPpnVuOjUNLBsnvvPPiClFG3+
H8DUT3fykGz4BExcc++/5ZO6FBXAObvvitnIJNC5ZGp4/JBSkVktz/Lp7ZKMkZu2
B6EGHyRsg2YysEnnrAt6xUvkEpWvSrjJEhp7DYjLjgpxH2bZspbj/le+DLSGYYSw
8NugXk1/q4z9EuRT3CjbxGbGAFghVt5gAQZ6dWxI7HFo1bLhWoasDdMOUJW4Ck5o
2hKwqO/96NFYM7lIBJmzRrygEDIXoSXv9I8pAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUnx9YA63Z4s6GPWYsogdW80bJgi4wHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ueDlZQTYzWjRzNkdQV1lzb2dkVzgwYkpnaTQucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ALQwXsxwlfKP5VM147Q4GoDYCngaA+j7XfZd6h6+fokcfyizlwIW2sQELUattVkZ
9A15RRg/Zwq/VWZ/1JuVH4FwnA0eJvVrC+zZatuVCI+1LlZGU0/3qzV8YENZHCBJ
ZZ4UNXfYOMXO/Kt40cPnDrFOCl21NXvzqcUTwSIHsZmru7E95CUJETNLSk4cElzU
/t7GFHZyDUJjToUjzAbcN5Z8Y7go95eBpXXUDDaLZCf6IR6qqdbRstx5SPRDmPg/
u1sO7Vn+Kw3H+OBO5MA2yb8GZHnSGSvdhDYYeKeC9Z7/iSaAp3QFurefLxCKMY56
itDbxNPc5FRYNZkZSV6qOPY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org