Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/nycSGKKN-A1Kxg9-5xomdNDcF4w.roa
File: nycSGKKN-A1Kxg9-5xomdNDcF4w.roa (raw, json)
Hash identifier: 60UgSB5GaysbtGANbArKS1+VrEIbpjapsW2gI+vNbuU=
Subject key identifier: 9F:27:12:18:A2:8D:F8:0D:4A:C6:0F:7E:E7:1A:26:74:D0:DC:17:8C
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 474A
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nycSGKKN-A1Kxg9-5xomdNDcF4w.roa
Signing time: Sun 01 May 2022 00:30:08 +0000
ROA not before: Sun 01 May 2022 00:30:08 +0000
ROA not after: Sat 01 Apr 2023 22:21:14 +0000
asID: 47065
IP address blocks: 45.132.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18250 (0x474a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: May 1 00:30:08 2022 GMT
Not After : Apr 1 22:21:14 2023 GMT
Subject: CN=9F271218A28DF80D4AC60F7EE71A2674D0DC178C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:10:15:0d:62:a4:5e:a3:2a:1b:ff:7e:6d:
62:b2:0c:1f:29:c8:d9:b1:28:0a:9e:58:9e:04:0e:
a4:89:8c:22:b8:03:13:78:a9:61:f9:ec:fb:aa:3c:
45:1b:6f:28:67:c2:89:6a:c4:e3:68:cf:21:84:ba:
5e:93:72:ab:10:3d:1e:20:f4:12:f3:e4:fc:d2:ee:
c8:89:0a:4e:05:2f:7f:24:37:ac:86:05:24:97:12:
7d:5f:e0:c0:b4:20:a2:04:7d:9b:9e:5f:d3:9a:5c:
e3:45:2c:ce:60:c5:0e:77:29:15:da:64:97:00:f6:
10:4c:fb:4d:d5:9f:8a:85:37:91:31:58:a4:57:db:
09:c1:90:e7:99:a0:7c:58:86:36:15:93:7b:67:bb:
f7:3b:88:b9:ae:10:97:9e:91:ce:03:56:b3:e0:e6:
98:00:ef:b8:a2:29:c2:ec:06:3f:7a:55:9b:4c:11:
f2:e2:4e:ba:c1:ea:44:ca:f0:33:fd:a1:16:b4:ef:
2b:a8:e9:2a:bd:ee:30:c3:d2:c1:51:31:d6:e3:74:
5d:07:96:07:68:e5:c0:5a:57:37:e0:f8:5f:76:1d:
68:d8:cc:f7:ea:1f:d4:bb:54:ff:e0:a4:cd:70:13:
9b:4c:b1:37:d2:df:16:a9:41:5c:fa:b8:8d:be:7b:
93:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:27:12:18:A2:8D:F8:0D:4A:C6:0F:7E:E7:1A:26:74:D0:DC:17:8C
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nycSGKKN-A1Kxg9-5xomdNDcF4w.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.189.0/24
Signature Algorithm: sha256WithRSAEncryption
45:16:59:79:92:bc:1a:82:62:80:16:d7:47:42:bd:8b:62:24:
65:76:4e:6f:ca:07:24:cb:9d:61:80:8d:dc:bc:4e:29:57:40:
7e:43:40:1e:eb:0f:f9:1f:a3:ab:c6:2c:f3:9d:c6:20:a0:7d:
ba:c0:fb:02:73:1d:31:d5:71:9a:38:03:2c:45:47:31:4e:31:
6c:4d:b4:7a:e6:33:fe:3b:1d:d3:57:ae:63:22:47:f9:8e:51:
3d:0c:8a:7e:83:e4:ea:13:a7:ea:c4:da:45:ba:31:59:f3:73:
4c:57:d6:86:5d:73:13:e9:07:2d:98:fa:0e:53:5d:7f:f4:9b:
2e:9f:da:85:3f:2d:31:af:b2:f8:3e:c2:28:ec:d7:18:af:3c:
ff:aa:71:fd:0c:91:4d:04:f3:7d:50:02:c2:18:da:81:51:58:
a0:2b:37:5a:e8:e5:a6:76:7f:7c:d4:f5:7d:f3:51:89:fa:e1:
99:d9:6b:e0:78:4d:95:69:81:0d:b8:b2:c0:cb:f5:88:f2:45:
a0:16:94:c0:9c:d8:c1:0e:6a:af:c1:a8:f9:fa:51:d3:43:ca:
44:37:05:05:e4:05:00:4d:a9:40:8d:7f:c3:74:b8:d9:d4:94:
90:14:32:04:50:c7:9c:59:d4:77:60:c0:c0:6a:ce:ce:c0:2e:
07:38:16:3a
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICR0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA1MDEw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDlGMjcxMjE4QTI4REY4
MEQ0QUM2MEY3RUU3MUEyNjc0RDBEQzE3OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqyBAVDWKkXqMqG/9+bWKyDB8pyNmxKAqeWJ4EDqSJjCK4AxN4
qWH57PuqPEUbbyhnwolqxONozyGEul6TcqsQPR4g9BLz5PzS7siJCk4FL38kN6yG
BSSXEn1f4MC0IKIEfZueX9OaXONFLM5gxQ53KRXaZJcA9hBM+03Vn4qFN5ExWKRX
2wnBkOeZoHxYhjYVk3tnu/c7iLmuEJeekc4DVrPg5pgA77iiKcLsBj96VZtMEfLi
TrrB6kTK8DP9oRa07yuo6Sq97jDD0sFRMdbjdF0Hlgdo5cBaVzfg+F92HWjYzPfq
H9S7VP/gpM1wE5tMsTfS3xapQVz6uI2+e5NJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUnycSGKKN+A1Kxg9+5xomdNDcF4wwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ueWNTR0tLTi1BMUt4ZzktNXhvbWRORGNGNHcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AEUWWXmSvBqCYoAW10dCvYtiJGV2Tm/KByTLnWGAjdy8TilXQH5DQB7rD/kfo6vG
LPOdxiCgfbrA+wJzHTHVcZo4AyxFRzFOMWxNtHrmM/47HdNXrmMiR/mOUT0Min6D
5OoTp+rE2kW6MVnzc0xX1oZdcxPpBy2Y+g5TXX/0my6f2oU/LTGvsvg+wijs1xiv
PP+qcf0MkU0E831QAsIY2oFRWKArN1ro5aZ2f3zU9X3zUYn64ZnZa+B4TZVpgQ24
ssDL9YjyRaAWlMCc2MEOaq/BqPn6UdNDykQ3BQXkBQBNqUCNf8N0uNnUlJAUMgRQ
x5xZ1HdgwMBqzs7ALgc4Fjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org