Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09184572-5eb8-4abb-8e0f-53e9c90e9035.roa
File: 09184572-5eb8-4abb-8e0f-53e9c90e9035.roa (raw, json)
Hash identifier: q8L/IdMA+g44XhnUB9ztKBnZS2IW0+W2mNkGj9yT/d4=
Subject key identifier: D8:82:D9:C1:CD:46:40:DD:0E:6A:B2:7A:E2:FB:F3:66:6B:B4:9E:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DE8663B1EA31FBF4F98F1115DE00E91642E859B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09184572-5eb8-4abb-8e0f-53e9c90e9035.roa
Signing time: Mon 31 Mar 2025 19:31:06 +0000
ROA not before: Mon 31 Mar 2025 19:31:06 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e8:66:3b:1e:a3:1f:bf:4f:98:f1:11:5d:e0:0e:91:64:2e:85:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:31:06 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=6575e0b6147595f7ae98185a1a93602dcca844863d7b3d8e3f285014913d6444, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:38:98:9c:8d:f4:5a:45:81:b4:08:fb:6c:9c:
aa:96:80:fe:ba:ee:ed:c8:47:2c:52:55:2d:f9:cb:
12:3f:06:54:8a:4f:12:53:3d:9f:05:8f:46:c1:cf:
c5:d3:76:a3:c7:80:a5:29:54:f3:f7:ff:a0:d1:6f:
0f:e9:d5:40:ee:f9:b7:e7:09:42:c8:ef:6b:bd:db:
44:f4:57:f3:d1:13:01:37:09:df:03:34:ed:81:58:
8e:c7:42:6a:ba:19:2c:32:bc:8e:4e:f1:c4:0c:97:
6b:f9:19:04:ef:79:f9:3f:84:06:ab:7b:2a:e5:0b:
84:76:7b:83:a9:43:8b:c0:12:99:dc:e6:f4:66:8e:
11:7d:c8:ee:f0:95:59:5d:e9:94:2d:e5:88:20:3c:
a0:37:99:6a:f1:2f:e7:bd:99:2c:ac:8c:72:6e:64:
af:b5:cb:42:5b:18:18:63:75:87:72:a7:7e:44:d8:
d9:d9:39:12:2b:ed:df:2f:fb:e0:30:ab:0c:76:cc:
80:dd:34:8d:92:ee:64:b1:89:4b:93:3d:65:b0:67:
ab:eb:f7:a6:93:35:e7:f7:c2:cd:60:1e:b4:d6:44:
29:c4:35:86:87:74:42:c6:9a:29:52:41:a2:7f:17:
88:45:76:54:2b:17:19:a0:27:e1:03:d0:73:ca:c5:
9e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:82:D9:C1:CD:46:40:DD:0E:6A:B2:7A:E2:FB:F3:66:6B:B4:9E:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09184572-5eb8-4abb-8e0f-53e9c90e9035.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:64:1b:32:74:25:23:04:e7:16:8d:d9:c2:06:f3:13:87:e9:
21:ee:ae:38:66:a3:25:a1:1a:b8:7a:3b:d2:76:a3:03:91:7b:
df:5e:b0:52:d1:dc:d5:68:9b:44:9a:3b:cf:19:a8:00:bb:31:
21:5f:a7:21:4e:65:c7:f5:1a:11:d0:78:64:d4:07:3e:7e:fc:
92:f7:e1:1a:4c:ec:c3:0d:99:57:07:db:2e:7a:58:ce:d3:1e:
d2:bc:0d:2c:63:96:6f:38:9b:26:5c:dc:bc:b3:f4:86:ea:34:
12:85:2f:92:d3:bc:60:05:b6:5e:32:40:d6:c5:00:7b:b8:87:
b0:7f:67:86:74:93:a3:7e:a7:de:7c:d2:a5:b5:e9:08:28:44:
cc:e3:5f:32:cc:99:a2:a4:2f:2f:b2:b3:7a:d8:35:81:51:dc:
64:29:66:58:4c:43:66:66:06:fe:e6:f5:b7:76:16:4f:a1:ac:
5c:93:e7:38:2b:fa:2e:cd:e8:7c:77:e2:df:ea:aa:f3:b9:2b:
0b:8e:6f:d4:82:71:22:87:6e:e1:d8:86:c3:a8:f2:67:38:6a:
35:e2:a1:f0:59:6c:76:89:d6:cc:e0:10:f5:2d:b9:8e:9b:81:
39:57:c8:22:bb:e0:3e:ac:be:28:36:68:67:e9:06:46:0d:77:
ee:c7:ea:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfehmOx6jH79PmPERXeAOkWQuhZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTMxMDZaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NzVlMGI2MTQ3NTk1ZjdhZTk4MTg1YTFhOTM2MDJkY2NhODQ0ODYzZDdi
M2Q4ZTNmMjg1MDE0OTEzZDY0NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKs4mJyN9FpFgbQI+2ycqpaA/rru7chHLFJVLfnLEj8GVIpPElM9nwWPRsHP
xdN2o8eApSlU8/f/oNFvD+nVQO75t+cJQsjva73bRPRX89ETATcJ3wM07YFYjsdC
aroZLDK8jk7xxAyXa/kZBO95+T+EBqt7KuULhHZ7g6lDi8ASmdzm9GaOEX3I7vCV
WV3plC3liCA8oDeZavEv572ZLKyMcm5kr7XLQlsYGGN1h3KnfkTY2dk5Eivt3y/7
4DCrDHbMgN00jZLuZLGJS5M9ZbBnq+v3ppM15/fCzWAetNZEKcQ1hod0QsaaKVJB
on8XiEV2VCsXGaAn4QPQc8rFnvECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYgtnB
zUZA3Q5qsnri+/Nma7Se+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDkxODQ1NzItNWViOC00YWJiLThlMGYtNTNlOWM5MGU5MDM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqZBsydCUjBOcWjdnCBvMTh+kh7q44ZqMloRq4
ejvSdqMDkXvfXrBS0dzVaJtEmjvPGagAuzEhX6chTmXH9RoR0Hhk1Ac+fvyS9+Ea
TOzDDZlXB9sueljO0x7SvA0sY5ZvOJsmXNy8s/SG6jQShS+S07xgBbZeMkDWxQB7
uIewf2eGdJOjfqfefNKltekIKETM418yzJmipC8vsrN62DWBUdxkKWZYTENmZgb+
5vW3dhZPoaxck+c4K/ouzeh8d+Lf6qrzuSsLjm/UgnEih27h2IbDqPJnOGo14qHw
WWx2idbM4BD1LbmOm4E5V8giu+A+rL4oNmhn6QZGDXfux+pY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net