Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: mapdtd/D3PGwniJHc4FrSrgnwlyx6qfWNy40UYDGcGw=
Subject key identifier: 20:35:50:45:93:B2:30:94:3F:9B:C0:DC:F7:DA:EC:E9:22:44:7F:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FF715F776AB82B18A23FC9979585093E2C0B29B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Mon 31 Mar 2025 21:20:59 +0000
ROA not before: Mon 31 Mar 2025 21:20:59 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:f7:15:f7:76:ab:82:b1:8a:23:fc:99:79:58:50:93:e2:c0:b2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:20:59 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=0a99623bd688c9e58c6f1b91ad3d32b8f4ec5aebe025257d986e994c2b17add5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:87:04:be:e4:c4:2b:28:c5:69:9b:5d:c3:a6:
4b:52:29:18:52:d9:cf:96:40:ca:3b:9b:0c:84:ec:
6d:b2:7f:68:7e:cf:aa:86:ee:8f:4f:da:e7:88:cb:
1f:ea:49:a9:df:6e:02:a3:0b:e1:ed:5d:25:55:a0:
fa:d0:07:50:47:07:e2:34:92:95:12:ac:d8:b3:83:
d9:2d:19:a9:87:4e:43:f2:11:ac:87:62:11:21:93:
ba:dd:20:aa:7b:1d:30:22:bf:54:63:41:f3:23:48:
99:a1:2d:7a:c0:d1:c9:56:45:62:ba:d3:98:f3:8c:
0f:64:4e:6d:99:c1:11:a0:1b:14:d2:b5:d0:20:30:
1a:12:a4:93:e0:54:bc:94:2a:57:60:3e:5a:8f:f7:
3e:97:e8:64:f8:a4:3f:79:a7:15:03:c3:3f:a1:42:
c5:e4:19:b5:f4:98:67:60:3a:ce:7c:ce:b3:f2:ff:
dc:fc:28:77:e3:fe:20:0c:ef:c0:46:54:2b:b6:cb:
0c:d1:df:21:f8:1c:2c:ab:0e:b1:8f:2b:bf:4e:09:
fd:78:48:c9:1b:dd:cc:26:58:f2:fd:2f:36:9b:1a:
fa:93:b6:1a:4f:8c:99:48:d7:ce:5f:88:ae:8b:64:
4a:48:65:50:7b:c1:fc:78:fe:dc:16:da:cc:18:08:
65:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:35:50:45:93:B2:30:94:3F:9B:C0:DC:F7:DA:EC:E9:22:44:7F:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
ae:5b:86:51:03:26:1b:33:44:eb:61:0d:c4:0a:ae:e9:e0:41:
31:99:a3:b1:c9:0a:10:a9:bd:93:af:3b:47:e4:57:7b:69:a4:
2e:61:fa:46:15:6f:ff:8a:8d:9b:d1:d5:b3:fe:76:55:03:bb:
14:7e:19:b5:11:28:f8:ce:08:3b:fd:2e:6c:47:ec:39:8e:0b:
65:60:93:c2:4d:09:f2:5d:d9:84:1b:69:b6:f5:0e:c0:f5:ca:
b0:29:f9:66:c1:b0:16:40:7a:f0:6d:2e:b7:5e:8a:e2:bf:44:
5e:76:a0:bd:27:57:e4:42:84:6d:cf:a5:8a:75:b7:ba:75:2d:
d1:34:71:4f:d7:f2:d2:bc:ae:1b:75:cb:78:1b:6b:c2:7d:1d:
e4:d5:74:1a:6b:1e:87:9e:07:74:c9:03:30:f5:07:33:76:2e:
01:4a:d9:20:47:a5:c2:86:51:fe:75:30:ab:9f:eb:3a:f3:94:
50:1a:52:84:a6:79:a6:47:04:42:af:1c:1d:f6:1c:94:0a:32:
d8:f2:b9:f5:fd:e2:c2:c7:a5:65:47:64:65:ac:68:45:23:e5:
20:85:88:12:be:66:2b:2b:c0:ec:5d:e2:55:77:07:a1:3c:9f:
c6:ef:06:2c:fb:0a:04:d0:82:d0:8d:7a:47:4a:fd:99:85:54:
77:eb:17:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT/cV93argrGKI/yZeVhQk+LAspswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIwNTlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhOTk2MjNiZDY4OGM5ZTU4YzZmMWI5MWFkM2QzMmI4ZjRlYzVhZWJlMDI1
MjU3ZDk4NmU5OTRjMmIxN2FkZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiHBL7kxCsoxWmbXcOmS1IpGFLZz5ZAyjubDITsbbJ/aH7Pqobuj0/a54jL
H+pJqd9uAqML4e1dJVWg+tAHUEcH4jSSlRKs2LOD2S0ZqYdOQ/IRrIdiESGTut0g
qnsdMCK/VGNB8yNImaEtesDRyVZFYrrTmPOMD2RObZnBEaAbFNK10CAwGhKkk+BU
vJQqV2A+Wo/3PpfoZPikP3mnFQPDP6FCxeQZtfSYZ2A6znzOs/L/3Pwod+P+IAzv
wEZUK7bLDNHfIfgcLKsOsY8rv04J/XhIyRvdzCZY8v0vNpsa+pO2Gk+MmUjXzl+I
rotkSkhlUHvB/Hj+3BbazBgIZcUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgNVBF
k7IwlD+bwNz32uzpIkR/PjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCuW4ZRAyYbM0TrYQ3ECq7p4EExmaOxyQoQqb2T
rztH5Fd7aaQuYfpGFW//io2b0dWz/nZVA7sUfhm1ESj4zgg7/S5sR+w5jgtlYJPC
TQnyXdmEG2m29Q7A9cqwKflmwbAWQHrwbS63Xoriv0RedqC9J1fkQoRtz6WKdbe6
dS3RNHFP1/LSvK4bdct4G2vCfR3k1XQaax6Hngd0yQMw9Qczdi4BStkgR6XChlH+
dTCrn+s685RQGlKEpnmmRwRCrxwd9hyUCjLY8rn1/eLCx6VlR2RlrGhFI+UghYgS
vmYrK8DsXeJVdwehPJ/G7wYs+woE0ILQjXpHSv2ZhVR36xcl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net