Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
File: 1214f6bc-ac91-4e1b-ac85-14db120d0303.roa (raw, json)
Hash identifier: SjJOwn2adRjleOwweFNM8MZNG26vkRZ0irLpGS84cGU=
Subject key identifier: 5E:02:CC:28:64:17:FB:E2:CB:80:8D:66:3E:DC:6B:F0:C7:7A:D3:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D417427750715957025350F6994CCF93112A78C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
Signing time: Mon 31 Mar 2025 19:10:18 +0000
ROA not before: Mon 31 Mar 2025 19:10:18 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:41:74:27:75:07:15:95:70:25:35:0f:69:94:cc:f9:31:12:a7:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:10:18 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=33c5a3be0f9b6d98b736da100378cb8fd72d6df7a0613edb0c5f7a4b955a8bba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fb:00:dd:c8:52:0c:37:34:01:69:04:92:4d:
31:61:8f:da:00:d9:a8:ff:3e:95:49:4e:a7:26:61:
ec:a7:d2:5c:bb:8c:0c:53:57:eb:95:3e:f8:2b:ca:
cc:86:a9:92:32:b9:11:41:ef:82:40:23:dc:44:08:
72:3d:4e:f2:9b:ba:96:3b:d4:5b:f6:b7:7c:7e:86:
b9:73:db:a7:7b:c0:d6:dc:9b:ad:8e:b3:bb:96:d5:
6e:1e:a1:4b:8b:a2:63:d5:36:a0:38:55:cd:8d:90:
b6:e7:1d:18:c0:c2:96:63:8d:f4:2e:11:ee:6f:10:
1c:67:ce:16:f4:dc:4c:13:f5:60:02:23:a5:df:d9:
19:70:c6:51:13:24:77:ab:dd:74:7d:48:2c:64:1f:
b5:5f:fc:ce:49:b4:05:82:28:4c:11:25:f1:f1:b3:
e4:7b:86:e0:6d:89:8d:66:45:f5:b6:be:22:cd:10:
aa:ea:7c:11:2a:10:59:07:b1:f5:24:54:d1:a7:9e:
33:27:33:45:7a:b6:4f:12:28:c9:db:b5:42:29:33:
05:b5:8f:8b:98:d0:94:79:13:3a:1a:16:59:f8:fb:
fc:78:fb:7c:b3:ae:bd:49:9e:ce:b9:1a:d6:a4:89:
d7:08:1a:3a:c4:9c:b8:25:06:b8:74:e3:1f:ad:fd:
e4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:02:CC:28:64:17:FB:E2:CB:80:8D:66:3E:DC:6B:F0:C7:7A:D3:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a080::/48
Signature Algorithm: sha256WithRSAEncryption
2e:4e:1e:f9:42:e0:8e:81:a8:92:12:7e:10:bb:b1:91:83:f2:
c8:8d:d3:e3:e1:11:60:a0:3f:f2:7d:e3:0b:dd:d1:f5:9e:93:
75:d0:6c:60:42:dd:41:c5:b0:89:8e:78:5f:48:ba:0e:d5:d6:
53:25:bf:95:ff:f1:83:96:a8:7e:d7:ec:cf:27:7b:ae:2b:34:
b5:a0:8f:1c:2e:53:e8:47:06:4f:61:94:f1:40:60:fb:19:f1:
c8:a7:10:cb:6d:94:e8:da:c5:f8:01:f2:32:a5:31:40:40:53:
f4:c0:5c:66:e7:4b:88:bd:ae:33:e7:0d:f5:e0:c9:6b:0a:84:
d7:fd:b9:53:d7:35:fa:3a:aa:71:8d:78:ea:7a:ea:f7:c4:7b:
b2:fc:17:f9:ca:dc:c9:ba:c5:10:8d:64:5c:82:12:a7:89:bb:
11:b6:8e:7a:67:7f:ca:d3:02:e3:ca:26:b6:f0:b6:67:73:58:
82:2a:9d:90:16:e6:14:d5:8e:70:94:4e:51:db:dd:61:b3:c8:
80:96:a5:50:10:b1:41:4f:96:f0:82:1b:ce:47:78:3c:4b:2e:
01:ba:4f:c1:f5:de:47:da:48:81:a4:2b:7e:65:0f:ae:69:30:
80:7b:57:4b:7f:6a:e0:b1:5c:75:4b:46:4c:c6:ab:c4:32:68:
bd:f1:34:27
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXUF0J3UHFZVwJTUPaZTM+TESp4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTEwMThaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzYzVhM2JlMGY5YjZkOThiNzM2ZGExMDAzNzhjYjhmZDcyZDZkZjdhMDYx
M2VkYjBjNWY3YTRiOTU1YThiYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL7AN3IUgw3NAFpBJJNMWGP2gDZqP8+lUlOpyZh7KfSXLuMDFNX65U++CvK
zIapkjK5EUHvgkAj3EQIcj1O8pu6ljvUW/a3fH6GuXPbp3vA1tybrY6zu5bVbh6h
S4uiY9U2oDhVzY2QtucdGMDClmON9C4R7m8QHGfOFvTcTBP1YAIjpd/ZGXDGURMk
d6vddH1ILGQftV/8zkm0BYIoTBEl8fGz5HuG4G2JjWZF9ba+Is0Qqup8ESoQWQex
9SRU0aeeMyczRXq2TxIoydu1QikzBbWPi5jQlHkTOhoWWfj7/Hj7fLOuvUmezrka
1qSJ1wgaOsScuCUGuHTjH6395DMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReAswo
ZBf74suAjWY+3Gvwx3rTnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIxNGY2YmMtYWM5MS00ZTFiLWFjODUtMTRkYjEyMGQwMzAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSg
gDANBgkqhkiG9w0BAQsFAAOCAQEALk4e+ULgjoGokhJ+ELuxkYPyyI3T4+ERYKA/
8n3jC93R9Z6TddBsYELdQcWwiY54X0i6DtXWUyW/lf/xg5aoftfszyd7ris0taCP
HC5T6EcGT2GU8UBg+xnxyKcQy22U6NrF+AHyMqUxQEBT9MBcZudLiL2uM+cN9eDJ
awqE1/25U9c1+jqqcY146nrq98R7svwX+crcybrFEI1kXIISp4m7EbaOemd/ytMC
48omtvC2Z3NYgiqdkBbmFNWOcJROUdvdYbPIgJalUBCxQU+W8IIbzkd4PEsuAbpP
wfXeR9pIgaQrfmUPrmkwgHtXS39q4LFcdUtGTMarxDJovfE0Jw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net