Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17c361aa-9d23-48f1-8250-bc772fa7773a.roa
File: 17c361aa-9d23-48f1-8250-bc772fa7773a.roa (raw, json)
Hash identifier: Bz4irK/qci14NJc4mMinzdd04erhD44nU+lda4Ok1FM=
Subject key identifier: 92:8C:3E:53:01:76:12:25:A7:23:E2:99:52:12:1C:87:01:73:51:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79B495962597BAAE5DF54BD2DFB85743F370E87E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17c361aa-9d23-48f1-8250-bc772fa7773a.roa
Signing time: Mon 31 Mar 2025 19:11:10 +0000
ROA not before: Mon 31 Mar 2025 19:11:10 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:50c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b4:95:96:25:97:ba:ae:5d:f5:4b:d2:df:b8:57:43:f3:70:e8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:11:10 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=fd8c844e1a2a30d908eaec0581d7e03026f29fdbc96186ecfa43e0bbb2e24668, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:bb:95:0c:97:8a:9f:2f:3b:d1:ce:01:5c:
ba:23:12:47:0d:74:70:1c:d6:1f:8a:64:cd:1c:46:
92:25:0c:f1:8b:d3:45:fb:45:0b:3e:c1:21:bd:9e:
4f:86:64:00:d1:66:e9:4a:f8:19:78:84:d9:87:51:
df:17:7c:f7:3c:80:42:39:03:a9:aa:01:00:1a:f8:
07:c8:16:74:79:cb:eb:31:42:7d:f1:2b:ac:1b:31:
2f:87:38:7a:c0:d9:e0:7e:f0:f8:3c:56:9e:8e:2b:
f7:f4:3c:af:ad:f0:67:50:8c:d2:73:8c:50:95:4c:
d9:9e:05:b9:c4:7e:c0:20:ea:95:cd:59:d9:09:36:
80:8e:ee:ff:35:6a:e9:c1:db:fd:a1:a8:95:4a:9f:
1d:47:12:d9:3c:3b:c7:49:fc:5a:24:c2:c9:12:08:
2b:3b:bb:af:78:e1:03:92:b7:31:41:ba:24:9f:5e:
a1:be:a2:cb:cf:9c:21:1f:20:cf:3b:bb:f5:75:f6:
28:73:dd:8f:1d:14:cd:cd:f7:ca:02:fe:6c:3f:59:
f0:fd:05:42:cd:49:c0:aa:7e:05:f7:a7:ed:3f:1e:
e8:45:7c:f4:6e:3f:ea:02:dc:38:70:f4:b1:25:ca:
ea:76:0f:ba:1f:0c:9f:54:82:1c:66:d2:98:32:27:
a6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8C:3E:53:01:76:12:25:A7:23:E2:99:52:12:1C:87:01:73:51:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17c361aa-9d23-48f1-8250-bc772fa7773a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
04:8a:7c:a3:6f:7b:e8:75:c9:2f:5a:13:05:62:50:dd:4e:39:
25:79:62:7f:3d:5f:52:c7:ba:3c:3d:ab:8e:dc:1b:32:99:08:
4a:69:60:9d:43:07:dd:90:46:f5:62:e8:8a:ab:dd:32:3f:81:
59:4b:ee:94:e3:73:88:c7:2d:7a:42:ad:05:54:03:40:8e:c5:
45:72:43:1c:64:cf:e8:aa:30:06:47:d3:96:90:87:a6:a8:a9:
33:78:f1:73:6e:4e:89:82:fb:6d:62:50:0e:b6:a2:c1:47:88:
02:97:6e:2d:68:48:dd:48:31:80:c0:98:a5:25:41:32:19:e0:
da:84:f2:84:ae:39:6e:ac:16:ac:62:5a:31:db:e3:53:7d:8e:
54:3c:11:3f:d4:db:5f:9e:cc:78:2c:63:26:82:53:e6:61:e7:
24:b5:9a:54:3c:c8:b6:2e:7a:55:ef:6e:6b:2f:89:38:8b:f4:
f2:8d:71:2f:7b:40:b4:b1:c8:8c:f7:0d:44:f3:32:a2:1b:27:
84:bd:34:7f:ba:07:66:e0:ca:48:1d:af:02:f4:ca:14:9b:4a:
79:d4:b5:a6:bb:da:c7:8b:a1:5c:59:c2:9a:5c:ee:c0:b3:f5:
34:83:41:86:46:2b:2a:7f:04:79:b1:c8:c3:b8:68:34:66:cd:
50:bf:17:2f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUebSVliWXuq5d9UvS37hXQ/Nw6H4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTExMTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkOGM4NDRlMWEyYTMwZDkwOGVhZWMwNTgxZDdlMDMwMjZmMjlmZGJjOTYx
ODZlY2ZhNDNlMGJiYjJlMjQ2NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALERu5UMl4qfLzvRzgFcuiMSRw10cBzWH4pkzRxGkiUM8YvTRftFCz7BIb2e
T4ZkANFm6Ur4GXiE2YdR3xd89zyAQjkDqaoBABr4B8gWdHnL6zFCffErrBsxL4c4
esDZ4H7w+DxWno4r9/Q8r63wZ1CM0nOMUJVM2Z4FucR+wCDqlc1Z2Qk2gI7u/zVq
6cHb/aGolUqfHUcS2Tw7x0n8WiTCyRIIKzu7r3jhA5K3MUG6JJ9eob6iy8+cIR8g
zzu79XX2KHPdjx0Uzc33ygL+bD9Z8P0FQs1JwKp+Bfen7T8e6EV89G4/6gLcOHD0
sSXK6nYPuh8Mn1SCHGbSmDInprECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSjD5T
AXYSJacj4plSEhyHAXNRajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdjMzYxYWEtOWQyMy00OGYxLTgyNTAtYmM3NzJmYTc3NzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
wDANBgkqhkiG9w0BAQsFAAOCAQEABIp8o2976HXJL1oTBWJQ3U45JXlifz1fUse6
PD2rjtwbMpkISmlgnUMH3ZBG9WLoiqvdMj+BWUvulONziMctekKtBVQDQI7FRXJD
HGTP6KowBkfTlpCHpqipM3jxc25OiYL7bWJQDraiwUeIApduLWhI3UgxgMCYpSVB
Mhng2oTyhK45bqwWrGJaMdvjU32OVDwRP9TbX57MeCxjJoJT5mHnJLWaVDzIti56
Ve9uay+JOIv08o1xL3tAtLHIjPcNRPMyohsnhL00f7oHZuDKSB2vAvTKFJtKedS1
prvax4uhXFnCmlzuwLP1NINBhkYrKn8EebHIw7hoNGbNUL8XLw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net