Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: YURHx+hhWZX/XqN6gMDOMXVXUz4P+QXHzE8O3OpmxgA=
Subject key identifier: CF:66:42:D2:01:22:0B:3C:E9:E5:97:D2:45:15:AD:D0:91:E8:5A:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F6806F32305255B20219AD79E17800C9C3044D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Fri 11 Apr 2025 00:40:06 +0000
ROA not before: Fri 11 Apr 2025 00:40:06 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:68:06:f3:23:05:25:5b:20:21:9a:d7:9e:17:80:0c:9c:30:44:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 11 00:40:06 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=15139c79c7fce4877f561ebfea26990431ee06774b093dcfe593e301a56d0f5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:29:f7:5c:5a:75:b9:4d:df:c7:0d:2e:fe:a8:
19:25:ac:a4:4e:b3:3c:64:28:d3:2e:69:5a:bf:e1:
8d:11:2c:30:4e:fa:c7:c8:25:f2:1e:96:c1:b8:a1:
83:90:6e:54:4c:0f:3e:31:7a:37:7a:e8:c3:cd:54:
0a:1e:5e:ff:29:31:33:a5:e3:80:b5:80:05:3e:6a:
43:53:70:15:62:52:c5:73:e7:76:4b:6a:d8:90:6c:
37:57:2f:94:d3:79:9b:4e:e6:77:e8:a0:c7:5b:64:
f1:73:dd:19:52:69:e7:84:a9:69:51:ae:a7:84:b4:
65:22:04:92:12:71:86:be:7e:c6:e4:37:1f:bb:40:
6d:e3:20:5d:9a:49:31:19:07:4a:55:55:d5:d8:0b:
8f:69:d2:95:bb:1b:e4:e8:6d:e7:00:b1:5a:bc:a9:
58:f6:47:50:08:12:fe:01:b5:f1:8f:9a:66:2d:65:
ab:d9:d3:87:89:ab:c1:81:ef:fc:c3:e9:aa:bb:4c:
38:8e:7c:8d:de:cc:d6:cb:74:dd:28:5c:1d:3a:0f:
0d:e1:58:75:0f:e3:20:65:0b:85:15:4b:f5:44:fc:
e2:17:fe:37:97:22:34:80:f7:6c:ea:f0:da:8e:34:
66:5c:2b:43:1a:ef:93:bc:13:cc:49:18:88:76:78:
b1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:66:42:D2:01:22:0B:3C:E9:E5:97:D2:45:15:AD:D0:91:E8:5A:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
4e:c9:29:b9:85:bd:61:3b:fe:a5:77:10:09:7a:7c:0e:ba:46:
1f:52:74:99:62:da:1c:8d:33:16:d6:53:8a:15:5d:24:f1:4c:
5d:8d:17:df:e8:99:d8:22:f7:02:2b:d4:89:a9:91:e1:fe:11:
2e:7e:74:f2:6f:67:e8:ed:6b:fe:0b:37:83:d2:38:dc:8e:81:
eb:3d:b5:d1:59:b3:2c:90:df:41:01:20:e0:a9:fb:d8:88:9c:
f8:d5:61:e7:8f:c8:ef:92:a4:a5:9f:8e:25:30:dc:68:0b:8d:
5a:01:36:94:9a:8e:e5:95:21:5a:c6:55:14:38:0e:ee:be:1a:
b0:76:fd:c1:3e:38:16:ec:ab:d0:0c:ea:47:da:39:be:03:72:
f0:26:ff:8d:31:f9:76:a0:bc:84:14:39:de:f6:f0:99:79:20:
31:7a:63:3e:50:b7:65:38:86:29:50:35:27:48:42:10:00:d4:
a6:e6:db:76:84:04:33:87:dd:8f:26:d7:27:90:93:42:af:c9:
cf:54:07:92:89:af:c2:f7:e8:c9:58:6a:bd:5c:68:83:0b:83:
d4:e2:d3:2b:cd:47:e1:42:4d:2c:f2:01:14:6c:d3:02:3a:be:
c7:9c:77:0c:0f:76:28:c6:5e:a1:f8:56:7c:b8:ed:c1:bb:3b:
83:5a:1e:15
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUX2gG8yMFJVsgIZrXnheADJwwRNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTEwMDQwMDZaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MTM5Yzc5YzdmY2U0ODc3ZjU2MWViZmVhMjY5OTA0MzFlZTA2Nzc0YjA5
M2RjZmU1OTNlMzAxYTU2ZDBmNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALop91xadblN38cNLv6oGSWspE6zPGQo0y5pWr/hjREsME76x8gl8h6Wwbih
g5BuVEwPPjF6N3row81UCh5e/ykxM6XjgLWABT5qQ1NwFWJSxXPndktq2JBsN1cv
lNN5m07md+igx1tk8XPdGVJp54SpaVGup4S0ZSIEkhJxhr5+xuQ3H7tAbeMgXZpJ
MRkHSlVV1dgLj2nSlbsb5Oht5wCxWrypWPZHUAgS/gG18Y+aZi1lq9nTh4mrwYHv
/MPpqrtMOI58jd7M1st03ShcHToPDeFYdQ/jIGULhRVL9UT84hf+N5ciNID3bOrw
2o40ZlwrQxrvk7wTzEkYiHZ4sQcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTPZkLS
ASILPOnll9JFFa3QkehaCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBAE7JKbmFvWE7/qV3EAl6fA66Rh9SdJli2hyNMxbW
U4oVXSTxTF2NF9/omdgi9wIr1ImpkeH+ES5+dPJvZ+jta/4LN4PSONyOges9tdFZ
syyQ30EBIOCp+9iInPjVYeePyO+SpKWfjiUw3GgLjVoBNpSajuWVIVrGVRQ4Du6+
GrB2/cE+OBbsq9AM6kfaOb4DcvAm/40x+XagvIQUOd728Jl5IDF6Yz5Qt2U4hilQ
NSdIQhAA1Kbm23aEBDOH3Y8m1yeQk0Kvyc9UB5KJr8L36MlYar1caIMLg9Ti0yvN
R+FCTSzyARRs0wI6vsecdwwPdijGXqH4Vny47cG7O4NaHhU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net