Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
File: 1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa (raw, json)
Hash identifier: k3n2t/SW7ieYJkXquHJ5XCMvjVoCv19UxgGl3GAeLA0=
Subject key identifier: 61:52:DF:EB:BE:FD:A5:AF:79:E3:8C:19:44:56:D4:C9:FD:2F:2F:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58C3DA9CDD62FBAACBB3AFA7509BF5BB97C35658
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
Signing time: Mon 31 Mar 2025 19:01:05 +0000
ROA not before: Mon 31 Mar 2025 19:01:05 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:c3:da:9c:dd:62:fb:aa:cb:b3:af:a7:50:9b:f5:bb:97:c3:56:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:01:05 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=52b0c26b8e7e3fcbc4c59eafe800680d0e4f79c7ece923d8cfb33ca88431cca1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:de:40:28:68:6a:0d:f9:22:cd:37:05:a7:
fb:47:f7:68:91:b3:22:31:4a:8b:36:8a:d3:8b:95:
6d:75:1e:3c:51:39:3f:22:cc:f1:f1:5e:e0:d3:a7:
6e:e9:de:77:26:38:53:ce:4f:f4:44:f6:64:c0:d4:
48:4b:5c:3f:e2:50:01:73:88:39:37:b6:85:5f:c9:
5a:96:a2:00:f8:81:90:8e:84:8c:3b:5e:52:c9:72:
96:10:4a:b2:f3:ea:56:90:c5:ca:59:89:81:40:31:
c3:3e:75:9c:36:86:98:c8:9a:ff:95:78:a3:e4:59:
5d:ce:4e:0b:f5:94:8b:d2:75:b4:7e:8e:83:07:e1:
2e:82:a2:3f:a9:55:87:2b:b8:35:6d:cb:81:7f:61:
55:ec:34:77:3d:3a:54:8e:da:6d:38:28:15:79:65:
aa:23:37:21:47:4d:28:8b:3d:24:6e:de:2b:67:70:
a9:33:da:8c:47:cc:12:10:92:92:54:ab:89:35:e4:
be:28:05:42:62:1b:51:e9:7b:d2:a2:20:27:45:4f:
aa:0b:6c:d1:a4:9a:5c:a0:f2:ee:fa:e5:07:64:89:
0d:ae:43:78:56:fe:9a:c5:3e:93:88:77:52:d2:a0:
46:b8:d3:c0:77:7b:ed:11:ee:05:9d:32:2c:27:03:
b8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:52:DF:EB:BE:FD:A5:AF:79:E3:8C:19:44:56:D4:C9:FD:2F:2F:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c080::/48
Signature Algorithm: sha256WithRSAEncryption
7d:4a:9b:90:a3:d4:63:30:92:b4:08:67:db:11:60:cd:be:3f:
52:d9:47:3c:15:28:9d:58:3c:de:c1:01:53:71:3a:1c:cd:cc:
52:2e:34:67:8a:65:7e:6e:6a:eb:d6:b9:5b:38:a9:c4:47:de:
ff:94:6e:21:18:fc:dd:5d:44:61:09:69:44:40:4e:cd:94:2b:
7e:62:3e:d9:9f:66:09:1e:89:16:62:a4:45:4b:ba:91:ec:11:
aa:93:0b:06:2f:a2:63:c8:18:ac:eb:71:fe:fe:5c:ce:c9:15:
72:3c:f7:a9:37:1b:20:ad:3c:e0:9e:66:7a:f1:40:07:56:7a:
b0:d3:77:85:ea:54:bd:6b:d4:e6:58:92:1a:45:2c:70:4b:d1:
84:28:15:55:5c:e6:04:30:11:d9:b1:7c:5a:a1:e2:ae:20:d3:
a4:b0:9d:5a:64:05:a5:cc:86:7a:4b:95:a0:97:76:41:e7:bb:
85:9d:f0:4c:38:d9:1b:75:51:30:29:17:f5:4d:51:64:58:c7:
73:ce:fe:31:06:fe:fe:ca:37:e2:9a:84:74:6a:ca:aa:51:80:
6f:30:26:ed:7a:ed:3f:8c:f7:3f:43:51:62:b1:6f:5d:40:d9:
05:da:12:37:51:0b:86:8b:90:04:e9:26:a1:33:05:67:53:01:
43:25:58:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWMPanN1i+6rLs6+nUJv1u5fDVlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAxMDVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYjBjMjZiOGU3ZTNmY2JjNGM1OWVhZmU4MDA2ODBkMGU0Zjc5YzdlY2U5
MjNkOGNmYjMzY2E4ODQzMWNjYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg23kAoaGoN+SLNNwWn+0f3aJGzIjFKizaK04uVbXUePFE5PyLM8fFe4NOn
bunedyY4U85P9ET2ZMDUSEtcP+JQAXOIOTe2hV/JWpaiAPiBkI6EjDteUslylhBK
svPqVpDFylmJgUAxwz51nDaGmMia/5V4o+RZXc5OC/WUi9J1tH6OgwfhLoKiP6lV
hyu4NW3LgX9hVew0dz06VI7abTgoFXllqiM3IUdNKIs9JG7eK2dwqTPajEfMEhCS
klSriTXkvigFQmIbUel70qIgJ0VPqgts0aSaXKDy7vrlB2SJDa5DeFb+msU+k4h3
UtKgRrjTwHd77RHuBZ0yLCcDuJMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRhUt/r
vv2lr3njjBlEVtTJ/S8vNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjYzhkYjUtNDFiNi00MmZjLTllMmUtOTg1NDBhYWRkODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
gDANBgkqhkiG9w0BAQsFAAOCAQEAfUqbkKPUYzCStAhn2xFgzb4/UtlHPBUonVg8
3sEBU3E6HM3MUi40Z4plfm5q69a5WzipxEfe/5RuIRj83V1EYQlpREBOzZQrfmI+
2Z9mCR6JFmKkRUu6kewRqpMLBi+iY8gYrOtx/v5czskVcjz3qTcbIK084J5mevFA
B1Z6sNN3hepUvWvU5liSGkUscEvRhCgVVVzmBDAR2bF8WqHiriDTpLCdWmQFpcyG
ekuVoJd2Qee7hZ3wTDjZG3VRMCkX9U1RZFjHc87+MQb+/so34pqEdGrKqlGAbzAm
7XrtP4z3P0NRYrFvXUDZBdoSN1ELhouQBOkmoTMFZ1MBQyVYvQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net