Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
File: 24b496aa-161c-4d5d-a9ca-3ba09772390a.roa (raw, json)
Hash identifier: +UhuZeTJzFeAmV1Ghi5e0gY3NFWU4oZ5KIm+aucqbi4=
Subject key identifier: 1E:E8:C7:9D:64:93:80:BC:A3:65:09:69:49:57:E1:A3:A8:C6:87:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1046AA27BC926EB1A1CDA565CC24FA17F25DA979
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
Signing time: Mon 31 Mar 2025 21:00:53 +0000
ROA not before: Mon 31 Mar 2025 21:00:53 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:46:aa:27:bc:92:6e:b1:a1:cd:a5:65:cc:24:fa:17:f2:5d:a9:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:00:53 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=0d4bf7479b6c66f90462785e224a73c26497b6e2171f92cfe65b77592038779f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e0:f9:ed:eb:dc:63:42:49:fa:70:9d:63:06:
4b:02:c3:70:34:ae:5f:f2:a5:7a:a4:e2:dc:7a:42:
0c:15:5e:d9:ca:ec:d9:db:d9:88:6d:7c:0a:7a:e9:
ee:dd:3d:0d:e8:5d:bf:ca:4a:c3:71:58:e9:79:27:
bc:9a:be:71:ec:0f:70:37:df:db:dc:3b:5e:5e:47:
25:2e:56:c2:75:a2:c7:06:28:23:11:2d:0c:ac:69:
3b:0b:65:98:2a:1d:ba:95:18:d2:8d:d2:f7:c9:2e:
a6:69:96:73:de:d0:34:3d:0d:68:25:43:10:1b:ce:
f4:aa:6f:b5:45:a3:1c:3e:9a:33:11:4a:bc:12:1d:
f4:aa:0f:40:3d:f9:dc:53:09:88:4a:d7:f0:d9:6c:
b7:d1:bc:e8:df:78:f7:7e:0b:45:0d:96:dc:58:16:
5e:c2:2d:1e:ad:fc:bc:3c:0a:5b:1e:7a:87:e0:74:
5b:da:2f:64:f2:53:dd:a4:63:3b:c1:92:12:d7:bf:
34:d3:fd:64:c7:a0:0a:ee:b5:69:9d:5a:87:e4:54:
a5:e1:60:f4:4f:26:5f:a4:ed:66:92:9c:48:1d:69:
ef:e6:37:3d:e9:eb:4f:b4:a7:14:33:5f:4e:2d:a7:
8d:91:88:d5:35:81:99:77:d4:18:9e:53:34:03:34:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E8:C7:9D:64:93:80:BC:A3:65:09:69:49:57:E1:A3:A8:C6:87:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:6000::/40
Signature Algorithm: sha256WithRSAEncryption
51:ad:06:ab:20:27:8b:38:35:3f:a3:f3:ac:75:6c:10:86:48:
7e:7e:e6:1e:ae:f0:10:16:79:58:81:df:b8:b4:f0:18:ca:53:
4f:88:ce:a4:7b:0e:00:74:e0:b0:86:57:06:ba:1a:3c:ea:0b:
21:92:97:78:79:b2:21:f0:bd:c0:19:eb:5c:13:03:e1:c9:7c:
c6:c4:d7:29:9c:f0:2f:1f:32:ec:03:e9:60:d1:15:83:a7:4d:
9e:3f:80:43:cc:cd:cb:24:15:35:50:b6:17:8d:0a:45:9c:58:
c3:bf:d4:35:2e:db:c4:a3:8d:b2:71:98:b0:47:d7:77:0b:b4:
d8:e1:4f:be:82:60:e4:6f:f3:9a:71:d7:8e:3e:d7:f6:0f:9f:
a4:1b:20:11:2b:68:b1:de:dc:36:1d:36:9a:c8:85:a5:9f:e4:
1e:21:8d:b3:1f:fa:81:34:86:4b:7d:1b:d8:60:b0:cb:13:a2:
80:2a:df:69:0c:72:ac:51:5d:f4:d0:fd:ee:dd:49:bc:f2:5f:
8b:f9:60:79:db:78:5b:e8:e0:f5:e0:8b:a0:75:fb:5b:30:49:
47:68:52:9b:cd:5b:cc:ef:44:d4:9e:9f:fc:6e:06:ed:93:d5:
c4:e9:50:93:7f:f5:33:b9:2c:5a:79:d3:03:65:57:58:c6:19:
18:81:e2:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEEaqJ7ySbrGhzaVlzCT6F/JdqXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTAwNTNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkNGJmNzQ3OWI2YzY2ZjkwNDYyNzg1ZTIyNGE3M2MyNjQ5N2I2ZTIxNzFm
OTJjZmU2NWI3NzU5MjAzODc3OWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMng+e3r3GNCSfpwnWMGSwLDcDSuX/KleqTi3HpCDBVe2crs2dvZiG18Cnrp
7t09Dehdv8pKw3FY6XknvJq+cewPcDff29w7Xl5HJS5WwnWixwYoIxEtDKxpOwtl
mCodupUY0o3S98kupmmWc97QND0NaCVDEBvO9KpvtUWjHD6aMxFKvBId9KoPQD35
3FMJiErX8Nlst9G86N94934LRQ2W3FgWXsItHq38vDwKWx56h+B0W9ovZPJT3aRj
O8GSEte/NNP9ZMegCu61aZ1ah+RUpeFg9E8mX6TtZpKcSB1p7+Y3PenrT7SnFDNf
Ti2njZGI1TWBmXfUGJ5TNAM0x+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQe6Med
ZJOAvKNlCWlJV+GjqMaHPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRiNDk2YWEtMTYxYy00ZDVkLWE5Y2EtM2JhMDk3NzIzOTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZg
MA0GCSqGSIb3DQEBCwUAA4IBAQBRrQarICeLODU/o/OsdWwQhkh+fuYervAQFnlY
gd+4tPAYylNPiM6kew4AdOCwhlcGuho86gshkpd4ebIh8L3AGetcEwPhyXzGxNcp
nPAvHzLsA+lg0RWDp02eP4BDzM3LJBU1ULYXjQpFnFjDv9Q1LtvEo42ycZiwR9d3
C7TY4U++gmDkb/OacdeOPtf2D5+kGyARK2ix3tw2HTaayIWln+QeIY2zH/qBNIZL
fRvYYLDLE6KAKt9pDHKsUV300P3u3Um88l+L+WB523hb6OD14IugdftbMElHaFKb
zVvM70TUnp/8bgbtk9XE6VCTf/UzuSxaedMDZVdYxhkYgeID
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net