Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
File: 25d6c805-f312-4cce-8017-ebfd2169880d.roa (raw, json)
Hash identifier: +IJrgG9uViNry4as7HT5wmh9VMPaGlQATSGccIcvWE0=
Subject key identifier: 1D:D4:C6:2B:9E:DD:CE:8B:EE:7B:23:58:84:7C:AE:D1:0E:4D:A3:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 392E8A036AB820BB455A90E713C60C72106CAF78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
Signing time: Tue 01 Apr 2025 15:01:03 +0000
ROA not before: Tue 01 Apr 2025 15:01:03 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:2e:8a:03:6a:b8:20:bb:45:5a:90:e7:13:c6:0c:72:10:6c:af:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:03 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=359f44a5335a8c5242e1f5e4bab5200f9be104fab884fae696206cc7d21aafc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:17:f5:3c:31:09:d9:e9:b3:13:0f:42:e0:65:
10:a8:0d:04:53:6f:7b:f3:29:ad:df:c6:c5:f6:95:
1e:d5:be:c0:f5:f3:06:36:31:e2:bc:19:fd:a1:21:
2b:f2:d8:ef:54:42:df:dd:4b:27:3c:4e:0e:cc:0d:
cf:2f:4e:fc:6a:94:0d:88:94:fd:eb:75:86:dc:8e:
42:93:3e:f3:fb:f3:b2:44:fa:44:49:84:fa:a5:e6:
90:97:34:b5:86:57:92:c9:31:59:de:a3:14:cd:be:
a0:1e:68:44:97:69:98:71:2d:0d:92:5a:5d:1e:e1:
56:aa:24:35:13:33:eb:07:f5:e0:6f:ef:be:bf:2b:
41:a5:f8:90:33:83:b1:5d:4d:d2:80:2b:23:27:ca:
a7:78:8d:1e:45:57:f5:b1:e9:32:6f:6d:1e:b3:c3:
c3:26:0c:30:7a:06:37:5c:f7:59:71:eb:fe:f4:f9:
70:b9:13:5e:1a:af:1e:ed:0d:8d:c2:90:44:c6:37:
4b:72:2c:64:ee:0f:d1:9a:c0:bb:4f:61:22:01:c5:
35:32:66:88:1e:22:1b:87:d1:c7:42:54:94:3d:f5:
24:34:e6:fb:73:19:17:ba:ff:df:78:33:d5:c7:81:
7d:6f:d5:e0:28:2e:a5:70:ca:59:50:07:70:9c:26:
39:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D4:C6:2B:9E:DD:CE:8B:EE:7B:23:58:84:7C:AE:D1:0E:4D:A3:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
31:93:3c:1d:d3:5a:65:b8:ca:b1:f4:db:a6:28:83:d1:4a:25:
e6:63:67:4c:06:94:6d:c1:55:b5:9b:17:c9:9c:f2:1b:71:f6:
13:81:70:94:50:59:42:34:24:16:a2:43:a3:8d:c3:cd:67:85:
40:c8:b4:01:21:95:f1:1f:45:90:eb:c8:78:a7:b3:e3:2f:ed:
ee:60:56:76:47:d1:17:38:8f:fd:bf:19:d6:32:6d:85:23:be:
3c:bc:1d:63:b7:f0:e7:35:d5:81:70:d0:a1:b3:df:0f:4a:c0:
b1:02:44:df:6e:fe:ff:bc:ed:4d:fe:f8:21:f4:5f:ce:f0:ee:
91:80:54:f1:b8:3d:d6:c4:93:c9:e4:bd:b5:b6:e5:11:b1:91:
01:d1:be:52:c8:f4:a4:13:11:86:2d:18:e5:c1:81:9e:33:32:
53:81:db:44:bd:7c:0f:63:41:a1:0a:b3:63:6a:2d:23:b0:b9:
49:83:2d:39:df:e3:15:69:2e:1a:f7:32:d6:93:27:88:71:83:
f4:0f:f6:25:19:d6:b2:fb:6f:ed:6d:fc:ad:57:ce:4c:ae:ce:
4f:1d:e0:02:ec:59:6c:ef:6e:9f:9f:30:71:d0:6e:81:b6:7a:
d9:ed:4f:f6:2c:12:71:1e:2c:80:e7:58:bc:a0:ea:3b:27:a4:
90:b8:14:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOS6KA2q4ILtFWpDnE8YMchBsr3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMDNaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1OWY0NGE1MzM1YThjNTI0MmUxZjVlNGJhYjUyMDBmOWJlMTA0ZmFiODg0
ZmFlNjk2MjA2Y2M3ZDIxYWFmYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEX9TwxCdnpsxMPQuBlEKgNBFNve/Mprd/GxfaVHtW+wPXzBjYx4rwZ/aEh
K/LY71RC391LJzxODswNzy9O/GqUDYiU/et1htyOQpM+8/vzskT6REmE+qXmkJc0
tYZXkskxWd6jFM2+oB5oRJdpmHEtDZJaXR7hVqokNRMz6wf14G/vvr8rQaX4kDOD
sV1N0oArIyfKp3iNHkVX9bHpMm9tHrPDwyYMMHoGN1z3WXHr/vT5cLkTXhqvHu0N
jcKQRMY3S3IsZO4P0ZrAu09hIgHFNTJmiB4iG4fRx0JUlD31JDTm+3MZF7r/33gz
1ceBfW/V4CgupXDKWVAHcJwmOf0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQd1MYr
nt3Oi+57I1iEfK7RDk2jJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkNmM4MDUtZjMxMi00Y2NlLTgwMTctZWJmZDIxNjk4ODBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQAxkzwd01pluMqx9NumKIPRSiXmY2dMBpRtwVW1
mxfJnPIbcfYTgXCUUFlCNCQWokOjjcPNZ4VAyLQBIZXxH0WQ68h4p7PjL+3uYFZ2
R9EXOI/9vxnWMm2FI748vB1jt/DnNdWBcNChs98PSsCxAkTfbv7/vO1N/vgh9F/O
8O6RgFTxuD3WxJPJ5L21tuURsZEB0b5SyPSkExGGLRjlwYGeMzJTgdtEvXwPY0Gh
CrNjai0jsLlJgy053+MVaS4a9zLWkyeIcYP0D/YlGday+2/tbfytV85Mrs5PHeAC
7Fls726fnzBx0G6BtnrZ7U/2LBJxHiyA51i8oOo7J6SQuBT6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net