Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: jt7454yKyEpE9AX/neAE51c4FQgA0iyWSXP2FbtfOtc=
Subject key identifier: F5:33:C0:0F:7C:7D:40:B5:50:A7:5B:D7:DE:79:39:75:CA:AA:62:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13D62208DAD74396E978068FAABEE208692A70D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Tue 01 Apr 2025 15:01:20 +0000
ROA not before: Tue 01 Apr 2025 15:01:20 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:d6:22:08:da:d7:43:96:e9:78:06:8f:aa:be:e2:08:69:2a:70:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:20 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=6c5d9e3af4ef7d9364403b3c85aab309aa4ec84f120102078c6b68dee3197790, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0c:79:97:03:81:9e:fc:94:1f:e3:a7:36:19:
9d:00:20:13:ca:7b:6c:09:3f:6d:71:cb:0a:80:60:
9b:11:95:fd:7b:d1:bc:45:45:7b:09:f2:fb:1f:56:
10:39:10:fc:23:38:4b:34:58:95:db:08:a0:29:c3:
64:4b:f9:c7:7b:fb:eb:03:af:42:92:cb:35:02:b0:
6f:ac:37:36:d0:20:28:2c:48:63:35:2a:97:ef:22:
38:61:2a:cf:92:cb:b9:14:14:ca:cd:70:21:ce:a8:
13:ba:64:76:75:10:4c:83:96:c4:11:c5:1e:d4:89:
2a:3a:0b:6f:f1:98:d8:ee:cd:51:3b:90:f2:8a:43:
10:0a:0a:46:81:68:59:ff:ec:45:88:9d:6d:73:69:
24:39:b2:7c:0a:21:4e:b6:72:50:1e:39:11:3c:62:
af:4c:8d:d3:97:fa:b0:05:09:8b:b2:88:cc:3c:af:
da:9a:70:7f:df:1a:b6:da:e6:70:26:77:52:99:08:
1f:c2:ae:b7:7c:20:61:f3:d9:68:86:e1:26:89:e5:
75:d3:83:23:de:28:32:59:95:41:ae:49:c3:a6:6d:
0d:01:bb:a5:57:c3:f4:e9:e6:66:b3:76:18:54:4e:
ea:b5:b0:3c:83:17:08:74:76:64:d4:7a:b8:ef:4f:
73:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:33:C0:0F:7C:7D:40:B5:50:A7:5B:D7:DE:79:39:75:CA:AA:62:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:6a:29:83:1d:a9:aa:2d:bc:63:b5:12:a8:a8:c1:d5:de:e5:
51:5f:ad:96:3d:fe:ff:5e:20:44:ee:93:26:36:72:c4:ed:38:
f4:07:64:ee:7f:3c:64:4f:5d:6a:4d:08:8e:14:95:7f:a1:ca:
71:7d:fc:ea:1f:72:5d:b5:33:06:91:c7:1a:cc:53:ea:19:ca:
1c:64:ad:ca:53:fc:b0:86:35:8f:fc:96:cb:87:aa:ab:fe:b6:
f6:4c:06:9f:61:e2:d5:9e:17:5b:51:9a:1b:18:e3:b7:b3:ad:
58:dd:de:26:c9:c6:73:e8:9d:7d:85:cc:a6:de:06:31:b9:0b:
af:80:e2:73:52:a3:ce:09:f6:36:80:a6:4f:6c:19:ca:b7:61:
97:99:20:fe:e9:72:31:aa:8c:fe:a5:25:03:90:16:c3:db:fc:
1f:37:95:5a:5f:f9:5e:ed:3a:3c:b2:a0:c3:28:62:9f:6c:ce:
48:c6:83:10:18:01:e8:10:f8:fb:1c:7e:21:37:ea:4c:dc:10:
16:81:ee:40:78:73:90:91:67:25:7a:ad:0a:d6:20:b9:3f:a7:
f1:5e:9a:9f:a7:16:3c:6f:e5:ac:74:84:8f:11:ec:81:d6:6e:
3c:37:e4:c8:90:a3:23:68:bc:47:97:1e:2e:68:af:5f:b5:b9:
75:2b:84:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE9YiCNrXQ5bpeAaPqr7iCGkqcNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMjBaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjNWQ5ZTNhZjRlZjdkOTM2NDQwM2IzYzg1YWFiMzA5YWE0ZWM4NGYxMjAx
MDIwNzhjNmI2OGRlZTMxOTc3OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUMeZcDgZ78lB/jpzYZnQAgE8p7bAk/bXHLCoBgmxGV/XvRvEVFewny+x9W
EDkQ/CM4SzRYldsIoCnDZEv5x3v76wOvQpLLNQKwb6w3NtAgKCxIYzUql+8iOGEq
z5LLuRQUys1wIc6oE7pkdnUQTIOWxBHFHtSJKjoLb/GY2O7NUTuQ8opDEAoKRoFo
Wf/sRYidbXNpJDmyfAohTrZyUB45ETxir0yN05f6sAUJi7KIzDyv2ppwf98attrm
cCZ3UpkIH8Kut3wgYfPZaIbhJonlddODI94oMlmVQa5Jw6ZtDQG7pVfD9OnmZrN2
GFRO6rWwPIMXCHR2ZNR6uO9Pc6MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1M8AP
fH1AtVCnW9feeTl1yqpiCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBuaimDHamqLbxjtRKoqMHV3uVRX62WPf7/XiBE
7pMmNnLE7Tj0B2TufzxkT11qTQiOFJV/ocpxffzqH3JdtTMGkccazFPqGcocZK3K
U/ywhjWP/JbLh6qr/rb2TAafYeLVnhdbUZobGOO3s61Y3d4mycZz6J19hcym3gYx
uQuvgOJzUqPOCfY2gKZPbBnKt2GXmSD+6XIxqoz+pSUDkBbD2/wfN5VaX/le7To8
sqDDKGKfbM5IxoMQGAHoEPj7HH4hN+pM3BAWge5AeHOQkWcleq0K1iC5P6fxXpqf
pxY8b+WsdISPEeyB1m48N+TIkKMjaLxHlx4uaK9ftbl1K4RL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net