Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: Xwc+IiGwEkvz/ywx7vC7jNvfXeoaAkPwV8BUdo6sEPc=
Subject key identifier: 37:EF:43:EF:93:24:4E:6C:2D:9D:D1:CA:B8:AD:93:E5:20:B2:F5:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52DED298FEECDCC44A4BBBBB57180D7EAF69A3CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Mon 31 Mar 2025 21:21:21 +0000
ROA not before: Mon 31 Mar 2025 21:21:21 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:de:d2:98:fe:ec:dc:c4:4a:4b:bb:bb:57:18:0d:7e:af:69:a3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:21:21 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=8ee5c07595ea68ed4cbd9c2b0ae15be9fcdeaf8bf8bdbfdac0047154e0ba1cb7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fb:23:f6:4d:31:06:9e:62:6d:84:b4:ec:cf:
38:90:09:9f:f1:21:1c:11:c3:32:f2:57:d7:12:2c:
34:10:59:fe:1a:ef:fa:0b:42:e7:61:de:0e:d3:76:
7c:e3:12:24:31:81:11:77:10:12:e8:3b:0e:5f:a6:
1d:d3:76:86:cd:6f:6b:ba:69:4e:76:6e:56:31:6b:
52:b4:7e:79:53:a3:1e:bb:d7:51:0a:dd:da:c4:d0:
76:6d:73:5a:87:28:a6:2e:ed:a1:e2:53:5d:5a:0a:
38:14:9a:6a:65:07:3c:08:a7:d6:af:0b:d1:53:e4:
59:54:d1:69:34:3e:48:d2:3c:84:ab:5d:ec:62:20:
be:c7:31:48:1f:7c:4b:97:bb:a3:55:b1:21:13:79:
3a:dd:c6:3b:ee:c3:ba:d6:01:e2:64:22:94:a8:11:
44:e6:ae:e9:cc:21:59:85:24:69:df:19:53:af:ac:
20:56:55:8d:2c:70:09:ef:03:bf:88:3a:53:44:6e:
d9:71:35:8a:5a:49:cc:3e:5d:9d:df:20:5a:d7:ab:
e9:49:92:5d:e9:98:f2:14:b0:59:ee:3b:df:6a:f0:
26:04:b6:2e:44:52:ab:7e:b8:4f:4e:dc:a8:79:d2:
57:46:e8:34:67:eb:f9:22:c9:10:b8:4a:75:78:ee:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:EF:43:EF:93:24:4E:6C:2D:9D:D1:CA:B8:AD:93:E5:20:B2:F5:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
65:44:52:df:39:33:6b:b6:e4:dc:df:6e:6b:7f:d9:21:32:33:
59:f4:87:22:1d:e2:97:6b:d7:4a:7c:cd:7d:da:6c:5b:28:7a:
1b:9a:6c:79:da:b6:96:f4:cb:07:80:12:de:c4:0c:82:76:c2:
ee:60:95:eb:ea:c0:60:78:32:de:34:cd:ae:f1:c1:a5:79:da:
d4:10:08:e1:7b:52:a1:0b:2d:11:ac:62:20:14:77:f0:59:27:
1d:ef:fb:c2:68:c2:3a:7f:68:8a:3e:5d:4b:4e:29:c4:aa:04:
e9:24:ca:03:2f:be:5d:a2:a4:c1:a5:a2:2d:59:54:06:8c:cb:
cc:41:96:db:4e:fe:2f:6a:8d:c1:4f:2b:3b:38:f6:02:e8:d2:
58:c4:91:bd:36:1c:d2:ff:78:62:5b:73:55:65:d0:02:38:e6:
20:fe:f8:da:bc:d5:56:e1:1c:a7:c2:d1:78:36:bc:c2:3f:a0:
c8:e2:36:5e:49:78:95:63:91:ee:d3:88:35:4c:6c:79:bd:e5:
b2:ce:f7:b4:df:48:8d:49:de:e0:d4:58:cb:84:bc:11:bf:31:
12:15:ac:9b:7e:64:a0:85:1d:75:6a:d3:9c:23:f0:9d:cd:a4:
fe:cf:e9:3d:17:b6:ac:6e:12:7c:32:53:0b:d7:56:5c:b0:ae:
3a:75:73:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUt7SmP7s3MRKS7u7VxgNfq9po8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIxMjFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZTVjMDc1OTVlYTY4ZWQ0Y2JkOWMyYjBhZTE1YmU5ZmNkZWFmOGJmOGJk
YmZkYWMwMDQ3MTU0ZTBiYTFjYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALL7I/ZNMQaeYm2EtOzPOJAJn/EhHBHDMvJX1xIsNBBZ/hrv+gtC52HeDtN2
fOMSJDGBEXcQEug7Dl+mHdN2hs1va7ppTnZuVjFrUrR+eVOjHrvXUQrd2sTQdm1z
Wocopi7toeJTXVoKOBSaamUHPAin1q8L0VPkWVTRaTQ+SNI8hKtd7GIgvscxSB98
S5e7o1WxIRN5Ot3GO+7DutYB4mQilKgRROau6cwhWYUkad8ZU6+sIFZVjSxwCe8D
v4g6U0Ru2XE1ilpJzD5dnd8gWter6UmSXemY8hSwWe4732rwJgS2LkRSq364T07c
qHnSV0boNGfr+SLJELhKdXjuR90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ370Pv
kyRObC2d0cq4rZPlILL1STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlRFLfOTNrtuTc325rf9khMjNZ9IciHeKXa9dK
fM192mxbKHobmmx52raW9MsHgBLexAyCdsLuYJXr6sBgeDLeNM2u8cGledrUEAjh
e1KhCy0RrGIgFHfwWScd7/vCaMI6f2iKPl1LTinEqgTpJMoDL75doqTBpaItWVQG
jMvMQZbbTv4vao3BTys7OPYC6NJYxJG9NhzS/3hiW3NVZdACOOYg/vjavNVW4Ryn
wtF4NrzCP6DI4jZeSXiVY5Hu04g1TGx5veWyzve030iNSd7g1FjLhLwRvzESFayb
fmSghR11atOcI/CdzaT+z+k9F7asbhJ8MlML11ZcsK46dXM4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net