Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8369e3-7a1d-4e37-8db7-c71339526d79.roa
File: 2e8369e3-7a1d-4e37-8db7-c71339526d79.roa (raw, json)
Hash identifier: VkEy7OrrKzkcfiwifDOwc2AitpVvg/2qSUGe0zL+lk4=
Subject key identifier: 44:FD:51:20:E7:B5:52:29:34:E2:F0:13:B0:05:8F:01:09:A2:2E:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0760705CA1C136AE6D71ACEAA9870659B564CF04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8369e3-7a1d-4e37-8db7-c71339526d79.roa
Signing time: Mon 31 Mar 2025 19:51:33 +0000
ROA not before: Mon 31 Mar 2025 19:51:33 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:60:70:5c:a1:c1:36:ae:6d:71:ac:ea:a9:87:06:59:b5:64:cf:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:51:33 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a1f5734d274b83736c6f687f68a7253c867a4b3576c260c6f22102967587c4e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:39:99:33:0e:30:5e:38:56:2f:fa:84:9a:
2a:a9:cb:c5:e3:96:96:7b:6f:9d:11:8a:e0:27:b1:
1e:8f:5e:17:28:54:b9:34:08:f4:99:72:11:4b:f4:
aa:3d:c3:00:c8:21:62:05:91:9c:70:94:9f:59:d9:
fc:14:12:53:7b:a9:10:d0:6f:b0:20:44:45:eb:ac:
dd:be:c7:2a:26:f4:72:5d:5a:dc:57:3f:95:f7:8a:
c2:cf:5c:52:f1:fc:0f:50:ea:84:f3:4b:26:ac:3d:
bf:3f:80:18:4b:f5:9f:ae:4c:9a:bd:d7:3c:6e:9c:
e8:f1:7f:16:90:57:75:1e:8a:c1:88:f3:fa:49:4f:
d4:0d:44:c2:37:bb:1a:f8:c8:6a:6d:29:e6:0b:de:
12:f8:09:83:65:cf:c2:0f:f2:d1:64:d6:8f:a3:a0:
1a:02:90:39:53:50:61:b3:bd:dd:22:7a:3f:a4:83:
15:11:d0:ec:0c:21:c7:6e:cd:22:bc:9a:8c:aa:7e:
b2:12:c3:11:2c:50:f5:36:32:8e:27:a7:ad:e6:6b:
47:87:3d:33:ba:db:9c:9d:ae:b4:36:93:fc:72:94:
f1:ce:8b:d2:a3:c0:6b:e5:30:68:ad:b2:ee:8a:b9:
a9:e8:d4:a0:60:d8:7a:ab:87:4b:b1:5d:28:62:81:
18:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FD:51:20:E7:B5:52:29:34:E2:F0:13:B0:05:8F:01:09:A2:2E:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8369e3-7a1d-4e37-8db7-c71339526d79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
55:06:db:b5:08:90:d4:7c:73:94:8d:e5:0d:a0:8f:c3:a9:84:
6c:82:76:84:45:5c:f5:96:77:4d:0d:4f:94:90:48:ae:95:1c:
53:f0:f5:dc:a5:a8:a2:06:54:5e:01:07:65:5e:65:9b:2b:75:
45:49:0a:ac:83:17:33:03:63:bc:3c:e7:8e:c1:62:e6:e4:c7:
a6:36:a8:1f:78:f6:8a:20:4d:c0:1a:f0:a2:da:81:11:1c:18:
60:b2:68:ad:8f:ba:b1:e4:4d:8f:35:6a:8d:c2:df:33:40:43:
8b:1c:8c:11:0e:54:6c:5d:c3:cc:8a:a9:98:6b:89:bb:53:b5:
47:81:27:ff:ff:3d:4e:be:fe:bc:00:e6:8a:a6:52:d6:20:ac:
c2:50:44:44:e0:73:66:a1:cb:c8:37:7f:1a:f3:07:78:23:86:
e3:50:ea:40:ab:9f:8c:14:31:3f:bb:fc:33:35:65:83:bd:ec:
28:25:f9:f7:87:9a:34:02:91:28:7d:e2:b6:80:32:27:42:0f:
4f:34:33:c5:95:72:b7:62:c8:43:c4:54:5c:07:eb:95:41:c5:
dc:a6:17:cc:2f:4b:0b:13:44:e1:1d:29:ab:c4:3e:52:ce:09:
c2:62:4b:4e:a2:ec:72:33:a9:66:e4:77:86:bf:85:df:62:53:
2a:14:16:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB2BwXKHBNq5tcazqqYcGWbVkzwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUxMzNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExZjU3MzRkMjc0YjgzNzM2YzZmNjg3ZjY4YTcyNTNjODY3YTRiMzU3NmMy
NjBjNmYyMjEwMjk2NzU4N2M0ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDpOZkzDjBeOFYv+oSaKqnLxeOWlntvnRGK4CexHo9eFyhUuTQI9JlyEUv0
qj3DAMghYgWRnHCUn1nZ/BQSU3upENBvsCBEReus3b7HKib0cl1a3Fc/lfeKws9c
UvH8D1DqhPNLJqw9vz+AGEv1n65Mmr3XPG6c6PF/FpBXdR6KwYjz+klP1A1Ewje7
GvjIam0p5gveEvgJg2XPwg/y0WTWj6OgGgKQOVNQYbO93SJ6P6SDFRHQ7Awhx27N
IryajKp+shLDESxQ9TYyjienreZrR4c9M7rbnJ2utDaT/HKU8c6L0qPAa+UwaK2y
7oq5qejUoGDYequHS7FdKGKBGIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRE/VEg
57VSKTTi8BOwBY8BCaIuWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU4MzY5ZTMtN2ExZC00ZTM3LThkYjctYzcxMzM5NTI2ZDc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQBVBtu1CJDUfHOUjeUNoI/DqYRsgnaERVz1lndN
DU+UkEiulRxT8PXcpaiiBlReAQdlXmWbK3VFSQqsgxczA2O8POeOwWLm5MemNqgf
ePaKIE3AGvCi2oERHBhgsmitj7qx5E2PNWqNwt8zQEOLHIwRDlRsXcPMiqmYa4m7
U7VHgSf//z1Ovv68AOaKplLWIKzCUERE4HNmocvIN38a8wd4I4bjUOpAq5+MFDE/
u/wzNWWDvewoJfn3h5o0ApEofeK2gDInQg9PNDPFlXK3YshDxFRcB+uVQcXcphfM
L0sLE0ThHSmrxD5SzgnCYktOouxyM6lm5HeGv4XfYlMqFBZ3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net