Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json)
Hash identifier: 1z+dTjtkQz5zjfHb83+4cabnEerG5zu5LxtQjWuCTDk=
Subject key identifier: 3D:F9:E5:47:28:E4:6F:E2:A8:3F:31:D0:5F:12:9D:81:21:D6:40:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77A402D16E0F715A4A94C3EA8575445FDD22E895
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
Signing time: Mon 31 Mar 2025 19:51:04 +0000
ROA not before: Mon 31 Mar 2025 19:51:04 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a4:02:d1:6e:0f:71:5a:4a:94:c3:ea:85:75:44:5f:dd:22:e8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:51:04 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=3dfd73beb49246feff2ae31999758ded2e48172d5e658e45b58113f55e7afd28, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c0:c3:b0:74:ae:98:47:46:b7:c9:fd:c1:9f:
a9:eb:0f:07:2c:fe:ad:38:eb:e1:3a:68:65:4d:ef:
3b:e7:a3:e2:f8:1d:cb:d3:0e:92:c9:89:4b:ea:93:
2b:54:a4:fb:01:68:e0:99:a8:c9:1f:97:40:aa:a2:
4b:44:15:6c:86:e0:30:f1:3a:4c:c3:85:c4:1e:46:
81:ce:56:5e:b9:bc:ed:40:c5:1c:c7:e0:08:3f:b9:
fd:98:36:43:69:33:d8:18:ac:f6:db:35:5b:74:d9:
e5:90:7a:ee:92:bf:fb:95:d4:88:a3:d0:8f:fb:9f:
66:d9:59:6c:08:f6:0f:d5:3d:db:58:04:cc:7b:6f:
bf:f1:e6:c1:07:68:5f:1e:2b:b6:8b:41:50:d1:cf:
3d:be:a0:55:58:3d:7a:c2:d8:c0:c9:4d:14:5a:f8:
93:bd:28:e9:e6:a4:53:13:bc:56:c8:2d:ee:05:97:
78:cd:1b:fa:86:a0:b9:2a:af:87:ca:7d:8c:72:5b:
66:33:6d:49:f7:c5:40:e9:c6:02:d6:ee:f0:63:8c:
9f:14:a9:5a:2c:32:53:38:7e:16:72:4e:52:9e:00:
12:f0:28:40:6d:df:43:24:79:fc:85:27:95:f7:92:
4c:14:a9:20:48:21:e2:e0:ff:2f:2b:7a:01:e2:65:
6f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F9:E5:47:28:E4:6F:E2:A8:3F:31:D0:5F:12:9D:81:21:D6:40:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
26:6e:2d:f7:a5:4b:47:55:50:09:09:85:9f:88:bb:d2:c3:55:
76:c7:b1:5c:c5:33:80:d3:e4:aa:94:cf:1b:3f:2a:8c:37:fe:
2b:81:b1:a2:9e:fc:c3:fa:79:c0:7e:77:a9:c7:09:ae:f3:0a:
25:59:c7:94:12:ae:51:90:fb:2c:53:82:ff:6d:ba:5c:32:d9:
63:57:e6:8b:1f:4e:28:96:b5:20:fd:34:fa:d7:30:b4:f1:a2:
03:78:5e:f8:91:1b:29:ad:dd:f2:07:4f:03:b0:f9:8c:42:98:
ec:7f:95:90:c5:24:66:06:ea:65:60:e4:dd:0c:3e:64:e3:2e:
4c:b3:d1:3e:5f:d2:b0:b8:7a:42:8c:eb:42:94:ee:7e:1c:e1:
b5:c4:7c:37:6f:38:75:a9:6c:dc:38:3c:2d:0f:2a:64:45:df:
cc:cd:4e:3c:10:ad:f9:8f:97:c2:26:f6:96:65:93:10:b8:a3:
28:20:64:98:65:63:f6:63:73:3c:36:ae:87:60:1b:1e:df:b7:
d5:c1:30:f3:80:53:7c:10:5a:de:a5:89:d0:81:a3:72:8c:3a:
85:e1:8b:0e:d6:58:8f:bf:db:49:2f:a7:ad:46:20:91:dc:90:
10:fc:34:90:44:c4:37:1b:cb:d2:63:3a:47:53:40:68:a7:e2:
3e:16:2b:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd6QC0W4PcVpKlMPqhXVEX90i6JUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUxMDRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZmQ3M2JlYjQ5MjQ2ZmVmZjJhZTMxOTk5NzU4ZGVkMmU0ODE3MmQ1ZTY1
OGU0NWI1ODExM2Y1NWU3YWZkMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXAw7B0rphHRrfJ/cGfqesPByz+rTjr4TpoZU3vO+ej4vgdy9MOksmJS+qT
K1Sk+wFo4JmoyR+XQKqiS0QVbIbgMPE6TMOFxB5Ggc5WXrm87UDFHMfgCD+5/Zg2
Q2kz2Bis9ts1W3TZ5ZB67pK/+5XUiKPQj/ufZtlZbAj2D9U921gEzHtvv/HmwQdo
Xx4rtotBUNHPPb6gVVg9esLYwMlNFFr4k70o6eakUxO8Vsgt7gWXeM0b+oaguSqv
h8p9jHJbZjNtSffFQOnGAtbu8GOMnxSpWiwyUzh+FnJOUp4AEvAoQG3fQyR5/IUn
lfeSTBSpIEgh4uD/Lyt6AeJlbwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9+eVH
KORv4qg/MdBfEp2BIdZAEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAmbi33pUtHVVAJCYWfiLvSw1V2x7FcxTOA0+Sq
lM8bPyqMN/4rgbGinvzD+nnAfnepxwmu8wolWceUEq5RkPssU4L/bbpcMtljV+aL
H04olrUg/TT61zC08aIDeF74kRsprd3yB08DsPmMQpjsf5WQxSRmBuplYOTdDD5k
4y5Ms9E+X9KwuHpCjOtClO5+HOG1xHw3bzh1qWzcODwtDypkRd/MzU48EK35j5fC
JvaWZZMQuKMoIGSYZWP2Y3M8Nq6HYBse37fVwTDzgFN8EFrepYnQgaNyjDqF4YsO
1liPv9tJL6etRiCR3JAQ/DSQRMQ3G8vSYzpHU0Bop+I+Fiv+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net