Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: 2a/IsceKrpe9EHj72wQ1Oqp0GjuWcQ/MHlVIZsZDEt4=
Subject key identifier: C5:D7:2C:19:90:EB:81:63:8A:DE:75:8A:37:40:00:4D:6E:A0:59:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61C4F72F03DFB86EEE0A9FD18586F66691D0A5DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Mon 31 Mar 2025 21:21:25 +0000
ROA not before: Mon 31 Mar 2025 21:21:25 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c4:f7:2f:03:df:b8:6e:ee:0a:9f:d1:85:86:f6:66:91:d0:a5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:21:25 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=f03458843080ae249577321de4c66116fd78bec785f39bc5329a8e63dc6b1928, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:53:91:d3:f9:96:1a:01:24:2d:f5:2b:33:cb:
eb:c9:2d:e1:38:ff:4c:4b:1c:9a:c4:d6:2e:32:a0:
ad:61:ef:b3:63:c8:a4:40:71:03:27:dd:b0:66:54:
8b:d5:ba:e0:b0:ed:f6:ff:d8:7b:8f:2a:b8:d8:3c:
a7:35:b9:96:02:b2:aa:ed:09:40:4f:d8:95:d9:5b:
88:39:15:f0:86:c8:2f:f1:ba:8d:87:00:18:ad:eb:
8f:ad:b9:39:66:e6:ad:46:97:12:95:5a:8c:d6:9f:
ee:a7:d1:69:33:a5:3f:3a:df:62:bc:56:52:b9:a7:
fd:d3:e6:7f:a6:b9:d7:45:ad:0e:b3:28:38:12:2c:
c8:52:d3:9c:b4:39:8b:37:c1:8a:cb:eb:4e:8c:bd:
bc:42:12:15:74:33:a6:37:d3:97:c1:cc:44:5f:b6:
c3:eb:a5:f1:68:23:d6:84:37:fd:c9:1f:b8:81:38:
cc:70:2c:79:d8:13:e9:56:76:af:b2:a7:3a:cd:6c:
70:47:d3:c8:b2:fe:23:91:60:8f:67:9f:a3:0a:93:
75:2c:71:eb:f8:34:6b:c2:31:f2:53:53:3a:8e:41:
d6:0a:36:b6:82:31:b8:9d:73:bb:25:fd:07:6d:fa:
94:e4:62:af:c7:db:26:94:a3:6d:ff:1b:89:6e:0e:
25:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D7:2C:19:90:EB:81:63:8A:DE:75:8A:37:40:00:4D:6E:A0:59:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
8b:3d:37:fe:2d:89:ca:e1:70:5e:a4:a4:b9:d1:e1:73:f4:9c:
6f:8e:45:10:98:5d:1b:e6:5f:0d:84:fa:ae:0f:55:5b:83:ab:
c2:c9:60:f5:8c:5c:05:df:01:84:2a:70:e0:14:19:ed:ac:0b:
ae:3c:ad:dc:a6:41:da:2a:76:11:10:da:c8:ea:5d:ba:d9:18:
9a:a5:bd:ef:a8:cc:d7:7b:06:74:bb:7d:2b:24:72:4a:cc:21:
4b:73:3b:07:27:03:b6:c6:b1:3a:ec:87:db:a4:d3:af:d8:65:
43:58:17:eb:32:dc:7a:60:ed:73:d4:d8:bb:b3:3d:e4:90:ed:
88:a2:f5:4a:0f:9b:52:aa:d5:7c:56:05:28:70:24:12:b0:36:
3d:7e:de:3b:a7:bc:56:41:8d:e1:e9:2c:08:ae:cd:56:7b:be:
b7:56:23:70:e1:ab:35:fd:f2:f3:2c:26:cb:46:66:85:eb:31:
bf:16:b8:a7:85:89:9b:28:98:ca:e4:85:2b:b5:5c:80:75:86:
37:59:6e:63:97:4f:16:32:1f:56:67:8a:5b:b4:6c:9f:bd:a7:
22:de:33:66:62:c0:21:ad:e7:1a:ac:59:a5:57:27:9c:32:5a:
57:63:56:16:ce:e4:fc:ea:64:98:f8:35:8a:2c:ac:67:68:09:
c0:a1:5c:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYcT3LwPfuG7uCp/RhYb2ZpHQpdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIxMjVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMzQ1ODg0MzA4MGFlMjQ5NTc3MzIxZGU0YzY2MTE2ZmQ3OGJlYzc4NWYz
OWJjNTMyOWE4ZTYzZGM2YjE5MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5TkdP5lhoBJC31KzPL68kt4Tj/TEscmsTWLjKgrWHvs2PIpEBxAyfdsGZU
i9W64LDt9v/Ye48quNg8pzW5lgKyqu0JQE/YldlbiDkV8IbIL/G6jYcAGK3rj625
OWbmrUaXEpVajNaf7qfRaTOlPzrfYrxWUrmn/dPmf6a510WtDrMoOBIsyFLTnLQ5
izfBisvrToy9vEISFXQzpjfTl8HMRF+2w+ul8Wgj1oQ3/ckfuIE4zHAsedgT6VZ2
r7KnOs1scEfTyLL+I5Fgj2efowqTdSxx6/g0a8Ix8lNTOo5B1go2toIxuJ1zuyX9
B236lORir8fbJpSjbf8biW4OJd0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTF1ywZ
kOuBY4redYo3QABNbqBZajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCLPTf+LYnK4XBepKS50eFz9JxvjkUQmF0b5l8N
hPquD1Vbg6vCyWD1jFwF3wGEKnDgFBntrAuuPK3cpkHaKnYRENrI6l262Riapb3v
qMzXewZ0u30rJHJKzCFLczsHJwO2xrE67IfbpNOv2GVDWBfrMtx6YO1z1Ni7sz3k
kO2IovVKD5tSqtV8VgUocCQSsDY9ft47p7xWQY3h6SwIrs1We763ViNw4as1/fLz
LCbLRmaF6zG/FrinhYmbKJjK5IUrtVyAdYY3WW5jl08WMh9WZ4pbtGyfvaci3jNm
YsAhrecarFmlVyecMlpXY1YWzuT86mSY+DWKLKxnaAnAoVyP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net