Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: k8NYq3h8FVuoZfe2VETJEnvbPrRwJId2ZY2pIIxlWO4=
Subject key identifier: 41:7B:A9:2B:EE:F1:67:BC:6F:BB:0B:71:7F:F5:81:5A:61:AF:CA:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F018FF19638CFFE7A148260D362B4FD0BAEED9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Mon 31 Mar 2025 19:40:09 +0000
ROA not before: Mon 31 Mar 2025 19:40:09 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:01:8f:f1:96:38:cf:fe:7a:14:82:60:d3:62:b4:fd:0b:ae:ed:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:40:09 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a1808ec4f85d87dea2f38755e3574d7e7939c780ca222fa9b1c4772ec2b83e6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ea:91:7b:30:2d:0f:d6:3f:91:fe:ca:44:50:
9a:c9:57:1c:22:fc:ae:8a:7a:8a:29:d4:ca:51:a7:
a0:1c:e0:48:78:6d:c5:77:d7:30:2a:0b:4b:5b:c5:
de:44:15:06:0e:38:cd:26:44:86:7b:3b:d3:a3:3f:
65:6c:cf:1c:a7:c1:1a:9f:9d:68:46:41:0f:5c:b0:
17:ed:a4:14:23:b9:40:ef:5e:56:6e:d4:ec:43:7b:
64:f9:2d:bf:f0:30:b8:6a:6d:60:8d:62:7a:22:4c:
7f:69:be:9e:5c:0f:a1:4a:6e:f2:b1:a6:c7:45:0b:
f9:d1:26:0c:ad:83:89:e9:a8:aa:8d:e2:8e:70:0e:
e2:df:7d:f3:d6:61:43:fd:88:75:49:d4:d7:c3:2a:
e8:da:e9:c2:69:ee:d5:af:bd:20:15:58:9f:5b:2c:
19:2d:89:20:00:a4:87:34:bc:ca:91:ce:46:f9:4a:
c9:e5:be:d1:3b:b0:c0:51:7c:e0:14:7b:6d:47:da:
2d:3e:37:74:a5:d2:a2:77:28:b0:74:81:5b:c4:f2:
75:44:1c:4b:bd:ef:32:69:26:6f:1a:b2:3a:20:fe:
1b:99:ac:0f:a5:df:a4:b9:5f:fe:ca:74:d3:49:6a:
e7:22:02:19:b1:ff:9a:fd:ac:1d:da:70:76:e9:00:
c7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7B:A9:2B:EE:F1:67:BC:6F:BB:0B:71:7F:F5:81:5A:61:AF:CA:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
17:4e:50:b7:a8:24:77:9a:39:32:44:59:4b:7e:4d:d4:54:8b:
23:25:c8:6e:65:e1:b1:c4:3d:68:40:03:1f:e0:9f:00:9c:f8:
5e:10:1e:c9:91:4d:50:96:14:81:25:e1:0a:b0:d0:08:25:fb:
cc:3e:11:6b:90:16:65:4e:86:a1:85:35:b4:72:db:4d:a2:02:
a0:c5:eb:0d:2e:83:40:b8:d5:3c:1f:7a:7f:3b:fc:49:70:55:
a1:45:f2:13:59:17:00:76:91:5d:d0:91:7c:30:f1:fe:e8:58:
15:e2:e0:75:e0:4a:6f:2a:ec:80:55:b5:90:58:a8:ca:aa:84:
1c:f8:89:93:2f:27:34:65:b0:cb:b7:c4:ed:cb:3f:6d:ff:e1:
a1:88:33:00:0c:4b:80:91:f9:c8:0b:4c:a4:64:26:4b:83:86:
9d:67:ea:93:c8:d0:25:e3:ce:22:c8:d4:6e:7b:09:0f:8a:4e:
c5:ec:42:30:d7:a3:94:00:86:92:3b:87:7c:40:dd:c7:9a:d8:
05:87:e7:34:a4:92:39:28:bb:b8:35:b8:75:76:19:8a:a9:f9:
ee:4c:b1:bd:ca:b5:f5:d1:ea:de:ae:45:a3:83:0a:80:5c:48:
f3:ae:b4:17:18:c0:59:05:0b:d7:a7:fe:81:34:6c:58:6e:35:
e3:d6:1c:49
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULwGP8ZY4z/56FIJg02K0/Quu7ZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTQwMDlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExODA4ZWM0Zjg1ZDg3ZGVhMmYzODc1NWUzNTc0ZDdlNzkzOWM3ODBjYTIy
MmZhOWIxYzQ3NzJlYzJiODNlNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3qkXswLQ/WP5H+ykRQmslXHCL8rop6iinUylGnoBzgSHhtxXfXMCoLS1vF
3kQVBg44zSZEhns706M/ZWzPHKfBGp+daEZBD1ywF+2kFCO5QO9eVm7U7EN7ZPkt
v/AwuGptYI1ieiJMf2m+nlwPoUpu8rGmx0UL+dEmDK2Diemoqo3ijnAO4t9989Zh
Q/2IdUnU18Mq6Nrpwmnu1a+9IBVYn1ssGS2JIACkhzS8ypHORvlKyeW+0TuwwFF8
4BR7bUfaLT43dKXSoncosHSBW8TydUQcS73vMmkmbxqyOiD+G5msD6XfpLlf/sp0
00lq5yICGbH/mv2sHdpwdukAx9cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRBe6kr
7vFnvG+7C3F/9YFaYa/K/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEAF05Qt6gkd5o5MkRZS35N1FSLIyXIbmXhscQ9
aEADH+CfAJz4XhAeyZFNUJYUgSXhCrDQCCX7zD4Ra5AWZU6GoYU1tHLbTaICoMXr
DS6DQLjVPB96fzv8SXBVoUXyE1kXAHaRXdCRfDDx/uhYFeLgdeBKbyrsgFW1kFio
yqqEHPiJky8nNGWwy7fE7cs/bf/hoYgzAAxLgJH5yAtMpGQmS4OGnWfqk8jQJePO
IsjUbnsJD4pOxexCMNejlACGkjuHfEDdx5rYBYfnNKSSOSi7uDW4dXYZiqn57kyx
vcq19dHq3q5Fo4MKgFxI8660FxjAWQUL16f+gTRsWG4149YcSQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net