Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: ZovHP6t/auOhDXpazaNOMfbj6SA+uMuwS/V9u3FYQ7M=
Subject key identifier: 26:1B:80:F8:6A:D6:A8:09:A8:81:C3:1D:DE:07:8F:39:E9:16:39:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2678F62DFEE743456E776D2849767D818B588E73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Mon 31 Mar 2025 21:21:29 +0000
ROA not before: Mon 31 Mar 2025 21:21:29 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:78:f6:2d:fe:e7:43:45:6e:77:6d:28:49:76:7d:81:8b:58:8e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:21:29 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=0e5751ce7ea7c521d67ab00a0240eade7c72b3fd94028b2a90d4fb77ae3c4c72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:6f:f6:62:76:73:a4:db:d7:09:fa:0c:d5:
29:13:f7:43:31:f2:8b:17:eb:5b:67:d2:0e:28:e1:
dc:64:40:5e:f6:4e:b3:67:f1:14:17:e0:8b:c1:5e:
2f:57:56:07:64:39:8b:a2:30:9e:62:e1:29:3d:82:
2a:d1:2c:46:d4:14:29:1c:42:91:3d:f6:5f:c2:ca:
e9:3e:dd:8c:b6:b3:38:bf:77:7f:1b:d6:e5:4d:6f:
85:29:69:8f:35:e7:6f:9f:05:5d:e1:df:da:b3:d0:
62:00:ec:3d:8a:3e:74:1b:6c:cc:7c:ec:ee:fb:a5:
53:b8:32:cd:21:e9:7c:a7:db:91:20:1d:fd:4f:17:
88:d1:5e:cf:08:6f:a6:38:57:73:23:ad:ff:f1:14:
c7:55:e4:b8:6f:04:56:a5:e7:62:f4:c1:81:7f:b3:
e7:8d:b1:6b:44:38:59:0e:aa:69:ea:14:d7:e6:18:
f7:b5:ca:89:81:15:27:ca:a2:52:94:73:db:24:f7:
c6:74:ec:de:1c:cf:7d:1d:14:ff:62:4f:3e:ee:a7:
3f:b3:25:b8:ff:4f:11:d1:f7:7e:72:1f:99:47:7e:
ee:94:55:90:cf:25:ca:dd:d5:01:2c:ab:bb:94:28:
d2:9d:3b:0f:7f:12:1f:f2:09:8b:cb:85:7a:fb:49:
b6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:1B:80:F8:6A:D6:A8:09:A8:81:C3:1D:DE:07:8F:39:E9:16:39:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
85:46:a1:55:64:4b:9f:dd:17:cc:db:1b:2e:81:de:1f:da:dd:
ad:4b:cd:96:66:6c:f2:8f:cd:b3:4e:63:00:5f:88:56:53:05:
d1:75:82:74:af:e3:0d:1d:77:f8:21:dd:1b:45:87:92:7a:86:
19:39:a9:31:5e:97:33:f9:c9:fb:69:74:6e:de:52:1a:f2:0e:
90:3f:1a:28:65:22:2a:87:3d:2b:c4:94:8f:19:e1:95:7b:fc:
f2:61:2b:2a:76:2e:bb:49:45:de:80:85:7d:ff:ac:e7:00:ac:
33:55:8d:26:d4:02:13:08:8a:34:ed:40:ea:43:a6:c0:07:9c:
06:52:e0:d6:11:5b:cb:a2:be:c2:78:d1:31:5b:18:03:55:bc:
b1:c7:9d:cd:73:7e:da:f8:1f:a3:60:35:7e:80:dd:2c:31:f9:
bf:48:c9:ba:03:54:c6:22:59:98:89:66:e7:e2:c0:f6:90:f5:
20:46:6f:80:f3:7f:60:c2:af:db:f4:35:f3:fe:b9:2f:12:15:
7c:85:6f:1a:b3:84:b4:a6:cb:0e:b0:a1:f0:df:0f:a1:9d:88:
c1:41:5c:66:84:3c:82:25:e7:fb:7c:ff:9a:45:16:ca:04:ed:
4f:bf:94:9b:0b:42:d2:32:bd:4f:c9:71:5e:2b:d9:c0:28:14:
fb:98:66:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJnj2Lf7nQ0Vud20oSXZ9gYtYjnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIxMjlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlNTc1MWNlN2VhN2M1MjFkNjdhYjAwYTAyNDBlYWRlN2M3MmIzZmQ5NDAy
OGIyYTkwZDRmYjc3YWUzYzRjNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbnb/ZidnOk29cJ+gzVKRP3QzHyixfrW2fSDijh3GRAXvZOs2fxFBfgi8Fe
L1dWB2Q5i6IwnmLhKT2CKtEsRtQUKRxCkT32X8LK6T7djLazOL93fxvW5U1vhSlp
jzXnb58FXeHf2rPQYgDsPYo+dBtszHzs7vulU7gyzSHpfKfbkSAd/U8XiNFezwhv
pjhXcyOt//EUx1XkuG8EVqXnYvTBgX+z542xa0Q4WQ6qaeoU1+YY97XKiYEVJ8qi
UpRz2yT3xnTs3hzPfR0U/2JPPu6nP7MluP9PEdH3fnIfmUd+7pRVkM8lyt3VASyr
u5Qo0p07D38SH/IJi8uFevtJtlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmG4D4
ataoCaiBwx3eB4856RY55TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCFRqFVZEuf3RfM2xsugd4f2t2tS82WZmzyj82z
TmMAX4hWUwXRdYJ0r+MNHXf4Id0bRYeSeoYZOakxXpcz+cn7aXRu3lIa8g6QPxoo
ZSIqhz0rxJSPGeGVe/zyYSsqdi67SUXegIV9/6znAKwzVY0m1AITCIo07UDqQ6bA
B5wGUuDWEVvLor7CeNExWxgDVbyxx53Nc37a+B+jYDV+gN0sMfm/SMm6A1TGIlmY
iWbn4sD2kPUgRm+A839gwq/b9DXz/rkvEhV8hW8as4S0pssOsKHw3w+hnYjBQVxm
hDyCJef7fP+aRRbKBO1Pv5SbC0LSMr1PyXFeK9nAKBT7mGYA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net