Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: lVhKhOOuLtAGMSZ79Ms0UCR9/XluhzMGDthtM3cbdUs=
Subject key identifier: 57:2D:22:94:18:1E:66:7F:81:8F:5A:DE:5B:AA:0F:46:7A:6A:DD:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20264CF329C40E3366FC00B7CD1AE594ED174157
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Mon 31 Mar 2025 20:51:33 +0000
ROA not before: Mon 31 Mar 2025 20:51:33 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:26:4c:f3:29:c4:0e:33:66:fc:00:b7:cd:1a:e5:94:ed:17:41:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:51:33 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=353ca89abc71ddb2096f636301df430d6e6fe84053b499c5eac423d1fe585462, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c6:f8:fe:e0:aa:2d:bc:28:17:b3:1a:e3:8b:
bf:71:8f:28:0a:8d:ab:a5:8d:f0:b2:e6:26:b1:af:
47:12:e5:e7:51:ba:c3:5a:72:f3:5e:b1:93:c8:50:
4a:6e:92:1d:8f:cf:c9:fe:22:51:0b:94:0a:ef:e3:
b1:a6:a6:a3:75:0c:ed:dc:e0:f5:ed:73:af:7f:de:
8e:02:f8:b3:3d:d4:9f:0f:e4:a3:69:f0:e6:b3:dd:
c1:7c:b0:71:a8:fe:52:4a:9e:c3:cd:0f:c4:bc:fc:
ae:1e:76:97:0c:4b:61:f1:f5:a2:4b:e9:ca:11:f0:
a0:d1:e1:17:34:01:1b:8d:fc:1d:03:85:6e:13:9d:
0c:2f:d2:13:02:6c:80:7b:67:c1:ff:58:a6:92:83:
87:b8:eb:a2:05:cb:29:83:76:ab:bb:61:b8:1b:96:
09:4d:f5:79:dc:a3:b2:6f:55:5d:57:e5:c0:3e:8d:
f9:02:e0:c8:6d:8b:a4:a2:38:96:f1:29:0b:13:9c:
90:41:c5:4e:e6:db:e7:b7:d3:f4:da:81:dc:e6:7e:
8d:13:ac:4a:22:6a:f3:ab:19:a3:7d:5d:5f:4f:89:
c8:0c:75:b5:7c:fb:dd:ea:b4:27:46:b8:9e:27:35:
7e:06:51:1a:76:42:19:a2:47:fc:03:0b:b8:38:ab:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2D:22:94:18:1E:66:7F:81:8F:5A:DE:5B:AA:0F:46:7A:6A:DD:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:2a:94:72:62:90:46:dd:c7:d2:e0:7e:de:f7:20:14:17:67:
49:03:ea:bd:52:ac:49:75:35:54:d9:a3:fa:0f:9e:32:84:c8:
cd:16:c7:bd:98:27:f0:34:b1:d9:f7:be:96:b5:7f:0a:98:54:
79:69:ad:c1:03:a5:55:78:b0:0f:50:f2:81:a2:a3:c7:23:57:
f5:36:7a:d4:3f:0c:1b:35:02:c3:79:67:51:ae:3b:88:b8:35:
f1:7c:6b:63:a8:2c:36:80:c9:8c:d0:2d:e2:6a:b8:7e:c7:e3:
5c:9a:ea:6a:05:e8:aa:53:a9:8d:37:73:f6:03:c1:1a:04:f9:
10:fb:f9:87:28:56:98:28:f4:68:0f:aa:3b:03:57:92:c5:40:
5d:19:fa:8b:73:4e:d6:cf:85:79:02:5f:08:fe:91:d9:b5:29:
40:39:65:2a:e9:d8:0f:da:cb:de:f5:81:b2:76:aa:e9:b1:82:
bf:4c:a6:97:ed:0b:8f:d9:42:9e:83:8d:eb:60:d1:8a:42:fe:
1f:8c:12:64:3a:93:96:0f:eb:4f:96:f4:3b:bd:91:0a:6c:34:
92:7b:ad:35:08:e0:7f:f4:f6:60:96:2a:9f:a6:69:ce:93:2f:
f2:4a:97:08:e9:d4:7f:65:87:50:90:73:6d:b3:69:91:1d:86:
51:a1:74:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUICZM8ynEDjNm/AC3zRrllO0XQVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUxMzNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1M2NhODlhYmM3MWRkYjIwOTZmNjM2MzAxZGY0MzBkNmU2ZmU4NDA1M2I0
OTljNWVhYzQyM2QxZmU1ODU0NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbG+P7gqi28KBezGuOLv3GPKAqNq6WN8LLmJrGvRxLl51G6w1py816xk8hQ
Sm6SHY/Pyf4iUQuUCu/jsaamo3UM7dzg9e1zr3/ejgL4sz3Unw/ko2nw5rPdwXyw
caj+Ukqew80PxLz8rh52lwxLYfH1okvpyhHwoNHhFzQBG438HQOFbhOdDC/SEwJs
gHtnwf9YppKDh7jrogXLKYN2q7thuBuWCU31edyjsm9VXVflwD6N+QLgyG2LpKI4
lvEpCxOckEHFTubb57fT9NqB3OZ+jROsSiJq86sZo31dX0+JyAx1tXz73eq0J0a4
nic1fgZRGnZCGaJH/AMLuDirwocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXLSKU
GB5mf4GPWt5bqg9GemrdZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6KpRyYpBG3cfS4H7e9yAUF2dJA+q9UqxJdTVU
2aP6D54yhMjNFse9mCfwNLHZ976WtX8KmFR5aa3BA6VVeLAPUPKBoqPHI1f1NnrU
PwwbNQLDeWdRrjuIuDXxfGtjqCw2gMmM0C3iarh+x+NcmupqBeiqU6mNN3P2A8Ea
BPkQ+/mHKFaYKPRoD6o7A1eSxUBdGfqLc07Wz4V5Al8I/pHZtSlAOWUq6dgP2sve
9YGydqrpsYK/TKaX7QuP2UKeg43rYNGKQv4fjBJkOpOWD+tPlvQ7vZEKbDSSe601
COB/9PZgliqfpmnOky/ySpcI6dR/ZYdQkHNts2mRHYZRoXQ1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net