Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: GVdRgQiC9ENpbAA9Qx2LqJ3w4L04cKs7m45+Dcj/FBw=
Subject key identifier: D8:D3:B8:F5:E6:95:47:FE:8E:43:BF:E0:AA:2D:2C:39:70:71:46:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E47CAD46F2DA10F455CC67CB1F9F410725A081C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Mon 31 Mar 2025 19:00:50 +0000
ROA not before: Mon 31 Mar 2025 19:00:50 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:47:ca:d4:6f:2d:a1:0f:45:5c:c6:7c:b1:f9:f4:10:72:5a:08:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:00:50 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=0330fb6bfb6655ac4390d8180055fe25164ce9a0c98ae15f34d75c9c810a8d79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3b:55:f0:9c:4c:72:21:05:dd:b4:b6:10:4c:
0c:a2:3f:8e:11:9a:b7:63:0d:27:03:04:6e:55:4d:
4a:fa:15:c8:e1:d0:f5:a9:20:07:5b:b1:05:49:02:
6f:d1:fd:eb:37:ae:56:69:8d:9d:85:cd:4f:61:79:
c4:f0:5e:f7:33:30:bd:e8:04:68:66:53:88:2b:39:
b1:28:32:fe:69:0d:a5:0b:d5:8a:3d:0a:a8:cf:54:
f3:ef:1d:f8:1f:37:59:1e:6f:7e:8e:b3:1a:44:0f:
0e:a2:fe:e1:ab:24:44:53:01:92:23:44:ba:ec:b8:
fa:8e:86:f2:45:d7:6c:26:2e:cc:9c:c9:e4:fa:72:
fc:fc:32:92:b1:5e:8d:0a:28:f1:20:b5:4b:7b:46:
00:d2:95:4d:25:b7:45:e4:80:d3:99:c6:56:a0:b6:
4c:18:30:9c:71:df:a1:3b:87:03:23:e0:1a:38:8c:
88:24:c3:3b:ea:28:cd:ca:10:92:32:fd:f5:5e:3b:
21:45:3c:6c:61:1a:42:85:80:73:79:69:fd:e2:c3:
b1:c1:bf:60:c7:13:a1:06:fe:ab:2c:68:5c:08:0f:
ce:cd:4d:5f:c8:45:87:ce:43:e5:f1:7c:92:b3:a0:
88:d5:89:c6:58:47:e4:12:e1:74:94:d1:50:2a:f9:
72:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D3:B8:F5:E6:95:47:FE:8E:43:BF:E0:AA:2D:2C:39:70:71:46:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
ae:78:a9:9b:68:8e:dc:d4:94:57:ac:bf:1c:77:03:c8:86:6d:
4e:44:02:cf:b3:40:ef:bb:33:2c:74:72:14:ee:e4:f1:d6:a4:
e3:ee:8d:dc:be:c7:a2:4a:61:41:1b:42:02:87:3e:35:44:96:
62:a5:18:60:31:b7:76:11:17:2f:a8:ac:86:35:15:40:a0:df:
ae:ba:a9:03:75:31:da:25:3f:f0:a8:83:ca:11:4c:cf:c2:cf:
f4:e6:0a:4f:24:7a:d6:27:2d:2d:64:e8:b1:f5:8c:f7:61:b5:
cc:d0:e4:af:3d:1f:e8:c9:f6:f1:d1:42:5e:a6:f3:aa:1c:a7:
1d:df:ed:23:cf:84:1e:04:8b:d1:9b:a4:92:3d:4f:66:d6:27:
84:a8:88:63:8f:48:ff:c3:a4:be:14:94:b7:43:31:1e:07:31:
c4:70:9e:dd:54:ba:86:a3:b2:50:3a:df:31:ba:3c:10:f4:94:
6d:95:cd:25:de:a9:e2:00:36:4f:ea:0b:8c:9e:17:d5:79:ad:
6a:94:c4:19:0b:4f:91:27:c6:ce:51:b3:2d:3b:46:3a:a7:8e:
3b:1f:ae:82:e4:fc:a8:d4:9d:b1:74:d4:b6:9c:55:f0:e9:47:
c0:4f:1b:64:fa:2e:b2:e8:08:a6:9f:19:84:55:7b:e8:78:e6:
6b:d5:25:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHkfK1G8toQ9FXMZ8sfn0EHJaCBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAwNTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMzBmYjZiZmI2NjU1YWM0MzkwZDgxODAwNTVmZTI1MTY0Y2U5YTBjOThh
ZTE1ZjM0ZDc1YzljODEwYThkNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO07VfCcTHIhBd20thBMDKI/jhGat2MNJwMEblVNSvoVyOHQ9akgB1uxBUkC
b9H96zeuVmmNnYXNT2F5xPBe9zMwvegEaGZTiCs5sSgy/mkNpQvVij0KqM9U8+8d
+B83WR5vfo6zGkQPDqL+4askRFMBkiNEuuy4+o6G8kXXbCYuzJzJ5Ppy/PwykrFe
jQoo8SC1S3tGANKVTSW3ReSA05nGVqC2TBgwnHHfoTuHAyPgGjiMiCTDO+oozcoQ
kjL99V47IUU8bGEaQoWAc3lp/eLDscG/YMcToQb+qyxoXAgPzs1NX8hFh85D5fF8
krOgiNWJxlhH5BLhdJTRUCr5cmkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTY07j1
5pVH/o5Dv+CqLSw5cHFGyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEArnipm2iO3NSUV6y/HHcDyIZtTkQCz7NA77sz
LHRyFO7k8dak4+6N3L7HokphQRtCAoc+NUSWYqUYYDG3dhEXL6ishjUVQKDfrrqp
A3Ux2iU/8KiDyhFMz8LP9OYKTyR61ictLWTosfWM92G1zNDkrz0f6Mn28dFCXqbz
qhynHd/tI8+EHgSL0Zukkj1PZtYnhKiIY49I/8OkvhSUt0MxHgcxxHCe3VS6hqOy
UDrfMbo8EPSUbZXNJd6p4gA2T+oLjJ4X1XmtapTEGQtPkSfGzlGzLTtGOqeOOx+u
guT8qNSdsXTUtpxV8OlHwE8bZPousugIpp8ZhFV76Hjma9Ul/w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net