Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: iCVouk61K4T2l2BvG2QJYMtK3NdK55CC9gdCupKnCGM=
Subject key identifier: D8:07:C2:B8:54:38:AC:85:BA:C5:57:3D:35:C9:F3:59:46:FF:46:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7568CAD2F4EC859333AC40ECA27FFA90DCC4858D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Mon 31 Mar 2025 20:41:20 +0000
ROA not before: Mon 31 Mar 2025 20:41:20 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:68:ca:d2:f4:ec:85:93:33:ac:40:ec:a2:7f:fa:90:dc:c4:85:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:41:20 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=dc4ac31df5bd56c63957eb3145d2e566ff8c82518b727c654ee22b8e696cf2fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:11:1d:1b:b5:90:9e:e9:39:1b:2c:e3:d1:c8:
28:21:03:36:c8:3e:e7:e4:fa:28:6c:1a:e2:c3:60:
eb:db:f3:b8:b1:50:c1:17:07:12:aa:9b:f3:c0:68:
74:5a:d8:22:64:f8:73:53:50:b6:16:08:11:1a:7c:
c9:56:ba:c3:cf:76:49:13:93:9f:96:dd:5c:b9:af:
22:09:26:47:26:5a:0b:d5:d7:eb:ff:ac:e6:c7:4e:
f0:74:97:9a:3a:62:a6:8f:f4:3c:20:bc:84:e0:67:
d3:a8:07:34:d2:30:af:e9:f8:34:eb:78:a7:17:13:
64:e0:32:74:8f:35:9d:6c:55:b7:29:c8:60:ef:c4:
fa:8d:45:33:b8:ec:b6:76:ae:20:37:0d:b3:0c:46:
87:7a:13:02:4f:4d:e1:95:48:f3:ca:ce:29:97:a5:
02:1f:b2:88:b2:9b:59:e8:2b:80:7b:f2:a9:30:17:
b0:48:cf:16:c6:70:3a:5e:24:71:4c:33:2f:58:c1:
90:d0:c0:0a:b1:d4:ca:32:21:31:56:21:a4:89:7f:
fe:90:81:d9:e9:66:28:61:06:66:c8:33:52:09:81:
8d:ab:66:b4:fa:97:2c:52:3f:ce:15:26:f2:72:dd:
c5:40:69:9f:49:dc:d9:76:ad:a6:75:a2:27:32:84:
bb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:07:C2:B8:54:38:AC:85:BA:C5:57:3D:35:C9:F3:59:46:FF:46:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:2f:9f:3f:73:98:2f:48:5f:a7:32:16:cd:5d:33:65:d4:8d:
af:b5:8d:21:7f:bb:47:70:98:1f:71:9b:cc:ab:38:01:6c:90:
47:25:38:70:ee:25:4d:12:59:a3:3e:f8:7c:16:eb:17:8f:da:
77:3e:7c:60:6e:5d:c2:a7:10:7b:dd:cf:67:89:dd:9d:bb:1d:
53:46:a5:99:3e:32:16:1e:83:1c:b2:c3:bc:e8:b0:ff:6c:69:
69:8d:7a:65:14:b2:e1:f5:76:3a:44:f3:b9:9a:e9:44:9e:1e:
c6:4c:4c:05:3e:46:52:f2:2b:23:e8:81:f0:37:c3:42:21:21:
4e:3d:1a:a6:4d:b7:2b:e5:a7:df:94:e5:be:16:3d:e1:b1:c2:
eb:53:24:59:0e:35:f9:b6:95:64:fd:f0:05:b8:1a:c3:ad:cc:
50:26:ea:07:57:d2:67:6d:f6:08:ad:20:31:6c:e3:39:90:e9:
6c:98:11:9f:6e:56:49:e3:66:98:14:a4:da:6e:d6:7b:fa:39:
bf:43:16:15:9b:f9:e4:bc:ab:c9:6e:13:7d:1e:af:09:79:6e:
9c:85:c1:7e:2a:9b:90:ce:3e:47:c2:d0:73:17:72:f2:1c:85:
1a:eb:ab:94:71:10:81:55:c8:6d:ad:41:d7:85:91:d7:68:2c:
04:ed:cd:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdWjK0vTshZMzrEDson/6kNzEhY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQxMjBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNGFjMzFkZjViZDU2YzYzOTU3ZWIzMTQ1ZDJlNTY2ZmY4YzgyNTE4Yjcy
N2M2NTRlZTIyYjhlNjk2Y2YyZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIRHRu1kJ7pORss49HIKCEDNsg+5+T6KGwa4sNg69vzuLFQwRcHEqqb88Bo
dFrYImT4c1NQthYIERp8yVa6w892SROTn5bdXLmvIgkmRyZaC9XX6/+s5sdO8HSX
mjpipo/0PCC8hOBn06gHNNIwr+n4NOt4pxcTZOAydI81nWxVtynIYO/E+o1FM7js
tnauIDcNswxGh3oTAk9N4ZVI88rOKZelAh+yiLKbWegrgHvyqTAXsEjPFsZwOl4k
cUwzL1jBkNDACrHUyjIhMVYhpIl//pCB2elmKGEGZsgzUgmBjatmtPqXLFI/zhUm
8nLdxUBpn0nc2XatpnWiJzKEu0ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYB8K4
VDishbrFVz01yfNZRv9GwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBdL58/c5gvSF+nMhbNXTNl1I2vtY0hf7tHcJgf
cZvMqzgBbJBHJThw7iVNElmjPvh8FusXj9p3Pnxgbl3CpxB73c9nid2dux1TRqWZ
PjIWHoMcssO86LD/bGlpjXplFLLh9XY6RPO5mulEnh7GTEwFPkZS8isj6IHwN8NC
ISFOPRqmTbcr5afflOW+Fj3hscLrUyRZDjX5tpVk/fAFuBrDrcxQJuoHV9JnbfYI
rSAxbOM5kOlsmBGfblZJ42aYFKTabtZ7+jm/QxYVm/nkvKvJbhN9Hq8JeW6chcF+
KpuQzj5HwtBzF3LyHIUa66uUcRCBVchtrUHXhZHXaCwE7c1m
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net