Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
File: 4b3ff608-6c53-42b9-811d-968096b30ae5.roa (raw, json)
Hash identifier: 5i2QVj7kj5DRaLXO4xrO6+vXEri8+5uPgfLjMXGkbQs=
Subject key identifier: A2:AA:0D:2A:C9:EB:F8:67:0E:7F:2D:69:7F:44:3D:B0:12:37:95:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C095BC89AA13E17EFCB9DF25E60D2638DE51E24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:09:5b:c8:9a:a1:3e:17:ef:cb:9d:f2:5e:60:d2:63:8d:e5:1e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=99ebb3320aef6dfa45278d459f83b5822ed13d2d151b26c665a514358eb4ae24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:84:20:ad:f7:c0:c9:90:6d:3b:b4:42:13:13:
fb:53:6c:af:10:cc:b4:6d:6b:d7:3b:04:ed:54:25:
bd:f4:0b:f7:22:28:ce:92:0e:e5:a8:bd:38:ab:ad:
6a:c6:e5:e9:d2:70:5d:f9:c6:f9:0f:80:3f:f7:3f:
00:a1:0e:45:b8:19:4c:d2:fc:ff:38:b1:26:a7:ca:
b8:f4:21:7d:82:ca:da:9f:29:7b:1a:65:83:91:ea:
35:6a:bb:95:87:1b:bb:4b:74:4b:69:d5:d9:c7:06:
1d:68:e0:66:11:60:18:56:6f:35:cc:d6:5e:1c:e8:
95:c7:b9:de:92:ce:1b:2e:8e:1e:03:a0:fb:b7:41:
71:1e:0e:3d:dd:cb:94:c9:3f:15:e9:7f:eb:d8:c9:
32:a6:91:b8:f4:d4:69:ba:f9:ca:2d:c6:2f:1e:7a:
df:38:ab:87:e5:c0:4d:71:c6:fa:0c:a2:64:d6:78:
06:70:03:7d:ce:83:ec:07:3d:02:56:6c:72:b1:ea:
a0:2a:54:7d:61:21:9a:e5:d8:75:6e:92:e0:0d:83:
ae:b5:fc:a9:08:33:80:d6:1d:b3:59:d3:07:80:3c:
08:02:98:73:51:1a:29:02:5e:be:88:45:64:ab:c3:
aa:01:ca:fb:37:6b:b4:f8:ad:86:57:95:d1:b2:2e:
81:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AA:0D:2A:C9:EB:F8:67:0E:7F:2D:69:7F:44:3D:B0:12:37:95:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:e000::/40
Signature Algorithm: sha256WithRSAEncryption
be:1a:07:66:d4:fc:e1:6a:02:f8:63:50:47:3b:b0:6c:26:c7:
8e:d5:8f:bd:c4:ee:50:dc:ee:a2:ca:e2:f0:e3:c4:ec:f8:5c:
5b:24:fe:55:96:7f:bf:d2:d0:c1:f3:ae:2c:43:53:ef:0f:e5:
f2:dd:f7:0f:ca:b2:51:b6:0f:51:0b:33:81:2f:0a:e7:7b:c6:
b0:8b:89:6f:b7:90:92:95:be:28:7c:49:ac:28:d0:27:1d:7e:
5f:fa:fe:3b:ce:f1:57:7e:c9:0c:47:73:64:b9:a8:8c:68:b2:
9c:c4:fd:fa:79:d6:9a:db:0d:07:36:f2:e7:4d:ff:80:89:68:
f3:3f:b0:17:8b:96:00:1c:f5:ac:18:d4:2e:8c:01:a2:7a:23:
23:88:1d:84:9b:14:f3:2b:59:5a:b8:fe:3d:bd:8a:82:9b:51:
54:0d:ba:22:cc:23:72:b1:06:09:c3:15:e1:6a:21:b3:5a:61:
fd:1a:d2:91:1e:73:b8:33:bd:cc:78:6f:da:59:b0:d8:14:37:
3f:6d:0b:e2:de:3a:d8:63:58:e5:67:b4:7c:5e:0e:8b:51:5e:
c0:74:74:e8:9d:37:77:75:69:c5:c3:f4:4c:d4:f2:25:a3:6a:
cb:c2:a2:95:b3:61:55:90:18:d4:ba:1b:ad:40:f9:e8:4e:4e:
34:8b:30:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDAlbyJqhPhfvy53yXmDSY43lHiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZWJiMzMyMGFlZjZkZmE0NTI3OGQ0NTlmODNiNTgyMmVkMTNkMmQxNTFi
MjZjNjY1YTUxNDM1OGViNGFlMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+EIK33wMmQbTu0QhMT+1NsrxDMtG1r1zsE7VQlvfQL9yIozpIO5ai9OKut
asbl6dJwXfnG+Q+AP/c/AKEORbgZTNL8/zixJqfKuPQhfYLK2p8pexplg5HqNWq7
lYcbu0t0S2nV2ccGHWjgZhFgGFZvNczWXhzolce53pLOGy6OHgOg+7dBcR4OPd3L
lMk/Fel/69jJMqaRuPTUabr5yi3GLx563zirh+XATXHG+gyiZNZ4BnADfc6D7Ac9
AlZscrHqoCpUfWEhmuXYdW6S4A2DrrX8qQgzgNYds1nTB4A8CAKYc1EaKQJevohF
ZKvDqgHK+zdrtPithleV0bIugTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiqg0q
yev4Zw5/LWl/RD2wEjeV4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIzZmY2MDgtNmM1My00MmI5LTgxMWQtOTY4MDk2YjMwYWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hng
MA0GCSqGSIb3DQEBCwUAA4IBAQC+Ggdm1PzhagL4Y1BHO7BsJseO1Y+9xO5Q3O6i
yuLw48Ts+FxbJP5Vln+/0tDB864sQ1PvD+Xy3fcPyrJRtg9RCzOBLwrne8awi4lv
t5CSlb4ofEmsKNAnHX5f+v47zvFXfskMR3NkuaiMaLKcxP36edaa2w0HNvLnTf+A
iWjzP7AXi5YAHPWsGNQujAGieiMjiB2EmxTzK1lauP49vYqCm1FUDboizCNysQYJ
wxXhaiGzWmH9GtKRHnO4M73MeG/aWbDYFDc/bQvi3jrYY1jlZ7R8Xg6LUV7AdHTo
nTd3dWnFw/RM1PIlo2rLwqKVs2FVkBjUuhutQPnoTk40izAM
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:11:58 2025 by rpki-client on console.sobornost.net