Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
File: 4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa (raw, json)
Hash identifier: RE57lsdZQ1Z8sTUwEEbPRlwLJE+0FsAqMSzycVSmZLM=
Subject key identifier: 9E:52:54:C5:B4:3C:7F:F8:6F:1D:DF:E2:7F:B4:73:98:61:D5:98:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 650C84EA315F1A804EAC01D9D727E84ECF084D45
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:0c:84:ea:31:5f:1a:80:4e:ac:01:d9:d7:27:e8:4e:cf:08:4d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=c8d370830a8f1aa574b02d31c5f68a87c13778690bb0395e9d3060f4e2896b80, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:e0:1b:9b:f0:b5:93:28:da:96:7c:4e:61:
ee:0c:3e:77:91:f3:09:c1:1d:b4:3b:2b:6e:f7:73:
ce:ba:17:ab:00:20:97:66:f7:98:4b:d2:10:8c:59:
5a:3a:5c:9e:86:9c:5e:54:93:bb:29:d2:fe:b5:b1:
f7:ad:01:c2:35:f4:4c:ff:7c:cb:4c:db:58:83:cf:
e5:f6:49:e0:90:52:b2:fd:38:7e:8d:16:13:56:0d:
58:10:2a:62:9b:0e:8f:5b:6c:10:e4:aa:25:ae:5f:
80:4a:3b:14:76:ff:ab:c4:c3:ee:04:5e:7e:70:e2:
57:3c:ca:2b:a2:d1:11:42:78:db:95:b9:b1:d4:60:
f8:7b:26:00:e0:1e:e0:ac:02:97:0d:ae:12:de:15:
21:5c:7f:15:23:db:8a:22:9c:8a:bc:cf:cf:cb:2b:
32:00:30:d6:b9:be:d0:15:d9:87:7c:92:56:02:de:
90:b8:40:dc:b8:85:09:6b:ef:61:83:89:fe:33:24:
63:4f:6d:76:a2:41:08:6c:c5:e0:11:00:63:d6:eb:
78:7c:e1:51:7d:86:9f:a0:82:8f:bf:f5:ca:9d:8c:
b9:2c:20:32:f4:aa:9c:6a:4e:12:b8:34:17:42:d9:
7e:e2:05:bc:c9:d8:0b:e1:91:30:c3:37:72:a8:d7:
16:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:52:54:C5:B4:3C:7F:F8:6F:1D:DF:E2:7F:B4:73:98:61:D5:98:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:1000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:65:d2:d9:dd:43:2a:06:d8:d3:b4:a3:35:56:e4:c3:68:36:
9c:12:d5:93:cc:9b:fe:99:03:f9:6f:23:86:05:2c:a7:06:cf:
6d:e6:ab:22:5f:aa:42:91:78:dd:81:b2:e5:90:da:a8:cc:b5:
9f:9e:2f:fa:95:67:61:ed:bd:70:92:5e:74:6c:27:05:83:71:
d3:fc:c3:77:81:4d:a2:bb:9b:9c:da:04:10:43:45:ba:54:df:
b7:d1:a4:f7:42:97:df:54:a4:24:26:3b:af:b2:fc:af:40:b1:
5f:ac:ec:87:57:c0:86:7f:c5:23:d0:7d:19:03:39:63:94:75:
49:fd:82:b1:fe:6d:69:ff:45:a2:d8:f2:77:07:38:73:b9:3d:
8a:a8:da:bf:15:73:5b:f6:f0:0f:c3:e4:f7:50:ed:c5:b0:50:
8d:5c:9c:b8:0b:39:5a:f1:f9:66:9e:69:78:6f:b1:d0:ed:a0:
d9:b7:d7:23:cb:2f:aa:8d:04:04:f9:a1:35:5f:13:3d:99:07:
ec:66:ef:0b:2f:08:85:45:ac:7c:c3:83:eb:9f:1e:88:12:8f:
2e:d3:f0:57:de:78:c7:b4:75:ea:57:2c:20:dc:6c:b6:0f:15:
07:21:27:6b:81:af:82:53:66:5f:13:df:93:89:b9:11:cc:73:
9d:d4:23:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZQyE6jFfGoBOrAHZ1yfoTs8ITUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4ZDM3MDgzMGE4ZjFhYTU3NGIwMmQzMWM1ZjY4YTg3YzEzNzc4NjkwYmIw
Mzk1ZTlkMzA2MGY0ZTI4OTZiODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtQ4Bub8LWTKNqWfE5h7gw+d5HzCcEdtDsrbvdzzroXqwAgl2b3mEvSEIxZ
WjpcnoacXlSTuynS/rWx960BwjX0TP98y0zbWIPP5fZJ4JBSsv04fo0WE1YNWBAq
YpsOj1tsEOSqJa5fgEo7FHb/q8TD7gRefnDiVzzKK6LREUJ425W5sdRg+HsmAOAe
4KwClw2uEt4VIVx/FSPbiiKcirzPz8srMgAw1rm+0BXZh3ySVgLekLhA3LiFCWvv
YYOJ/jMkY09tdqJBCGzF4BEAY9breHzhUX2Gn6CCj7/1yp2MuSwgMvSqnGpOErg0
F0LZfuIFvMnYC+GRMMM3cqjXFrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeUlTF
tDx/+G8d3+J/tHOYYdWYcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1M2E0ZTctNzIwMy00YWFjLThlMmYtMTEwODE5YWU0Y2UzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HwQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA+ZdLZ3UMqBtjTtKM1VuTDaDacEtWTzJv+mQP5
byOGBSynBs9t5qsiX6pCkXjdgbLlkNqozLWfni/6lWdh7b1wkl50bCcFg3HT/MN3
gU2iu5uc2gQQQ0W6VN+30aT3QpffVKQkJjuvsvyvQLFfrOyHV8CGf8Uj0H0ZAzlj
lHVJ/YKx/m1p/0Wi2PJ3BzhzuT2KqNq/FXNb9vAPw+T3UO3FsFCNXJy4Czla8flm
nml4b7HQ7aDZt9cjyy+qjQQE+aE1XxM9mQfsZu8LLwiFRax8w4Prnx6IEo8u0/BX
3njHtHXqVywg3Gy2DxUHISdrga+CU2ZfE9+TibkRzHOd1CPG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net