Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
File: 4c78114f-4347-44fe-aef1-32fc688c69b9.roa (raw, json)
Hash identifier: dSby+qbN6JvlkdROPABnfXKb9Q3j7hnXY2BgBX0I9/M=
Subject key identifier: 3A:A6:C7:10:0A:CA:A3:70:D2:9C:10:9C:FA:36:3C:55:16:65:DD:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A9F94FF0B07C1F42B027B8091D715A4D94335D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
Signing time: Mon 31 Mar 2025 19:40:32 +0000
ROA not before: Mon 31 Mar 2025 19:40:32 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:9f:94:ff:0b:07:c1:f4:2b:02:7b:80:91:d7:15:a4:d9:43:35:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:40:32 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=2cb1d974306b9a6ebecf60c4fa627c7d4e001927a66170ecba512f6ead48b84a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dd:af:1a:6f:e4:08:37:96:0a:ef:8c:64:34:
97:9a:09:7d:fb:8c:07:b5:01:06:d5:ba:17:b8:28:
ad:8c:14:22:88:5a:c1:ab:00:9f:9b:28:cc:00:99:
3a:29:8e:58:f8:6e:31:73:25:b6:c1:e8:ba:44:d8:
4b:ef:e9:d4:d0:49:50:1f:f3:93:05:15:91:a2:02:
ee:75:bc:79:95:65:25:ef:db:33:fb:6f:b0:33:82:
d2:9b:9d:e0:05:4d:31:7f:20:de:52:8d:b1:3a:68:
a4:77:3b:03:e3:24:71:fb:a3:c1:fa:37:cf:eb:fb:
10:e0:17:4a:0f:f8:f3:db:a0:4b:35:e6:3f:ab:d7:
0a:02:af:d5:80:d3:59:e9:5c:8b:c2:4b:74:7e:1a:
48:9e:72:7d:ba:6b:c0:f5:f1:f0:6f:43:2a:a6:69:
5a:68:26:22:41:bd:c8:8b:e9:18:bc:cf:ea:0c:1f:
0c:a3:53:28:2a:a6:cb:fa:f4:79:f5:c1:f9:0a:81:
57:20:ec:ab:c0:05:0b:2e:0f:3f:f8:0c:41:29:22:
64:05:42:74:f7:0a:02:9d:89:94:54:2a:75:d2:a8:
fa:ec:d3:20:3d:0c:db:ef:50:01:8e:1f:23:d9:05:
ee:60:0a:39:a9:c1:f7:29:c6:c5:e0:8c:05:3d:85:
11:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A6:C7:10:0A:CA:A3:70:D2:9C:10:9C:FA:36:3C:55:16:65:DD:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8020::/48
Signature Algorithm: sha256WithRSAEncryption
40:dd:e3:0c:e4:52:30:de:f5:ec:87:5f:06:d5:f0:89:2e:58:
41:9c:22:15:29:a7:55:75:14:d8:85:de:a4:f1:22:29:8b:5a:
b8:3c:19:bb:27:68:14:38:9c:d2:9b:c7:ca:3f:5d:43:d7:2f:
d7:4c:7b:b9:58:4a:66:35:4b:c3:cb:79:76:f1:45:d8:bf:ad:
c3:72:fc:2d:bc:71:93:43:62:2b:a4:57:dd:26:18:57:8d:8f:
d6:ae:64:8a:ef:96:d6:17:59:3f:8c:5a:f3:3a:06:c0:fe:dc:
45:df:97:e9:98:38:ed:57:5f:d9:ce:23:0a:24:50:c4:41:0a:
15:9b:27:cf:73:b5:e5:1a:52:1b:93:85:1c:fa:6c:39:5f:a2:
b8:b6:19:95:9d:d0:88:10:85:2a:36:2f:71:80:2d:5c:24:06:
48:84:d6:d4:e7:3c:46:b9:61:30:11:dd:ea:eb:55:56:cb:2f:
98:50:38:06:35:99:69:75:94:e5:1d:6d:8f:07:62:b8:b7:c4:
90:d8:a7:c8:33:c3:a5:f7:f9:75:76:00:a8:39:89:bd:d4:13:
0b:68:f4:72:14:07:53:45:ae:53:63:7a:88:c5:28:ba:e4:ef:
81:fb:e7:41:e1:21:e5:2c:49:60:5e:6c:17:ff:e9:60:4c:b5:
12:24:46:61
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOp+U/wsHwfQrAnuAkdcVpNlDNdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTQwMzJaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYjFkOTc0MzA2YjlhNmViZWNmNjBjNGZhNjI3YzdkNGUwMDE5MjdhNjYx
NzBlY2JhNTEyZjZlYWQ0OGI4NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjdrxpv5Ag3lgrvjGQ0l5oJffuMB7UBBtW6F7gorYwUIohawasAn5sozACZ
OimOWPhuMXMltsHoukTYS+/p1NBJUB/zkwUVkaIC7nW8eZVlJe/bM/tvsDOC0pud
4AVNMX8g3lKNsTpopHc7A+Mkcfujwfo3z+v7EOAXSg/489ugSzXmP6vXCgKv1YDT
Welci8JLdH4aSJ5yfbprwPXx8G9DKqZpWmgmIkG9yIvpGLzP6gwfDKNTKCqmy/r0
efXB+QqBVyDsq8AFCy4PP/gMQSkiZAVCdPcKAp2JlFQqddKo+uzTID0M2+9QAY4f
I9kF7mAKOanB9ynGxeCMBT2FEZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6pscQ
CsqjcNKcEJz6NjxVFmXd8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM3ODExNGYtNDM0Ny00NGZlLWFlZjEtMzJmYzY4OGM2OWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
IDANBgkqhkiG9w0BAQsFAAOCAQEAQN3jDORSMN717IdfBtXwiS5YQZwiFSmnVXUU
2IXepPEiKYtauDwZuydoFDic0pvHyj9dQ9cv10x7uVhKZjVLw8t5dvFF2L+tw3L8
Lbxxk0NiK6RX3SYYV42P1q5kiu+W1hdZP4xa8zoGwP7cRd+X6Zg47Vdf2c4jCiRQ
xEEKFZsnz3O15RpSG5OFHPpsOV+iuLYZlZ3QiBCFKjYvcYAtXCQGSITW1Oc8Rrlh
MBHd6utVVssvmFA4BjWZaXWU5R1tjwdiuLfEkNinyDPDpff5dXYAqDmJvdQTC2j0
chQHU0WuU2N6iMUouuTvgfvnQeEh5SxJYF5sF//pYEy1EiRGYQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net