Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: OG6k0RrGry5LeS44vgPdhO3G3UWg1OHSojhtc3G4AnE=
Subject key identifier: 2A:A2:F2:36:61:7E:50:57:F2:B4:71:59:33:E1:A6:E1:AB:DA:5E:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 235FE8989C23783F83F325FC498E066929F3C912
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Tue 01 Apr 2025 15:00:30 +0000
ROA not before: Tue 01 Apr 2025 15:00:30 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:5f:e8:98:9c:23:78:3f:83:f3:25:fc:49:8e:06:69:29:f3:c9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:00:30 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=f2197adf0ebe3a0ebe0e9bcb9bb41ac3e99c260180c5c628109288e5eaa9ce9e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:7d:88:a3:22:fa:42:db:8e:93:01:b3:39:
02:9f:d2:e4:3e:3a:53:8a:ac:a8:32:5d:52:0c:60:
45:cc:98:7a:9f:4e:5b:62:6d:7a:a0:96:6b:72:17:
ec:ae:c4:7f:e7:30:7c:d2:ff:5c:ff:63:45:2b:63:
ae:de:66:d3:27:8a:c0:cc:b2:4a:de:29:35:b7:74:
87:49:f5:e8:86:f3:f7:f9:cd:3a:ee:b6:7c:ec:7d:
ac:e3:c3:46:77:3a:c7:86:71:01:ff:13:f2:43:53:
00:89:5d:92:f0:ad:54:ae:54:5c:10:c6:ea:24:40:
91:ee:9d:99:f6:38:4d:f4:0d:92:99:b6:79:dc:52:
6d:f6:b3:43:bd:30:88:21:26:f6:0e:55:7b:8e:e7:
e6:61:9c:0e:50:c2:33:63:4f:81:4e:57:e5:3d:d3:
32:ae:b5:19:ac:06:0a:09:8a:f9:93:f2:42:80:4d:
93:fe:85:56:20:6e:e5:de:e3:b4:a9:41:1c:64:ba:
57:6b:d6:37:96:31:21:e9:59:2c:22:1a:1a:3f:e6:
db:51:90:1e:cd:a6:8f:b2:71:bd:5c:06:2c:23:69:
b6:7a:11:01:be:8b:cf:30:c9:f5:a8:eb:b3:0a:a7:
c9:a5:c7:cd:f8:57:85:51:ef:0e:5b:7e:0e:5e:b7:
14:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A2:F2:36:61:7E:50:57:F2:B4:71:59:33:E1:A6:E1:AB:DA:5E:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
04:07:ae:53:eb:62:40:ba:5a:41:32:ce:e1:b4:18:8b:34:46:
b5:ca:fa:f9:9f:61:f0:bb:5f:61:0a:7e:68:a8:fd:f9:d7:a9:
46:02:67:13:76:2d:78:ee:bd:22:b8:58:3b:2f:89:fe:81:18:
28:a5:64:aa:f4:bc:d1:4a:67:9c:50:ab:e5:a1:86:68:7b:cb:
dd:56:df:c3:48:69:d1:4a:c1:52:1b:c9:94:41:13:a4:ac:2c:
dc:9e:1e:c1:d7:81:1d:12:16:50:3f:7b:bc:fc:01:85:ec:c5:
4b:a7:e2:d7:98:bb:bd:6a:67:d4:6a:ba:8c:43:65:ab:2d:c0:
62:ad:ee:3a:87:6a:bf:49:6c:8b:38:8a:99:f8:9c:e9:d9:ea:
08:ee:8c:74:1e:60:16:07:88:2c:b8:5e:d3:b4:eb:b3:c9:0a:
e6:a0:0a:ee:94:1b:89:84:5f:3d:06:ac:71:af:50:00:0c:d0:
cf:66:b8:11:3f:02:b6:9d:8c:5a:c3:1c:e0:df:4d:e7:82:c9:
47:45:85:70:e5:b2:f2:36:e5:3b:24:17:4d:09:82:0c:a9:bb:
6c:cc:3a:6f:bf:81:62:80:12:d4:70:bc:b5:9e:b3:ab:ba:58:
2d:54:0b:da:66:09:f2:f1:5c:fc:39:8c:b3:e1:3c:47:f3:af:
3b:83:dd:1e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI1/omJwjeD+D8yX8SY4GaSnzyRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAwMzBaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMTk3YWRmMGViZTNhMGViZTBlOWJjYjliYjQxYWMzZTk5YzI2MDE4MGM1
YzYyODEwOTI4OGU1ZWFhOWNlOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeKfYijIvpC246TAbM5Ap/S5D46U4qsqDJdUgxgRcyYep9OW2JteqCWa3IX
7K7Ef+cwfNL/XP9jRStjrt5m0yeKwMyySt4pNbd0h0n16Ibz9/nNOu62fOx9rOPD
Rnc6x4ZxAf8T8kNTAIldkvCtVK5UXBDG6iRAke6dmfY4TfQNkpm2edxSbfazQ70w
iCEm9g5Ve47n5mGcDlDCM2NPgU5X5T3TMq61GawGCgmK+ZPyQoBNk/6FViBu5d7j
tKlBHGS6V2vWN5YxIelZLCIaGj/m21GQHs2mj7JxvVwGLCNptnoRAb6LzzDJ9ajr
swqnyaXHzfhXhVHvDlt+Dl63FH0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqovI2
YX5QV/K0cVkz4abhq9peiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEABAeuU+tiQLpaQTLO4bQYizRGtcr6+Z9h8LtfYQp+
aKj9+depRgJnE3YteO69IrhYOy+J/oEYKKVkqvS80UpnnFCr5aGGaHvL3Vbfw0hp
0UrBUhvJlEETpKws3J4ewdeBHRIWUD97vPwBhezFS6fi15i7vWpn1Gq6jENlqy3A
Yq3uOodqv0lsiziKmfic6dnqCO6MdB5gFgeILLhe07Trs8kK5qAK7pQbiYRfPQas
ca9QAAzQz2a4ET8Ctp2MWsMc4N9N54LJR0WFcOWy8jblOyQXTQmCDKm7bMw6b7+B
YoAS1HC8tZ6zq7pYLVQL2mYJ8vFc/DmMs+E8R/OvO4PdHg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net