Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: LG2shk4p1NdnK+0G84820QPuNq1/j69UAEUtFB9LNv0=
Subject key identifier: D3:BF:7C:2A:8E:98:B6:E3:F0:14:D8:3E:3B:3E:49:A1:B5:62:13:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72073A42DEA1712A0DAB05044E9399D34AF0D19B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Mon 31 Mar 2025 20:51:11 +0000
ROA not before: Mon 31 Mar 2025 20:51:11 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:07:3a:42:de:a1:71:2a:0d:ab:05:04:4e:93:99:d3:4a:f0:d1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:51:11 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=b7999ca745407aa5f874cf750b1f2a63ac00718df1a4c3bf93c43550b11792a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:42:0d:bf:66:cd:10:bb:46:ad:9d:22:e9:bb:
51:09:2c:81:9d:88:f8:48:cf:96:87:f6:76:3f:aa:
4e:cf:f1:26:04:36:5d:de:0a:e3:63:9b:ea:65:7d:
33:c8:57:7d:b7:ba:39:13:4c:2f:ef:3c:4a:5a:c2:
67:d7:a2:4e:a9:ea:12:24:cd:43:a3:cc:ac:a0:64:
8b:4b:28:6b:90:10:cb:25:8f:ab:cd:a7:71:0e:85:
39:c1:dd:c1:3b:fa:2b:3f:12:39:a6:24:c6:80:bd:
86:82:58:02:17:54:db:bb:d7:6e:9f:4c:0b:d3:c1:
37:88:20:58:e8:1d:4b:8b:a0:62:ea:55:d1:d4:62:
1e:76:56:59:f2:86:66:f5:52:33:f3:6e:aa:ed:ab:
5c:a8:03:b5:9a:8e:f5:34:2c:a5:99:2d:a6:55:93:
70:50:1c:42:c0:37:b4:a9:2c:53:74:11:2c:a8:0f:
fc:66:5b:2d:37:ce:d0:ce:71:e7:1c:48:5e:49:0f:
95:6b:22:17:24:5c:bc:ff:be:53:5d:59:ea:97:22:
7c:2f:4a:f3:e7:a0:f6:fa:7e:6f:58:b7:06:1f:75:
b5:48:a3:42:39:f8:51:9e:22:59:c6:ec:fd:4d:10:
a2:65:61:f7:9d:ad:6b:50:89:bd:78:ff:cf:17:e9:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BF:7C:2A:8E:98:B6:E3:F0:14:D8:3E:3B:3E:49:A1:B5:62:13:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
61:9f:ae:b7:0b:b0:ad:0d:b9:22:38:4b:2c:40:2a:14:7c:7c:
ba:d7:06:03:67:32:80:c1:e7:91:09:ad:e7:5c:75:0f:14:6b:
09:54:77:d8:ed:e8:3e:93:d4:91:ec:ee:06:20:85:50:91:d7:
15:91:6c:df:3d:83:3a:81:fe:11:b9:44:82:c4:18:3a:90:83:
b6:a0:98:5d:00:89:19:ef:0d:d4:f2:e7:c7:d4:26:99:2d:70:
20:39:a4:de:52:4d:54:c6:1a:4a:89:c4:11:23:d5:89:57:72:
2f:ca:5b:63:57:f1:fd:5f:e4:8e:5c:fb:18:f2:db:fa:be:23:
93:03:e4:7c:2c:b6:5e:80:cf:2a:83:cb:52:1d:69:d4:81:e3:
dc:36:ee:26:0d:47:f2:2e:cf:9c:53:42:59:4f:d9:f0:04:68:
54:40:fc:76:1f:61:a4:7b:b5:27:b4:9a:83:d4:1a:c9:de:d3:
8a:c0:7a:29:44:b6:dc:32:de:5c:24:80:2e:76:cb:94:a8:d7:
ab:2c:2e:95:d5:90:99:fa:cd:8c:2e:d5:32:be:ba:de:6b:1d:
3d:dd:0a:07:e9:60:fa:52:36:5d:69:8f:24:10:34:18:f0:40:
7c:59:df:e5:f1:bf:31:b2:7c:37:72:07:77:fd:ba:37:50:44:
ab:07:cb:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcgc6Qt6hcSoNqwUETpOZ00rw0ZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUxMTFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3OTk5Y2E3NDU0MDdhYTVmODc0Y2Y3NTBiMWYyYTYzYWMwMDcxOGRmMWE0
YzNiZjkzYzQzNTUwYjExNzkyYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5CDb9mzRC7Rq2dIum7UQksgZ2I+EjPlof2dj+qTs/xJgQ2Xd4K42Ob6mV9
M8hXfbe6ORNML+88SlrCZ9eiTqnqEiTNQ6PMrKBki0soa5AQyyWPq82ncQ6FOcHd
wTv6Kz8SOaYkxoC9hoJYAhdU27vXbp9MC9PBN4ggWOgdS4ugYupV0dRiHnZWWfKG
ZvVSM/Nuqu2rXKgDtZqO9TQspZktplWTcFAcQsA3tKksU3QRLKgP/GZbLTfO0M5x
5xxIXkkPlWsiFyRcvP++U11Z6pcifC9K8+eg9vp+b1i3Bh91tUijQjn4UZ4iWcbs
/U0QomVh952ta1CJvXj/zxfpiokCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTv3wq
jpi24/AU2D47PkmhtWITNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQBhn663C7CtDbkiOEssQCoUfHy61wYDZzKAweeR
Ca3nXHUPFGsJVHfY7eg+k9SR7O4GIIVQkdcVkWzfPYM6gf4RuUSCxBg6kIO2oJhd
AIkZ7w3U8ufH1CaZLXAgOaTeUk1UxhpKicQRI9WJV3IvyltjV/H9X+SOXPsY8tv6
viOTA+R8LLZegM8qg8tSHWnUgePcNu4mDUfyLs+cU0JZT9nwBGhUQPx2H2Gke7Un
tJqD1BrJ3tOKwHopRLbcMt5cJIAudsuUqNerLC6V1ZCZ+s2MLtUyvrreax093QoH
6WD6UjZdaY8kEDQY8EB8Wd/l8b8xsnw3cgd3/bo3UESrB8vu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net