Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: 2jk6bsirs9NFnivHr9BfOBlrzhCpjHiP2+vjDB+duoQ=
Subject key identifier: 83:99:DC:20:19:96:A2:56:3F:F3:1A:61:D3:8A:39:38:5F:F1:4E:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 329DE66A9212A434CFD25620CC0976E0C8644E97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Mon 31 Mar 2025 21:21:26 +0000
ROA not before: Mon 31 Mar 2025 21:21:26 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:9d:e6:6a:92:12:a4:34:cf:d2:56:20:cc:09:76:e0:c8:64:4e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:21:26 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=85a1b79c4079952b331968adcf8bb8b7a5f6326b500cadc04e8083ba599cd4b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d8:32:b4:cd:cc:cb:d5:2c:dd:ce:90:e6:3b:
f9:39:a4:9d:a1:ee:42:d4:6b:90:3b:8a:90:f0:db:
6e:5a:6f:f1:0a:1f:eb:0a:a0:ea:99:4c:f2:25:ed:
49:8c:88:0f:91:ef:f9:9f:85:50:bf:8f:09:21:a4:
14:7c:b6:d0:dc:d3:e2:bf:74:18:66:0a:65:37:c9:
1f:fc:96:38:b3:d8:46:49:b8:82:ab:ea:e3:40:61:
59:65:26:50:a2:0b:5e:5d:cc:93:11:6d:cf:b9:9d:
c4:fe:6f:f5:79:9f:e2:d2:c0:3e:1d:c4:95:73:6a:
60:2d:2a:79:9d:38:44:b9:fb:09:6d:71:da:ce:3e:
1b:7f:34:a5:a1:06:73:31:e5:3e:6b:95:01:1d:1d:
8d:c5:e3:a7:da:75:3b:0d:88:18:09:a1:a2:ba:91:
09:e7:c0:d6:b4:0d:14:42:65:44:63:42:9f:42:87:
d1:09:63:a2:3a:88:12:5c:fe:f6:09:b8:88:32:f9:
32:73:a1:02:ae:f4:24:b2:3d:26:db:cd:d1:5d:a7:
f0:fb:64:c6:4f:cc:06:19:f2:2b:17:13:9f:23:b9:
ea:10:80:f6:bc:02:b8:27:1f:fc:a7:d1:87:ec:9f:
28:23:3f:c0:74:c0:af:85:33:3d:f0:e7:8c:9a:1a:
85:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:99:DC:20:19:96:A2:56:3F:F3:1A:61:D3:8A:39:38:5F:F1:4E:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
9e:84:9a:c2:ff:ac:0e:04:19:b6:a8:7c:cc:2d:69:47:f2:80:
7a:3b:83:a0:b7:4f:19:c9:7f:98:b4:b4:d4:71:52:54:da:51:
ce:d0:3f:de:39:22:e8:12:ee:f6:41:43:64:81:5e:df:81:28:
19:97:76:66:9b:64:f1:41:51:97:ea:52:5b:54:48:60:8c:39:
9a:c6:bc:9c:96:0e:10:0b:b0:86:5d:29:df:d9:8d:cb:e2:ff:
75:27:91:c2:44:d4:7f:4c:33:04:e1:fb:59:d7:d4:91:29:b6:
24:15:24:90:93:da:15:ee:44:06:78:32:70:4a:e1:c8:56:59:
31:5b:ac:3f:15:3d:2e:e0:11:e9:80:b1:ef:d3:44:a6:02:99:
9c:1e:b2:cb:8d:09:24:79:cf:3d:ab:a1:12:fe:99:cf:6e:35:
04:7a:a6:75:55:9b:e0:dd:e3:19:57:32:ef:9f:09:7d:02:e3:
83:0f:c8:e0:e9:df:d9:e7:4c:a0:2c:a5:48:51:9a:bb:0e:32:
4e:5e:98:f9:82:68:28:15:04:28:ce:59:4b:a7:ee:9c:c4:68:
e1:fe:f2:7a:02:26:71:d4:1f:26:5a:3e:17:ce:52:3d:7f:5c:
fc:d2:eb:3e:03:24:8e:13:1e:aa:34:53:f0:01:41:2d:45:eb:
d0:de:10:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMp3mapISpDTP0lYgzAl24MhkTpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIxMjZaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YTFiNzljNDA3OTk1MmIzMzE5NjhhZGNmOGJiOGI3YTVmNjMyNmI1MDBj
YWRjMDRlODA4M2JhNTk5Y2Q0YjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPYMrTNzMvVLN3OkOY7+TmknaHuQtRrkDuKkPDbblpv8Qof6wqg6plM8iXt
SYyID5Hv+Z+FUL+PCSGkFHy20NzT4r90GGYKZTfJH/yWOLPYRkm4gqvq40BhWWUm
UKILXl3MkxFtz7mdxP5v9Xmf4tLAPh3ElXNqYC0qeZ04RLn7CW1x2s4+G380paEG
czHlPmuVAR0djcXjp9p1Ow2IGAmhorqRCefA1rQNFEJlRGNCn0KH0QljojqIElz+
9gm4iDL5MnOhAq70JLI9JtvN0V2n8Ptkxk/MBhnyKxcTnyO56hCA9rwCuCcf/KfR
h+yfKCM/wHTAr4UzPfDnjJoahcECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDmdwg
GZaiVj/zGmHTijk4X/FOBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCehJrC/6wOBBm2qHzMLWlH8oB6O4Ogt08ZyX+Y
tLTUcVJU2lHO0D/eOSLoEu72QUNkgV7fgSgZl3Zmm2TxQVGX6lJbVEhgjDmaxryc
lg4QC7CGXSnf2Y3L4v91J5HCRNR/TDME4ftZ19SRKbYkFSSQk9oV7kQGeDJwSuHI
VlkxW6w/FT0u4BHpgLHv00SmApmcHrLLjQkkec89q6ES/pnPbjUEeqZ1VZvg3eMZ
VzLvnwl9AuODD8jg6d/Z50ygLKVIUZq7DjJOXpj5gmgoFQQozllLp+6cxGjh/vJ6
AiZx1B8mWj4XzlI9f1z80us+AySOEx6qNFPwAUEtRevQ3hAr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net