Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: nxV6MxnDkbnsFCkUCSFZRj3yeUNfBNPGwPoeseE764w=
Subject key identifier: C2:03:E3:50:86:AB:03:2B:E4:DF:56:3E:CA:F2:F8:3D:12:2C:98:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B3E6849DE7BF0A58EFD7EAD5D7CBD6DBED3F2D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Mon 31 Mar 2025 19:21:33 +0000
ROA not before: Mon 31 Mar 2025 19:21:33 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3e:68:49:de:7b:f0:a5:8e:fd:7e:ad:5d:7c:bd:6d:be:d3:f2:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:21:33 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=82b2106eef51b38b94e8443c5c92237f289070a10e888d0708399c1db7eaa9c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:6b:f5:e5:b9:09:9c:76:67:ed:b2:42:65:
c5:05:8e:2b:1e:10:8a:3f:8c:ab:19:16:1f:bf:72:
cd:27:93:e8:04:e0:0d:34:90:78:4f:1c:41:b2:de:
6f:e9:9c:e0:d6:4f:24:10:ca:de:53:6e:77:1c:22:
4e:7b:6e:b2:a4:d8:a4:39:fc:46:c2:31:00:8e:c4:
9f:02:a1:35:fa:1c:4e:57:4c:6c:55:75:cd:fa:81:
2d:92:83:ce:a6:b8:46:64:d5:01:8d:85:b3:34:54:
49:f6:7e:35:03:13:e9:55:cb:a7:c6:a0:66:0d:79:
7c:ec:67:3a:ce:92:00:6b:71:66:b4:82:1b:2a:5c:
dd:c5:4f:66:28:e2:96:03:1f:5b:c2:17:92:23:d5:
21:e2:9f:8b:37:d3:60:5c:0d:23:d7:18:ba:6b:5d:
92:d2:79:3b:69:a6:3b:f1:c3:a4:28:80:ee:bd:e2:
21:f7:a5:fe:c9:33:10:e0:42:fd:02:26:82:e4:1c:
5c:9d:48:2a:15:f4:41:0a:a5:ff:7e:ab:dd:be:87:
c6:23:51:24:fa:ea:7e:9f:bb:d7:66:60:42:6e:6f:
0f:fb:bc:f5:ef:56:59:9b:fa:9d:21:b0:e4:4a:43:
6b:a7:12:dd:77:6c:d0:dc:38:90:28:02:a4:0a:0d:
f8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:03:E3:50:86:AB:03:2B:E4:DF:56:3E:CA:F2:F8:3D:12:2C:98:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
47:b0:a7:df:a8:21:f2:aa:ba:00:56:8b:e4:4d:96:50:7d:1f:
35:b7:d2:cd:81:09:0f:00:9d:19:94:f7:43:d2:6d:01:98:d4:
72:85:39:8d:98:17:b3:19:cc:ed:7e:7d:8c:13:d9:a9:f5:a5:
fa:98:17:a7:32:c2:cc:4d:b2:7a:cf:29:7d:0b:77:00:b4:77:
84:08:11:8f:a1:d9:8e:06:c7:35:d7:41:ca:7e:af:ad:27:ab:
62:be:10:5e:0e:28:a5:29:03:d0:f4:2e:ec:62:76:80:4a:01:
7a:83:a0:cc:60:e1:ad:75:a9:48:f1:17:ad:25:8d:84:3f:41:
da:6d:f7:e3:24:ba:30:d1:e9:3d:ee:d7:34:38:fc:2a:fa:8a:
fd:89:64:71:5f:32:df:7e:d0:c7:17:3b:01:e3:f3:7e:46:2b:
1a:e6:69:3b:53:c4:4c:f0:85:cb:37:a2:32:21:30:39:8b:10:
c8:10:95:75:7d:22:dc:cd:52:f3:e8:81:6d:26:47:0f:e6:11:
33:94:b1:25:21:53:1a:83:44:6e:56:cc:da:61:b4:40:8f:12:
28:03:cf:cc:2c:83:aa:cc:5a:77:bc:fe:42:f4:1a:6e:83:4f:
cc:a5:6c:bd:30:c9:ec:44:28:e8:13:0c:ae:c1:d3:09:ab:88:
30:6c:9f:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWz5oSd578KWO/X6tXXy9bb7T8tYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTIxMzNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYjIxMDZlZWY1MWIzOGI5NGU4NDQzYzVjOTIyMzdmMjg5MDcwYTEwZTg4
OGQwNzA4Mzk5YzFkYjdlYWE5YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4Ia/XluQmcdmftskJlxQWOKx4Qij+MqxkWH79yzSeT6ATgDTSQeE8cQbLe
b+mc4NZPJBDK3lNudxwiTntusqTYpDn8RsIxAI7EnwKhNfocTldMbFV1zfqBLZKD
zqa4RmTVAY2FszRUSfZ+NQMT6VXLp8agZg15fOxnOs6SAGtxZrSCGypc3cVPZiji
lgMfW8IXkiPVIeKfizfTYFwNI9cYumtdktJ5O2mmO/HDpCiA7r3iIfel/skzEOBC
/QImguQcXJ1IKhX0QQql/36r3b6HxiNRJPrqfp+712ZgQm5vD/u89e9WWZv6nSGw
5EpDa6cS3Xds0Nw4kCgCpAoN+NECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTCA+NQ
hqsDK+TfVj7K8vg9EiyY4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAR7Cn36gh8qq6AFaL5E2WUH0fNbfSzYEJDwCd
GZT3Q9JtAZjUcoU5jZgXsxnM7X59jBPZqfWl+pgXpzLCzE2yes8pfQt3ALR3hAgR
j6HZjgbHNddByn6vrSerYr4QXg4opSkD0PQu7GJ2gEoBeoOgzGDhrXWpSPEXrSWN
hD9B2m334yS6MNHpPe7XNDj8KvqK/YlkcV8y337Qxxc7AePzfkYrGuZpO1PETPCF
yzeiMiEwOYsQyBCVdX0i3M1S8+iBbSZHD+YRM5SxJSFTGoNEblbM2mG0QI8SKAPP
zCyDqsxad7z+QvQaboNPzKVsvTDJ7EQo6BMMrsHTCauIMGyf1w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net