Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
File: 5767e356-231b-4b87-98ab-c496dcc2d53f.roa (raw, json)
Hash identifier: DGP7o2g56U9hIpO/aQjQaf7MPT6dDJ+GiRLKOESUSWM=
Subject key identifier: 9D:A3:96:DA:D1:CF:80:7A:5E:96:C0:5E:09:C5:45:64:C2:FF:1D:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10152AC4BC271439795A9434466CE69491BCE2E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
Signing time: Mon 31 Mar 2025 20:41:22 +0000
ROA not before: Mon 31 Mar 2025 20:41:22 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:c000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:15:2a:c4:bc:27:14:39:79:5a:94:34:46:6c:e6:94:91:bc:e2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:41:22 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=4fe253fc8da9e25f1c6363be98a293062fd27431c554d7ad876866e4792a3216, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:26:4f:85:54:be:48:bf:30:1e:6b:64:eb:29:
5d:63:76:78:46:c9:e6:dd:74:13:8b:d2:26:b2:3f:
e9:fd:82:4e:f5:90:f5:ef:25:e4:a2:22:a2:e7:3f:
f2:83:16:3b:3e:23:c9:b8:c8:33:fa:62:28:be:d0:
1d:33:be:bd:d5:3b:04:67:12:b8:31:d3:77:fc:7d:
35:bc:17:17:cb:47:4f:ed:d5:bb:2a:fa:eb:79:09:
e7:05:79:78:6c:42:2c:18:72:7a:4d:98:cb:0d:f1:
e8:d7:88:3e:21:b5:a0:3a:ff:e5:0d:0c:dc:b8:c5:
74:f5:35:09:be:be:b9:0f:92:2e:b6:ac:71:7e:23:
11:29:99:77:0b:a5:ba:4d:d1:6c:52:63:67:c6:3f:
d2:16:05:f8:fe:6c:53:ee:a8:24:08:83:cc:e9:f8:
90:40:9e:ba:79:66:41:94:0f:4f:91:47:aa:22:a5:
b3:16:b3:71:1c:5a:61:4c:65:9b:62:5e:7b:1c:af:
e0:36:99:35:39:c4:4d:aa:1b:28:7a:27:27:41:7f:
ad:51:1c:13:09:e0:bd:7d:ab:3c:ac:98:bc:33:97:
65:94:69:bd:fe:eb:5c:32:16:87:c6:3f:24:ba:cd:
cd:5f:76:6d:de:8c:55:0c:ba:05:94:95:0b:2c:09:
76:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A3:96:DA:D1:CF:80:7A:5E:96:C0:5E:09:C5:45:64:C2:FF:1D:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:c000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:a6:e7:2c:d8:b2:8e:78:c3:00:5a:01:5f:2c:04:b0:f8:1f:
f3:5e:c8:05:38:c7:5b:f0:69:49:20:e2:96:18:eb:c1:40:31:
3d:10:74:f2:93:a8:5e:d0:0b:34:e0:4b:f9:cd:61:64:f8:77:
28:50:f2:ae:1d:6a:68:22:15:5e:a0:ee:6e:7f:e9:ae:25:36:
5a:5f:f4:7b:05:67:f6:70:8c:b0:f3:f0:79:0d:f5:2e:2d:8b:
84:9e:52:a7:5e:46:23:df:cc:30:ce:69:5c:b4:ae:4a:52:46:
e3:3b:60:84:fe:26:8e:6e:bf:b2:44:20:50:19:f8:95:cc:6c:
b3:b3:f6:51:a1:ad:ab:0d:bc:72:b2:56:38:d2:67:44:e5:ab:
42:d0:35:b4:30:1a:04:fe:fd:75:1f:16:b6:bd:bd:a3:49:03:
ae:55:c6:9f:5e:4a:da:9d:b2:d7:a2:29:ea:94:11:bc:a5:44:
0f:00:85:a3:d4:43:67:4d:f3:57:a4:f6:7a:c6:29:87:e9:a6:
bf:5c:be:de:f1:15:a4:17:22:fc:90:32:78:df:dc:9f:34:5a:
f4:94:6c:11:cb:30:1a:0c:f4:27:53:7d:c5:c4:f9:a5:a7:47:
fc:5e:14:ff:f6:0a:47:28:db:40:c1:f4:9a:e9:ba:3a:ce:9f:
38:f9:27:7d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEBUqxLwnFDl5WpQ0RmzmlJG84ukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQxMjJaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZTI1M2ZjOGRhOWUyNWYxYzYzNjNiZTk4YTI5MzA2MmZkMjc0MzFjNTU0
ZDdhZDg3Njg2NmU0NzkyYTMyMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgmT4VUvki/MB5rZOspXWN2eEbJ5t10E4vSJrI/6f2CTvWQ9e8l5KIiouc/
8oMWOz4jybjIM/piKL7QHTO+vdU7BGcSuDHTd/x9NbwXF8tHT+3Vuyr663kJ5wV5
eGxCLBhyek2Yyw3x6NeIPiG1oDr/5Q0M3LjFdPU1Cb6+uQ+SLrascX4jESmZdwul
uk3RbFJjZ8Y/0hYF+P5sU+6oJAiDzOn4kECeunlmQZQPT5FHqiKlsxazcRxaYUxl
m2Jeexyv4DaZNTnETaobKHonJ0F/rVEcEwngvX2rPKyYvDOXZZRpvf7rXDIWh8Y/
JLrNzV92bd6MVQy6BZSVCywJdt8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdo5ba
0c+Ael6WwF4JxUVkwv8dSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc2N2UzNTYtMjMxYi00Yjg3LTk4YWItYzQ5NmRjYzJkNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCdpucs2LKOeMMAWgFfLASw+B/zXsgFOMdb8GlJ
IOKWGOvBQDE9EHTyk6he0As04Ev5zWFk+HcoUPKuHWpoIhVeoO5uf+muJTZaX/R7
BWf2cIyw8/B5DfUuLYuEnlKnXkYj38wwzmlctK5KUkbjO2CE/iaObr+yRCBQGfiV
zGyzs/ZRoa2rDbxyslY40mdE5atC0DW0MBoE/v11Hxa2vb2jSQOuVcafXkranbLX
oinqlBG8pUQPAIWj1ENnTfNXpPZ6ximH6aa/XL7e8RWkFyL8kDJ439yfNFr0lGwR
yzAaDPQnU33FxPmlp0f8XhT/9gpHKNtAwfSa6bo6zp84+Sd9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net