Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
File: 581266ac-af97-4864-a566-36693b593269.roa (raw, json)
Hash identifier: XwQVnyiM5lvYdgz90zKAHyg6u63icMeL4HANXErMg20=
Subject key identifier: 2E:64:D5:AC:ED:97:19:62:21:15:06:08:F4:C8:6C:95:D1:5C:44:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AD8B8174D5F3EE356F826248FF27CDEC97AC227
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
Signing time: Mon 31 Mar 2025 20:01:23 +0000
ROA not before: Mon 31 Mar 2025 20:01:23 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:d8:b8:17:4d:5f:3e:e3:56:f8:26:24:8f:f2:7c:de:c9:7a:c2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:01:23 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=b87fd864706171ebd5b91b50a7f8ed463acd54c513942dcac19cc656e902cdc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:55:31:6d:32:ae:27:64:d7:d2:2b:fc:41:
ac:39:bc:84:ff:1b:4b:4f:07:76:10:f0:f0:70:90:
a9:e6:8b:55:d0:10:0f:62:7b:80:49:ec:64:32:bc:
18:cd:7b:76:4d:d6:83:ba:a3:70:34:81:a0:68:5d:
ca:5c:39:b2:78:bf:b8:42:87:cf:b5:a5:d6:a2:07:
20:30:9e:d1:62:5e:4a:39:34:c6:04:35:5f:62:c3:
54:5b:ae:4e:0e:f7:2b:00:1e:6a:ab:76:70:3b:ae:
87:09:73:df:a9:bc:6b:8c:9a:c4:47:9c:11:f1:1e:
3a:86:da:c1:5d:53:69:32:b7:c1:8f:a1:19:af:18:
df:c5:81:9f:80:ed:7f:6c:60:2e:1e:0f:ce:e4:09:
bb:ab:f6:c3:89:ad:a3:40:d7:54:57:71:3e:5e:25:
99:4b:db:b3:e7:16:f3:a9:d8:e2:69:c6:cf:86:1c:
c1:1c:0d:4f:12:b2:e2:3f:78:be:1d:eb:47:28:d1:
bf:82:fc:b2:fe:c8:60:4f:ce:ae:59:2e:0f:cd:9f:
50:50:11:8d:5f:e4:f2:f2:c6:ad:34:41:75:3e:97:
a9:f9:35:c6:ca:cc:fe:8c:69:6d:fc:be:3a:5b:82:
e5:ba:7f:d9:58:03:56:de:d3:cb:53:06:f6:b0:10:
d3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:64:D5:AC:ED:97:19:62:21:15:06:08:F4:C8:6C:95:D1:5C:44:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:e9:4c:9f:fc:a3:f9:06:21:e4:19:cd:48:1f:9d:ef:43:bd:
17:ed:89:9a:95:b6:62:b0:c4:14:6d:59:96:bc:a4:fa:95:4b:
f2:d8:7e:5b:ce:36:b6:92:c3:b3:09:93:92:3d:9a:31:46:68:
7d:08:53:f3:e1:7b:c6:9a:68:5e:82:ce:7c:c2:cd:eb:04:6a:
38:a4:b8:72:85:bc:3c:a8:5d:89:2a:30:91:ca:6b:75:47:27:
29:3c:8b:9d:52:86:58:82:eb:ca:6f:f3:de:fc:32:28:66:68:
f4:e5:56:c6:a4:ee:81:eb:0e:29:68:56:e7:21:8d:99:57:3e:
13:b8:7f:38:90:4d:ce:e2:2f:e1:f2:45:96:1f:97:6e:38:06:
3b:a7:b0:4e:1b:d5:5d:56:d9:80:1e:34:b3:fc:1f:5d:a0:3a:
3c:13:5b:19:d7:d1:16:2c:cc:50:25:fc:1d:2f:5b:d1:1c:86:
a3:3d:3c:0f:c2:8f:88:52:91:24:7a:17:2d:19:75:da:20:0c:
14:e9:d3:c6:3c:6b:50:65:5c:13:6f:0c:97:b2:41:11:13:c2:
1f:b4:31:9b:fd:c7:e6:bf:98:2f:2b:a8:c4:f4:e4:fa:1c:e3:
14:cd:31:d8:6a:cf:ac:ea:c0:54:5e:bb:b6:8a:0e:47:73:1d:
6d:42:64:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOti4F01fPuNW+CYkj/J83sl6wicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAxMjNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4N2ZkODY0NzA2MTcxZWJkNWI5MWI1MGE3ZjhlZDQ2M2FjZDU0YzUxMzk0
MmRjYWMxOWNjNjU2ZTkwMmNkYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaoVTFtMq4nZNfSK/xBrDm8hP8bS08HdhDw8HCQqeaLVdAQD2J7gEnsZDK8
GM17dk3Wg7qjcDSBoGhdylw5sni/uEKHz7Wl1qIHIDCe0WJeSjk0xgQ1X2LDVFuu
Tg73KwAeaqt2cDuuhwlz36m8a4yaxEecEfEeOobawV1TaTK3wY+hGa8Y38WBn4Dt
f2xgLh4PzuQJu6v2w4mto0DXVFdxPl4lmUvbs+cW86nY4mnGz4YcwRwNTxKy4j94
vh3rRyjRv4L8sv7IYE/OrlkuD82fUFARjV/k8vLGrTRBdT6Xqfk1xsrM/oxpbfy+
OluC5bp/2VgDVt7Ty1MG9rAQ01ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQuZNWs
7ZcZYiEVBgj0yGyV0VxEPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgxMjY2YWMtYWY5Ny00ODY0LWE1NjYtMzY2OTNiNTkzMjY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQCq6Uyf/KP5BiHkGc1IH53vQ70X7YmalbZisMQU
bVmWvKT6lUvy2H5bzja2ksOzCZOSPZoxRmh9CFPz4XvGmmhegs58ws3rBGo4pLhy
hbw8qF2JKjCRymt1RycpPIudUoZYguvKb/Pe/DIoZmj05VbGpO6B6w4paFbnIY2Z
Vz4TuH84kE3O4i/h8kWWH5duOAY7p7BOG9VdVtmAHjSz/B9doDo8E1sZ19EWLMxQ
JfwdL1vRHIajPTwPwo+IUpEkehctGXXaIAwU6dPGPGtQZVwTbwyXskERE8IftDGb
/cfmv5gvK6jE9OT6HOMUzTHYas+s6sBUXru2ig5Hcx1tQmT9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net