Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
File: 60c499a8-e470-4a76-9095-20d8554a426a.roa (raw, json)
Hash identifier: xuD+OJsnTGfT6jBRaNemZAdcB1iBK+ejlIvRDOMH6xg=
Subject key identifier: 70:66:7E:73:7F:F1:AB:B4:D7:27:49:34:EA:8B:E4:FC:44:C2:D2:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EF51107DB0606F5EED3AFF72FCAAE444B9F4C37
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
Signing time: Mon 31 Mar 2025 21:11:19 +0000
ROA not before: Mon 31 Mar 2025 21:11:19 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:c00::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:f5:11:07:db:06:06:f5:ee:d3:af:f7:2f:ca:ae:44:4b:9f:4c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:11:19 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=01f827bad186c8e05a422232fcfb000d7596ad15eb73787a17d9463fc912bd4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:f8:b4:64:57:e2:70:bc:d2:b0:69:6e:aa:
1f:61:75:89:b5:5d:59:c2:64:08:9a:b4:c1:70:6f:
ca:90:af:a6:b8:e1:76:f0:ca:be:b8:47:f3:2e:ad:
71:c7:67:64:7b:93:54:84:fe:db:55:7a:cd:80:ba:
e0:99:8b:6c:e1:a9:74:c1:36:95:45:fe:32:6c:f7:
ce:d0:f5:1b:f8:2b:89:86:fc:e4:be:f5:0b:39:9c:
94:c3:5f:17:8a:18:6e:ce:f9:e4:18:e7:b8:77:79:
f5:ce:99:35:5f:7f:e6:30:eb:f5:fb:35:62:fc:fe:
75:d0:fd:95:c6:bd:13:4d:b6:d7:19:28:25:e4:c4:
77:f3:d5:48:e8:3d:a0:cb:dd:41:0f:d3:0c:6f:e8:
70:1d:23:bf:53:1a:1e:33:bf:6e:29:9b:d1:07:9a:
31:96:25:7a:bb:89:81:c7:5f:bb:9b:12:36:c7:2b:
83:27:ba:37:22:c5:d9:9b:41:8d:0e:e7:b1:68:e6:
00:f3:d8:a7:97:e3:b0:e4:09:3d:b9:c6:d1:dc:28:
a3:9c:45:64:fd:c2:61:ec:de:fa:79:b6:04:ba:cc:
3b:01:59:3d:72:82:0b:86:a8:cd:65:d5:99:68:68:
4f:53:07:34:00:9b:de:56:ee:42:83:91:14:f3:29:
b8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:66:7E:73:7F:F1:AB:B4:D7:27:49:34:EA:8B:E4:FC:44:C2:D2:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:c00::/38
Signature Algorithm: sha256WithRSAEncryption
c0:ab:b8:5a:4a:66:8e:ba:8c:81:ce:e3:92:64:82:f0:97:63:
43:4f:39:15:b6:90:94:a3:5d:c8:53:54:7c:fe:21:81:f3:fc:
53:f1:3f:b4:3e:2f:c6:7a:a2:8b:18:af:10:7f:e4:77:7f:01:
ce:98:1b:cd:72:9a:43:f7:09:5c:4b:a3:5f:5a:3a:07:0b:51:
f0:9d:6c:14:4a:2a:0e:c1:b8:7e:88:d1:55:0d:8b:ca:71:3f:
24:a6:06:97:69:9e:cd:3c:e6:5d:b1:68:e1:46:d5:e2:34:59:
e5:2d:6d:c4:a8:ed:18:c1:5e:3f:0d:18:c9:98:64:5e:25:3b:
34:5c:36:44:db:e7:a6:97:4d:c1:d1:22:c2:d6:92:b8:ee:e5:
3c:45:ab:fe:24:9a:16:b3:c1:ce:95:37:76:01:16:7a:12:32:
24:fb:74:c0:9f:00:be:a2:f3:78:dd:e0:55:8c:1f:6e:7c:69:
f9:ae:14:43:a5:08:19:0c:60:5b:98:56:71:cb:92:92:32:5c:
17:af:db:d9:93:d7:0b:3a:4e:a9:8a:5d:cd:66:8c:74:42:0c:
6c:e3:6a:ef:6a:6e:cc:ed:b6:5a:b0:c4:ab:46:de:4f:9c:c9:
a2:96:ae:df:14:42:9b:e2:b7:83:c5:8c:bf:70:cc:f4:4d:17:
0d:86:fa:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULvURB9sGBvXu06/3L8quREufTDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTExMTlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZjgyN2JhZDE4NmM4ZTA1YTQyMjIzMmZjZmIwMDBkNzU5NmFkMTVlYjcz
Nzg3YTE3ZDk0NjNmYzkxMmJkNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKg4+LRkV+JwvNKwaW6qH2F1ibVdWcJkCJq0wXBvypCvprjhdvDKvrhH8y6t
ccdnZHuTVIT+21V6zYC64JmLbOGpdME2lUX+Mmz3ztD1G/griYb85L71CzmclMNf
F4oYbs755BjnuHd59c6ZNV9/5jDr9fs1Yvz+ddD9lca9E0221xkoJeTEd/PVSOg9
oMvdQQ/TDG/ocB0jv1MaHjO/bimb0QeaMZYleruJgcdfu5sSNscrgye6NyLF2ZtB
jQ7nsWjmAPPYp5fjsOQJPbnG0dwoo5xFZP3CYeze+nm2BLrMOwFZPXKCC4aozWXV
mWhoT1MHNACb3lbuQoORFPMpuLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwZn5z
f/GrtNcnSTTqi+T8RMLSfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBjNDk5YTgtZTQ3MC00YTc2LTkwOTUtMjBkODU1NGE0MjZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgM
MA0GCSqGSIb3DQEBCwUAA4IBAQDAq7haSmaOuoyBzuOSZILwl2NDTzkVtpCUo13I
U1R8/iGB8/xT8T+0Pi/GeqKLGK8Qf+R3fwHOmBvNcppD9wlcS6NfWjoHC1HwnWwU
SioOwbh+iNFVDYvKcT8kpgaXaZ7NPOZdsWjhRtXiNFnlLW3EqO0YwV4/DRjJmGRe
JTs0XDZE2+eml03B0SLC1pK47uU8Rav+JJoWs8HOlTd2ARZ6EjIk+3TAnwC+ovN4
3eBVjB9ufGn5rhRDpQgZDGBbmFZxy5KSMlwXr9vZk9cLOk6pil3NZox0Qgxs42rv
am7M7bZasMSrRt5PnMmilq7fFEKb4reDxYy/cMz0TRcNhvp1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net