Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: qMRwET+hQWofMCi9qOHnfI/gdHMxyYsl0bLNYMDAECs=
Subject key identifier: 32:D0:83:DA:1A:4F:F6:BB:EB:3B:FC:FA:00:37:F2:CE:DF:33:74:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22E0C100D762F40D5B885459D8198652DB3F048B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Mon 31 Mar 2025 19:00:20 +0000
ROA not before: Mon 31 Mar 2025 19:00:20 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e0:c1:00:d7:62:f4:0d:5b:88:54:59:d8:19:86:52:db:3f:04:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:00:20 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=9adc8ec824a5c033cc7de44df613092f464d560d138abd970a24a4ece37cdde3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:92:9d:63:9f:0c:17:b2:b6:fb:04:f4:ac:
1e:cf:99:9c:94:5c:2d:b6:09:27:55:84:fd:f9:6b:
cc:10:9b:8f:3d:a4:36:b4:0c:db:8e:11:7c:a8:42:
71:99:f9:cb:7f:d6:9a:7f:f0:ec:49:58:ed:6a:47:
a8:69:59:ae:f4:5e:ef:43:c8:6c:1f:e2:98:59:71:
7e:fb:8b:76:13:9d:92:32:e6:fb:99:63:8a:70:81:
f5:12:0c:ca:08:b1:83:be:10:44:77:fe:f5:7b:62:
4e:36:da:1d:f1:e2:9b:bd:21:79:24:80:f7:fe:b4:
1c:7d:f1:42:97:aa:4c:f8:bc:2b:d7:8d:42:7f:b3:
ec:02:b3:f1:ac:4e:9c:18:21:b0:c3:64:91:ff:b3:
1e:11:73:3d:c0:a4:88:60:46:69:b7:79:e5:10:f0:
18:51:80:01:ef:8b:e1:e0:8c:32:9c:dc:f4:1e:d6:
be:9e:9a:75:51:22:ce:ed:68:60:27:49:89:c6:2b:
2c:06:d2:2b:01:fa:d0:14:e7:fb:42:6b:a3:d7:11:
e8:48:6f:e3:ac:db:f7:ed:a8:22:59:02:3e:5d:27:
03:fe:d8:18:c4:c6:6a:4b:14:78:89:79:e3:ca:8a:
0f:a2:75:cf:9f:2a:8f:78:3e:ac:f6:06:14:da:db:
8e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D0:83:DA:1A:4F:F6:BB:EB:3B:FC:FA:00:37:F2:CE:DF:33:74:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
85:48:1a:92:57:50:fe:b3:69:1e:5a:e4:b7:e9:0c:62:2b:e2:
00:5e:11:2b:70:43:47:83:d0:09:d6:e1:1a:56:41:03:00:9f:
3d:e7:ce:9c:2b:e3:00:05:af:5a:f7:b1:5e:6c:5d:58:d9:0b:
1e:7d:58:72:28:ba:b7:7c:44:b7:a7:e8:e3:b3:96:f2:1f:1f:
2e:eb:f1:8d:17:58:32:e1:a7:27:b5:9c:0e:12:f7:b0:a0:80:
b2:3c:f3:77:48:7c:34:f0:28:1f:7d:03:ca:bc:8b:fe:48:a1:
57:db:32:33:16:c2:52:f9:19:2d:06:07:bf:e2:17:d0:eb:63:
91:53:45:6f:b4:47:56:c8:84:15:b0:30:95:b8:b3:20:41:43:
11:a3:74:41:ce:5c:23:02:c1:5b:fa:95:d9:81:5a:74:23:f0:
c1:62:ac:c7:46:29:3f:5d:2c:f6:dc:55:29:b1:d5:9c:62:ae:
1e:28:14:7b:75:67:65:a3:1e:30:c1:14:91:9c:ef:b6:60:81:
d1:83:04:41:c1:24:dc:3f:3b:bf:90:3b:c9:76:2a:f5:81:de:
38:51:86:29:25:ba:87:c8:78:5c:f8:84:03:06:25:2e:e0:1d:
70:8d:ed:76:2a:c2:64:db:90:19:75:38:36:c4:c3:b1:37:ed:
d5:b8:8a:1f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIuDBANdi9A1biFRZ2BmGUts/BIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAwMjBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZGM4ZWM4MjRhNWMwMzNjYzdkZTQ0ZGY2MTMwOTJmNDY0ZDU2MGQxMzhh
YmQ5NzBhMjRhNGVjZTM3Y2RkZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANC5kp1jnwwXsrb7BPSsHs+ZnJRcLbYJJ1WE/flrzBCbjz2kNrQM244RfKhC
cZn5y3/Wmn/w7ElY7WpHqGlZrvRe70PIbB/imFlxfvuLdhOdkjLm+5ljinCB9RIM
ygixg74QRHf+9XtiTjbaHfHim70heSSA9/60HH3xQpeqTPi8K9eNQn+z7AKz8axO
nBghsMNkkf+zHhFzPcCkiGBGabd55RDwGFGAAe+L4eCMMpzc9B7Wvp6adVEizu1o
YCdJicYrLAbSKwH60BTn+0Jro9cR6Ehv46zb9+2oIlkCPl0nA/7YGMTGaksUeIl5
48qKD6J1z58qj3g+rPYGFNrbjm8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQy0IPa
Gk/2u+s7/PoAN/LO3zN0jjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEAhUgakldQ/rNpHlrkt+kMYiviAF4RK3BDR4PQ
CdbhGlZBAwCfPefOnCvjAAWvWvexXmxdWNkLHn1Ycii6t3xEt6fo47OW8h8fLuvx
jRdYMuGnJ7WcDhL3sKCAsjzzd0h8NPAoH30DyryL/kihV9syMxbCUvkZLQYHv+IX
0OtjkVNFb7RHVsiEFbAwlbizIEFDEaN0Qc5cIwLBW/qV2YFadCPwwWKsx0YpP10s
9txVKbHVnGKuHigUe3VnZaMeMMEUkZzvtmCB0YMEQcEk3D87v5A7yXYq9YHeOFGG
KSW6h8h4XPiEAwYlLuAdcI3tdirCZNuQGXU4NsTDsTft1biKHw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:12 2025 by rpki-client on console.sobornost.net