Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: zBSCvPz5eyMCkXKZqhjgOId+bfndT71nO1rdWmC9P4k=
Subject key identifier: 58:4E:BB:92:D3:84:CA:B3:EE:46:4A:7E:DC:C8:B9:F6:77:EC:E6:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 136638D4DB101ADB152FF655EE3CFA322FEB1FAC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Mon 31 Mar 2025 20:00:16 +0000
ROA not before: Mon 31 Mar 2025 20:00:16 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:66:38:d4:db:10:1a:db:15:2f:f6:55:ee:3c:fa:32:2f:eb:1f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:00:16 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=4a4c7f067cf6a8a773c143269fbb7c69d7f0837c2c520a3338b420ddd4036e9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:1d:30:76:77:98:a0:81:ba:26:6c:f3:70:
a9:d4:84:79:70:e1:9a:ed:32:07:b2:18:2e:b6:75:
9d:70:f3:bb:6a:2c:e9:c6:5e:bf:4a:2b:7d:ea:71:
1b:fa:56:88:89:1b:39:df:ec:b9:1f:56:5e:00:42:
fb:aa:52:40:80:fc:34:0e:48:fe:d4:97:2a:02:9c:
71:6c:b7:7f:f6:6b:fc:48:ef:2d:ec:ed:94:20:a2:
ca:3d:21:d6:e9:57:c8:0f:a7:d8:bb:31:37:1f:92:
c6:8e:45:cd:a6:90:f5:98:04:35:c4:3e:99:25:50:
ed:fe:81:cf:0f:67:43:7d:97:73:f1:fc:9e:65:2f:
4a:3d:5d:c7:ce:73:5c:9d:dc:8f:1c:37:fb:f4:ee:
66:c0:54:0f:ca:7a:06:75:42:ea:fe:e7:9e:55:99:
4d:d2:d4:ca:fb:b8:b8:7d:97:ba:61:72:a9:bf:4c:
0f:cd:95:86:ca:97:72:15:42:81:76:15:f2:50:8c:
b0:5d:b5:af:38:6f:cf:6c:67:67:4a:6d:24:fa:b7:
7d:65:d9:06:bb:b0:1d:e4:da:50:9a:05:57:52:dd:
28:17:2f:e7:4e:ba:aa:36:08:bf:71:d8:53:d7:f5:
03:3b:07:e6:3f:43:94:9d:49:17:93:4c:52:c1:a0:
28:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4E:BB:92:D3:84:CA:B3:EE:46:4A:7E:DC:C8:B9:F6:77:EC:E6:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
02:e6:94:b1:b5:48:fe:8a:cc:04:a4:51:a1:db:d1:b5:a1:e7:
41:8f:ee:98:88:9a:24:a9:da:b5:9b:5c:2a:5e:ae:7b:ea:90:
e8:ec:88:39:47:55:33:1a:7a:1f:7e:8a:f1:b8:2d:d8:52:1d:
cd:61:50:ea:54:35:ed:16:bf:d7:c1:3d:d4:21:85:11:a0:54:
07:fa:8b:df:13:e8:86:be:3b:64:df:1c:c1:6f:24:54:2e:88:
2c:dc:5d:73:88:cc:f8:51:09:1a:79:a7:f2:f0:0c:5e:93:72:
f6:d7:73:fa:fa:da:da:ea:68:1d:bd:6c:50:67:66:0a:92:29:
85:94:6d:4b:43:3d:27:4c:b3:b9:d1:2d:c3:1e:e1:ce:41:00:
6c:f1:7a:59:69:e1:bb:3d:d3:3e:88:ad:02:f8:ec:8f:b2:10:
91:9f:77:23:b3:58:0d:99:c9:b8:01:c0:a7:ce:7f:09:c8:e6:
fe:3e:6d:b7:8f:d2:77:a8:23:20:3c:2b:b0:f4:60:5a:cf:1c:
d3:8e:3c:cc:a4:18:c1:5d:aa:74:27:fc:2f:cd:54:44:b8:6c:
b7:35:47:5b:be:7f:06:88:fb:6d:c5:3b:05:17:6a:0c:04:e7:
ef:b4:6f:20:60:4e:f7:ae:7f:18:92:bd:69:ff:46:18:0c:d9:
20:cd:0a:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE2Y41NsQGtsVL/ZV7jz6Mi/rH6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAwMTZaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNGM3ZjA2N2NmNmE4YTc3M2MxNDMyNjlmYmI3YzY5ZDdmMDgzN2MyYzUy
MGEzMzM4YjQyMGRkZDQwMzZlOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBBHTB2d5iggbombPNwqdSEeXDhmu0yB7IYLrZ1nXDzu2os6cZev0orfepx
G/pWiIkbOd/suR9WXgBC+6pSQID8NA5I/tSXKgKccWy3f/Zr/EjvLeztlCCiyj0h
1ulXyA+n2LsxNx+Sxo5FzaaQ9ZgENcQ+mSVQ7f6Bzw9nQ32Xc/H8nmUvSj1dx85z
XJ3cjxw3+/TuZsBUD8p6BnVC6v7nnlWZTdLUyvu4uH2XumFyqb9MD82VhsqXchVC
gXYV8lCMsF21rzhvz2xnZ0ptJPq3fWXZBruwHeTaUJoFV1LdKBcv5066qjYIv3HY
U9f1AzsH5j9DlJ1JF5NMUsGgKA0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYTruS
04TKs+5GSn7cyLn2d+zmiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAAuaUsbVI/orMBKRRodvRtaHnQY/umIiaJKna
tZtcKl6ue+qQ6OyIOUdVMxp6H36K8bgt2FIdzWFQ6lQ17Ra/18E91CGFEaBUB/qL
3xPohr47ZN8cwW8kVC6ILNxdc4jM+FEJGnmn8vAMXpNy9tdz+vra2upoHb1sUGdm
CpIphZRtS0M9J0yzudEtwx7hzkEAbPF6WWnhuz3TPoitAvjsj7IQkZ93I7NYDZnJ
uAHAp85/Ccjm/j5tt4/Sd6gjIDwrsPRgWs8c0448zKQYwV2qdCf8L81URLhstzVH
W75/Boj7bcU7BRdqDATn77RvIGBO965/GJK9af9GGAzZIM0Kmg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net