Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: 1hAyPBVEMT01D/Pkr2U6XrniJwi+m0qT4oCx+SmRZ4g=
Subject key identifier: BB:AB:BD:16:75:65:C8:21:7B:D0:53:60:FC:A0:21:72:8D:30:45:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3743135679E5FCD37DBE174B8327DC83CD97968C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Mon 31 Mar 2025 19:31:44 +0000
ROA not before: Mon 31 Mar 2025 19:31:44 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:43:13:56:79:e5:fc:d3:7d:be:17:4b:83:27:dc:83:cd:97:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:31:44 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=812286aa0e95836ea15110d4d25786b4d53c10b0b1decc6eef2c86931fb5c768, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:02:0a:b3:ea:ea:5d:cd:ca:e8:32:36:d2:7d:
53:aa:40:06:9a:e4:1a:9f:a9:f0:59:9a:7d:7a:ce:
d8:43:bd:32:a6:8b:b9:aa:28:ac:bd:a8:05:b8:ae:
b7:31:0a:06:cf:2f:53:27:7b:27:95:3a:e1:72:82:
49:d3:c0:b0:dd:08:f8:7c:ff:05:e9:bb:a7:24:14:
b5:f9:c9:92:8c:5f:1e:85:69:4a:ad:5e:61:e7:51:
b9:c1:94:ed:28:15:0b:ad:2d:9c:8c:65:2d:a5:59:
66:73:b5:3a:dd:a6:d2:a2:d6:b9:0c:56:0c:94:1f:
a8:71:fb:c1:48:bf:fc:33:f5:87:af:56:cb:36:b1:
b3:ac:cb:82:17:95:4b:be:0f:9b:de:a4:6a:73:1f:
34:2c:30:6b:6a:b2:8b:58:97:01:ba:21:da:be:66:
b4:09:b5:6c:84:4d:b8:f4:a9:a7:f8:86:61:ce:f0:
30:32:5c:c2:46:36:43:42:16:bd:75:01:23:a8:60:
95:ba:1e:1a:fd:54:36:87:18:29:3c:d3:96:31:f1:
16:fc:0d:6a:b8:5d:36:ba:29:48:7d:88:2e:3f:10:
a0:ff:7e:80:98:c7:fb:76:3c:bc:bc:b2:4a:55:a8:
75:3e:23:db:fc:4b:e7:61:12:fb:fb:fa:f6:5c:3e:
5d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AB:BD:16:75:65:C8:21:7B:D0:53:60:FC:A0:21:72:8D:30:45:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:08:95:22:61:47:f1:74:02:17:f8:b5:36:c8:06:4d:08:09:
85:8d:a1:75:ca:a0:ba:22:8f:fe:b0:2a:09:65:42:2a:5d:3d:
48:bf:e4:c9:6e:82:a6:58:eb:20:65:f0:3a:f6:11:9b:f4:19:
d1:ac:05:7b:f7:f9:21:7f:df:b6:30:c1:66:3a:42:5e:b7:81:
7b:c8:a7:9a:42:b3:2d:f0:0c:61:13:3c:da:63:c9:84:3d:55:
c2:e8:d2:a3:9a:b9:00:dc:9a:fd:75:e2:7a:ac:75:c6:ee:f6:
43:97:6e:69:31:52:c5:8c:91:1d:43:1e:a1:77:75:03:1c:23:
2f:b9:19:62:da:b6:c9:f4:35:44:4a:d9:52:f5:31:3f:27:be:
d9:62:07:90:23:86:34:7e:a9:29:a2:ad:24:66:e8:69:a5:18:
9e:ee:c7:ad:d6:82:7b:b7:94:32:11:52:5b:51:af:04:a3:9f:
b6:db:b8:0b:e1:21:ba:96:33:ad:ef:f3:d3:ab:72:3f:65:9e:
f8:3f:ae:2b:0b:5d:46:07:1f:6b:96:05:24:c2:76:47:82:70:
f7:7e:14:26:f4:ac:bb:63:c8:d2:34:7c:a8:70:f1:04:86:a6:
97:db:c1:00:3c:79:22:24:52:b0:38:95:35:bf:be:7b:26:fb:
0c:6d:9a:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN0MTVnnl/NN9vhdLgyfcg82XlowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTMxNDRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMjI4NmFhMGU5NTgzNmVhMTUxMTBkNGQyNTc4NmI0ZDUzYzEwYjBiMWRl
Y2M2ZWVmMmM4NjkzMWZiNWM3NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoCCrPq6l3NyugyNtJ9U6pABprkGp+p8FmafXrO2EO9MqaLuaoorL2oBbiu
tzEKBs8vUyd7J5U64XKCSdPAsN0I+Hz/Bem7pyQUtfnJkoxfHoVpSq1eYedRucGU
7SgVC60tnIxlLaVZZnO1Ot2m0qLWuQxWDJQfqHH7wUi//DP1h69Wyzaxs6zLgheV
S74Pm96kanMfNCwwa2qyi1iXAboh2r5mtAm1bIRNuPSpp/iGYc7wMDJcwkY2Q0IW
vXUBI6hglboeGv1UNocYKTzTljHxFvwNarhdNropSH2ILj8QoP9+gJjH+3Y8vLyy
SlWodT4j2/xL52ES+/v69lw+XZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7q70W
dWXIIXvQU2D8oCFyjTBFYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBaCJUiYUfxdAIX+LU2yAZNCAmFjaF1yqC6Io/+
sCoJZUIqXT1Iv+TJboKmWOsgZfA69hGb9BnRrAV79/khf9+2MMFmOkJet4F7yKea
QrMt8AxhEzzaY8mEPVXC6NKjmrkA3Jr9deJ6rHXG7vZDl25pMVLFjJEdQx6hd3UD
HCMvuRli2rbJ9DVEStlS9TE/J77ZYgeQI4Y0fqkpoq0kZuhppRie7set1oJ7t5Qy
EVJbUa8Eo5+227gL4SG6ljOt7/PTq3I/ZZ74P64rC11GBx9rlgUkwnZHgnD3fhQm
9Ky7Y8jSNHyocPEEhqaX28EAPHkiJFKwOJU1v757JvsMbZqS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net