Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7c168279-3466-4837-b4c2-65829712acef.roa
File: 7c168279-3466-4837-b4c2-65829712acef.roa (raw, json)
Hash identifier: rxcAOrKDUx5cfTNvK+9DNjjNLMmgGPICZLl4ZntwNAo=
Subject key identifier: 35:D6:AA:D0:BE:84:A0:D5:3D:A0:D7:0F:2C:ED:9F:F9:B9:6D:95:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E5FDA782CA8CC0CED1BC4460355565BB7D1BF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7c168279-3466-4837-b4c2-65829712acef.roa
Signing time: Tue 01 Apr 2025 15:00:15 +0000
ROA not before: Tue 01 Apr 2025 15:00:15 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e5:fd:a7:82:ca:8c:c0:ce:d1:bc:44:60:35:55:65:bb:7d:1b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:00:15 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=f1f9a4f064096f77fa506cd642d10a74fd703d4a67552f14188fe13ffad85284, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bd:22:06:76:4d:97:65:9c:d4:06:41:4c:a0:
cb:b6:e9:f6:48:59:2c:b3:4b:0c:fa:f0:0a:a3:b9:
da:1e:49:98:f5:a6:77:be:ee:d3:93:fb:ad:8e:70:
35:d9:36:91:3f:73:8d:e3:8f:58:a5:dd:c3:38:bb:
2b:c5:5e:f3:ac:5c:bc:7c:4a:6d:24:a9:e8:ca:2b:
ac:4d:1f:95:73:fb:ed:9d:17:99:75:b5:70:17:4d:
d0:52:15:8c:82:e6:47:6c:c3:a9:f8:c9:55:35:77:
e0:26:4b:a7:13:9c:20:ab:28:8f:85:a3:73:d1:36:
e6:f2:86:f6:96:e9:f5:ae:58:e0:e5:6c:18:2f:c6:
83:3f:d8:c5:59:35:76:86:1e:0c:61:4b:94:2d:0b:
dd:4d:2c:c6:6a:d2:63:77:c1:c0:df:53:90:bf:10:
a5:58:92:b5:0f:e0:5d:74:df:28:c2:95:c7:8d:ff:
31:96:b4:34:f0:55:49:25:7d:a7:da:5a:47:d9:fb:
ff:77:25:46:5c:c1:ac:6e:50:69:e8:8c:59:88:cd:
1b:88:3b:39:47:1e:09:3b:5f:3f:28:7b:e7:4b:25:
0b:73:c6:39:d1:a1:c4:78:1e:58:bc:ca:83:29:63:
fd:9d:54:da:fe:6c:e5:c4:bc:28:99:98:e8:a5:40:
c1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D6:AA:D0:BE:84:A0:D5:3D:A0:D7:0F:2C:ED:9F:F9:B9:6D:95:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7c168279-3466-4837-b4c2-65829712acef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:a000::/40
Signature Algorithm: sha256WithRSAEncryption
bf:49:be:ef:ae:70:0c:ee:0e:1e:f2:39:51:7a:11:b2:2d:a5:
54:a8:e6:2d:db:eb:d1:a0:ad:78:19:43:ae:d4:86:ef:f5:bb:
67:c1:02:9e:14:7c:ac:d3:61:86:e5:16:1b:3d:19:ff:a5:1a:
3b:38:27:d6:cc:91:26:a5:f9:ff:03:af:e8:43:46:76:49:6d:
3d:37:08:84:3e:8c:3c:70:85:8f:99:c0:ee:6c:89:b7:59:f5:
a3:46:fe:8b:7c:a8:80:dd:f9:6f:98:1c:94:2f:b8:e2:8e:31:
5e:81:2f:8b:98:96:18:0f:56:55:ee:1a:46:1d:7e:7c:dc:6d:
6e:e5:04:63:a0:ee:23:9e:63:21:70:be:89:94:85:09:23:21:
99:29:27:00:01:93:1b:2a:a3:99:c3:9e:18:f6:ee:0b:7f:96:
22:1d:ee:4a:5a:e8:aa:2c:2b:14:47:7c:75:97:92:a7:06:ec:
1e:6f:b2:c9:33:0c:9d:f0:c7:2b:07:04:f4:20:87:dc:cd:fe:
60:0b:13:9f:46:a4:d0:58:15:4b:9b:1d:0e:b0:62:f9:b1:d2:
67:41:78:7b:e4:28:8b:4f:a2:81:2d:9f:fd:29:51:85:37:f9:
d2:aa:f0:74:cc:42:b4:4a:1c:cd:50:16:b7:2d:5e:7d:54:21:
4c:75:61:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaeX9p4LKjMDO0bxEYDVVZbt9G/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAwMTVaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZjlhNGYwNjQwOTZmNzdmYTUwNmNkNjQyZDEwYTc0ZmQ3MDNkNGE2NzU1
MmYxNDE4OGZlMTNmZmFkODUyODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM69IgZ2TZdlnNQGQUygy7bp9khZLLNLDPrwCqO52h5JmPWmd77u05P7rY5w
Ndk2kT9zjeOPWKXdwzi7K8Ve86xcvHxKbSSp6MorrE0flXP77Z0XmXW1cBdN0FIV
jILmR2zDqfjJVTV34CZLpxOcIKsoj4Wjc9E25vKG9pbp9a5Y4OVsGC/Ggz/YxVk1
doYeDGFLlC0L3U0sxmrSY3fBwN9TkL8QpViStQ/gXXTfKMKVx43/MZa0NPBVSSV9
p9paR9n7/3clRlzBrG5QaeiMWYjNG4g7OUceCTtfPyh750slC3PGOdGhxHgeWLzK
gylj/Z1U2v5s5cS8KJmY6KVAwTsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ11qrQ
voSg1T2g1w8s7Z/5uW2VRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2MxNjgyNzktMzQ2Ni00ODM3LWI0YzItNjU4Mjk3MTJhY2VmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmg
MA0GCSqGSIb3DQEBCwUAA4IBAQC/Sb7vrnAM7g4e8jlRehGyLaVUqOYt2+vRoK14
GUOu1Ibv9btnwQKeFHys02GG5RYbPRn/pRo7OCfWzJEmpfn/A6/oQ0Z2SW09NwiE
Pow8cIWPmcDubIm3WfWjRv6LfKiA3flvmByUL7jijjFegS+LmJYYD1ZV7hpGHX58
3G1u5QRjoO4jnmMhcL6JlIUJIyGZKScAAZMbKqOZw54Y9u4Lf5YiHe5KWuiqLCsU
R3x1l5KnBuweb7LJMwyd8McrBwT0IIfczf5gCxOfRqTQWBVLmx0OsGL5sdJnQXh7
5CiLT6KBLZ/9KVGFN/nSqvB0zEK0ShzNUBa3LV59VCFMdWE7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net