Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: wm6CssiTcg1M14A1QzprPOisG7S0BNJxOLz04vK4WlQ=
Subject key identifier: 86:8B:87:BD:37:CE:95:57:DC:14:C3:FA:9D:1E:EC:A8:76:AD:8F:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71B02A02B16BD35790488A1D6D53F8EA1A743FDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Mon 31 Mar 2025 21:20:09 +0000
ROA not before: Mon 31 Mar 2025 21:20:09 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b0:2a:02:b1:6b:d3:57:90:48:8a:1d:6d:53:f8:ea:1a:74:3f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:20:09 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a2ce6269421a03ea1f2b7b113639ba93a11bf5bc038ed2ce52e4dbefe7fbf7bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a6:04:1c:8b:42:5d:0d:2d:9e:5e:a0:69:1a:
5a:10:e3:17:4e:33:c4:8d:10:3b:d1:66:77:76:a1:
3a:a3:99:ed:70:46:2b:94:ed:39:f2:67:50:b5:61:
73:a9:bc:f0:a9:89:b4:67:c0:a2:91:49:b1:c4:d7:
f4:26:2f:88:21:2c:6a:f4:4f:a5:f0:d3:04:e9:4c:
38:db:dc:99:ce:83:f6:74:eb:9b:82:f7:2c:32:c6:
1d:a2:17:8b:1f:f6:e5:51:ac:b7:bc:2e:52:75:68:
d4:22:55:9a:d7:a7:6a:7e:18:c1:7d:27:f6:e1:66:
8d:1f:f2:76:47:2c:13:97:c7:e8:f7:65:81:09:03:
e2:19:f2:8a:54:26:c8:55:8f:64:cc:b0:d2:cb:2a:
28:b3:fe:49:45:7a:d8:53:2a:a9:c9:52:6b:73:b6:
28:6c:3a:23:b2:f8:60:48:94:3e:97:dc:eb:f6:b9:
76:6b:7e:3f:e0:6f:e0:d7:23:fe:fb:cb:98:34:fb:
5c:6c:36:10:59:43:01:bd:f4:f6:0b:7e:e3:62:e6:
6a:82:dd:54:be:6f:64:92:67:6d:12:75:38:93:c8:
b2:36:f0:4e:30:8e:8a:fe:d7:89:b3:24:d4:dd:19:
ee:f7:62:3e:3a:e1:64:36:75:1e:d1:e6:5b:76:51:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8B:87:BD:37:CE:95:57:DC:14:C3:FA:9D:1E:EC:A8:76:AD:8F:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
4e:59:e6:02:e3:08:fb:60:f0:e8:0b:65:2a:16:6a:da:62:fa:
30:cb:fe:81:75:dd:98:f5:c4:2a:90:8e:4a:7b:66:b8:2b:a9:
a8:cf:2a:da:53:ea:cc:65:a8:9d:4a:62:99:cb:fa:23:f3:60:
f7:ad:78:aa:35:33:a5:67:20:83:f7:10:ed:22:b9:2b:7a:ac:
35:03:a8:1e:94:c6:02:50:6e:c0:c9:36:20:0f:a5:8c:29:b6:
46:0c:92:0e:70:dd:64:f9:30:4d:bd:f3:23:7b:8b:a3:53:e0:
15:7d:8b:d8:66:dc:ed:39:55:05:30:5f:01:52:61:00:c7:0a:
e4:b4:53:5a:68:cc:23:6a:8f:e4:5b:f3:55:db:8b:2b:46:3e:
d5:86:14:94:a7:58:2b:17:ae:31:0b:08:f5:2c:37:ab:be:c0:
ab:28:dd:7b:eb:3a:9a:4c:de:f5:a7:fa:e0:91:1e:7d:c0:a3:
b5:f6:2d:12:32:bc:57:3c:61:c6:fc:5d:ad:65:8e:42:b8:14:
13:1c:e2:71:1a:4f:ef:db:7b:b2:ca:d1:81:91:bf:31:24:e5:
e7:c2:53:56:b0:af:16:ea:41:8d:3a:8c:4b:85:8c:ab:8b:7e:
c0:52:e0:0c:96:e7:b5:d2:0d:e2:6c:2a:11:9c:a9:7b:fd:c8:
30:93:37:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcbAqArFr01eQSIodbVP46hp0P9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIwMDlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyY2U2MjY5NDIxYTAzZWExZjJiN2IxMTM2MzliYTkzYTExYmY1YmMwMzhl
ZDJjZTUyZTRkYmVmZTdmYmY3YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmmBByLQl0NLZ5eoGkaWhDjF04zxI0QO9Fmd3ahOqOZ7XBGK5TtOfJnULVh
c6m88KmJtGfAopFJscTX9CYviCEsavRPpfDTBOlMONvcmc6D9nTrm4L3LDLGHaIX
ix/25VGst7wuUnVo1CJVmtenan4YwX0n9uFmjR/ydkcsE5fH6PdlgQkD4hnyilQm
yFWPZMyw0ssqKLP+SUV62FMqqclSa3O2KGw6I7L4YEiUPpfc6/a5dmt+P+Bv4Ncj
/vvLmDT7XGw2EFlDAb309gt+42LmaoLdVL5vZJJnbRJ1OJPIsjbwTjCOiv7XibMk
1N0Z7vdiPjrhZDZ1HtHmW3ZRDg0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGi4e9
N86VV9wUw/qdHuyodq2PjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOWeYC4wj7YPDoC2UqFmraYvowy/6Bdd2Y9cQq
kI5Ke2a4K6mozyraU+rMZaidSmKZy/oj82D3rXiqNTOlZyCD9xDtIrkreqw1A6ge
lMYCUG7AyTYgD6WMKbZGDJIOcN1k+TBNvfMje4ujU+AVfYvYZtztOVUFMF8BUmEA
xwrktFNaaMwjao/kW/NV24srRj7VhhSUp1grF64xCwj1LDervsCrKN176zqaTN71
p/rgkR59wKO19i0SMrxXPGHG/F2tZY5CuBQTHOJxGk/v23uyytGBkb8xJOXnwlNW
sK8W6kGNOoxLhYyri37AUuAMlue10g3ibCoRnKl7/cgwkzdv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net