Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
File: 7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa (raw, json)
Hash identifier: HuDh8V7F7BnOW3+NNPRyRj5xK7Kqo+iEYbOr6kZCzoE=
Subject key identifier: 80:CA:41:75:B6:EE:AE:1D:0C:83:8C:DF:0F:56:A1:6D:0D:A9:01:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37B89118DBBCB7FB62CEE4D37CF4C86E6DC4DEAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
Signing time: Mon 31 Mar 2025 20:01:02 +0000
ROA not before: Mon 31 Mar 2025 20:01:02 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b8:91:18:db:bc:b7:fb:62:ce:e4:d3:7c:f4:c8:6e:6d:c4:de:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:01:02 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=df95642d734666e96276a81d60ad371afca43fc81604fb46a38c3f1492e162e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b6:b4:68:96:ed:49:75:15:19:1f:b5:3b:32:
5b:5c:7a:b7:89:8f:44:aa:9d:82:4d:1c:af:af:50:
38:cc:eb:8e:31:4d:ef:77:ab:34:35:9b:6f:16:0c:
01:1e:35:68:e0:a4:f5:dd:7c:d7:ea:52:01:4e:cd:
62:30:ca:02:e4:cc:2d:b4:6f:6b:ce:14:88:e7:32:
1e:18:58:6e:f2:00:3f:ef:8f:64:de:38:e2:ff:8f:
6b:f0:33:52:ff:2f:0b:ac:1c:73:df:26:3c:5f:ae:
c8:46:10:16:26:d2:79:cd:db:fb:20:b4:a4:7e:db:
07:90:16:ae:67:f4:60:2d:1e:ed:e5:e1:ff:1c:ee:
1e:bd:85:1a:36:d1:ba:a6:87:f0:2d:58:55:c6:5f:
cf:17:36:42:cc:38:cb:83:79:c7:bd:85:17:da:6c:
e8:bf:d4:08:f0:95:8c:4f:71:0e:0c:09:b1:6e:99:
1d:4a:2f:67:50:c0:13:04:ca:e3:25:49:52:33:29:
48:ec:4e:df:f7:8d:2c:c6:b6:9b:fc:a4:04:dd:8c:
8c:35:fe:06:20:74:3b:40:5f:51:4b:22:7c:01:62:
3d:0d:05:ee:5d:23:23:ca:2a:b0:35:d8:66:f0:eb:
96:34:a4:64:d7:46:4b:91:a2:fb:d6:46:96:fd:4b:
54:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CA:41:75:B6:EE:AE:1D:0C:83:8C:DF:0F:56:A1:6D:0D:A9:01:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6040::/46
Signature Algorithm: sha256WithRSAEncryption
87:65:37:9d:3f:b0:de:bd:44:35:5c:51:79:34:c9:f1:4f:83:
dd:ca:e1:06:c3:d2:64:7f:bc:e4:ad:41:95:df:95:8b:14:39:
57:c9:46:40:4c:3e:95:c1:b2:33:c0:1c:ad:c3:4b:03:5d:8d:
7a:13:d3:3a:89:71:1a:4f:99:3b:48:84:74:30:60:53:21:4e:
77:22:48:eb:e2:de:91:8b:68:c8:d3:ac:f8:7f:45:04:51:a6:
cb:bd:be:71:02:ce:3c:7e:0d:5a:f3:e8:c9:54:78:d2:fd:84:
cf:95:d9:57:4a:f8:d2:22:c1:8d:a0:d3:9b:63:af:ba:2d:e2:
eb:bb:41:5c:e8:93:61:5e:6e:27:36:50:5a:71:65:6e:82:6f:
e9:97:5c:21:06:26:86:aa:33:b1:c5:57:04:76:f8:e5:b1:55:
21:12:b2:0a:43:08:52:7c:65:1f:5d:52:91:9d:d0:7c:f5:fe:
b1:6d:16:43:f3:02:8a:f7:ae:f1:73:fa:a6:bb:d8:54:1b:4e:
84:dc:dc:62:35:84:f7:f3:a2:f5:61:eb:48:01:fc:77:1e:67:
37:cb:f5:1f:d8:11:59:bd:cd:8a:7c:62:82:8f:56:c4:7d:4d:
be:61:da:2f:94:60:4e:8e:a7:aa:ef:1c:a2:df:f6:d3:4d:40:
59:8e:36:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN7iRGNu8t/tizuTTfPTIbm3E3qswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAxMDJaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmOTU2NDJkNzM0NjY2ZTk2Mjc2YTgxZDYwYWQzNzFhZmNhNDNmYzgxNjA0
ZmI0NmEzOGMzZjE0OTJlMTYyZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm2tGiW7Ul1FRkftTsyW1x6t4mPRKqdgk0cr69QOMzrjjFN73erNDWbbxYM
AR41aOCk9d181+pSAU7NYjDKAuTMLbRva84UiOcyHhhYbvIAP++PZN444v+Pa/Az
Uv8vC6wcc98mPF+uyEYQFibSec3b+yC0pH7bB5AWrmf0YC0e7eXh/xzuHr2FGjbR
uqaH8C1YVcZfzxc2Qsw4y4N5x72FF9ps6L/UCPCVjE9xDgwJsW6ZHUovZ1DAEwTK
4yVJUjMpSOxO3/eNLMa2m/ykBN2MjDX+BiB0O0BfUUsifAFiPQ0F7l0jI8oqsDXY
ZvDrljSkZNdGS5Gi+9ZGlv1LVEUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAykF1
tu6uHQyDjN8PVqFtDakBnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzQwYzMtY2I2Ny00YTFmLWIzOTEtZmMwYmQ3NTRhNDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
QDANBgkqhkiG9w0BAQsFAAOCAQEAh2U3nT+w3r1ENVxReTTJ8U+D3crhBsPSZH+8
5K1Bld+VixQ5V8lGQEw+lcGyM8AcrcNLA12NehPTOolxGk+ZO0iEdDBgUyFOdyJI
6+LekYtoyNOs+H9FBFGmy72+cQLOPH4NWvPoyVR40v2Ez5XZV0r40iLBjaDTm2Ov
ui3i67tBXOiTYV5uJzZQWnFlboJv6ZdcIQYmhqozscVXBHb45bFVIRKyCkMIUnxl
H11SkZ3QfPX+sW0WQ/MCiveu8XP6prvYVBtOhNzcYjWE9/Oi9WHrSAH8dx5nN8v1
H9gRWb3Ninxigo9WxH1NvmHaL5RgTo6nqu8cot/2001AWY42Qw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net