Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: uuy49b/FL7pHkldgf9B5fxOc9ejKLxwS92jrAW9vRTI=
Subject key identifier: E4:59:2D:56:20:BE:3A:83:0A:0F:2F:15:E8:6B:21:D0:95:E4:EE:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CD4747A76F95076F8362B28F06C4C52077ECBBD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Mon 31 Mar 2025 21:10:44 +0000
ROA not before: Mon 31 Mar 2025 21:10:44 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:d4:74:7a:76:f9:50:76:f8:36:2b:28:f0:6c:4c:52:07:7e:cb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:10:44 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=61495632416ced516200fc6085d1e8ca4b14088c6ee8e546f5c2a1fa8ccffd0d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:66:f0:a9:56:d2:a4:9a:39:a0:02:e7:dd:6a:
6f:20:eb:96:0c:f2:d1:a3:e3:7f:24:8b:b5:76:d3:
72:19:d5:2e:36:18:9d:cb:f1:09:0c:42:c9:78:3a:
67:55:48:97:57:4a:b7:20:31:d2:64:92:fe:38:93:
0b:ab:61:bf:e6:80:0b:3d:74:87:a1:b5:10:be:32:
7f:b7:3a:49:bb:21:51:46:92:47:62:38:76:96:e1:
54:77:d2:c3:94:3c:9f:2c:5e:80:ee:35:77:04:c9:
55:3f:85:62:da:71:b8:7c:a2:ef:76:e9:81:9d:4b:
a4:0e:92:b9:17:0c:e4:0c:27:8c:76:69:76:12:b8:
60:39:b4:21:e9:5b:dc:18:eb:a8:3f:f7:5b:26:53:
59:5f:eb:f0:f2:81:4e:86:5d:fa:81:79:ac:52:f3:
3d:be:5a:e0:30:19:a0:02:6d:51:8b:8d:38:2a:86:
81:81:63:8d:1d:25:e5:89:b6:8e:b7:7a:64:e3:71:
bb:5a:4c:d4:19:5c:66:7c:a0:e6:45:ce:50:c9:44:
87:f9:11:a6:6b:d0:b1:eb:d6:d2:27:c4:83:7f:50:
a4:dd:90:ec:f0:14:2b:dc:f4:cd:8d:dd:7e:47:19:
bc:6a:fa:9c:8d:a1:d3:ac:30:75:40:7f:0a:cb:af:
b4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:59:2D:56:20:BE:3A:83:0A:0F:2F:15:E8:6B:21:D0:95:E4:EE:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
b0:93:70:d1:e4:c4:39:e5:71:9d:09:43:0e:d0:40:a2:9b:8a:
97:6e:e1:4c:e8:fa:69:e0:62:d8:66:4c:a7:b5:58:e9:6d:38:
68:ff:b0:31:36:16:ab:04:8b:64:a9:c4:8d:9c:f9:46:e2:64:
68:12:dc:58:66:00:5a:28:6c:96:8d:33:ce:51:cc:0c:85:e1:
63:fa:96:18:b0:a6:af:52:54:a2:06:40:8b:66:b1:3f:25:7e:
f8:26:35:8b:65:5c:13:68:f8:78:37:b9:99:1c:25:b7:1b:fe:
ea:58:74:5f:e6:f9:f7:5b:c7:e0:fb:82:a6:6b:bd:15:07:f2:
70:3f:8d:87:83:2d:f0:b3:18:b0:ac:47:b2:d6:7e:da:66:97:
57:6b:c5:6a:06:7f:f6:dd:09:24:4c:ae:9e:f5:c8:44:4a:de:
d4:42:9e:c0:ce:05:00:83:91:db:8b:92:46:e9:3a:24:0d:93:
f8:99:3e:f5:fc:2d:74:a4:97:22:94:bc:5b:76:e1:72:d9:af:
3d:64:e4:b2:d3:cd:be:6a:cb:8d:81:37:46:dd:e7:7b:cf:72:
65:80:51:9a:4b:20:ab:fa:27:19:62:ba:f4:04:59:2b:94:49:
83:2d:df:dd:aa:ba:12:1e:cf:e2:1d:4f:6b:60:53:ef:d5:7a:
cf:70:97:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHNR0enb5UHb4Niso8GxMUgd+y70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTEwNDRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxNDk1NjMyNDE2Y2VkNTE2MjAwZmM2MDg1ZDFlOGNhNGIxNDA4OGM2ZWU4
ZTU0NmY1YzJhMWZhOGNjZmZkMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFm8KlW0qSaOaAC591qbyDrlgzy0aPjfySLtXbTchnVLjYYncvxCQxCyXg6
Z1VIl1dKtyAx0mSS/jiTC6thv+aACz10h6G1EL4yf7c6SbshUUaSR2I4dpbhVHfS
w5Q8nyxegO41dwTJVT+FYtpxuHyi73bpgZ1LpA6SuRcM5AwnjHZpdhK4YDm0Ielb
3BjrqD/3WyZTWV/r8PKBToZd+oF5rFLzPb5a4DAZoAJtUYuNOCqGgYFjjR0l5Ym2
jrd6ZONxu1pM1BlcZnyg5kXOUMlEh/kRpmvQsevW0ifEg39QpN2Q7PAUK9z0zY3d
fkcZvGr6nI2h06wwdUB/CsuvtGMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkWS1W
IL46gwoPLxXoayHQleTu0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCwk3DR5MQ55XGdCUMO0ECim4qXbuFM6Ppp4GLY
ZkyntVjpbTho/7AxNharBItkqcSNnPlG4mRoEtxYZgBaKGyWjTPOUcwMheFj+pYY
sKavUlSiBkCLZrE/JX74JjWLZVwTaPh4N7mZHCW3G/7qWHRf5vn3W8fg+4Kma70V
B/JwP42Hgy3wsxiwrEey1n7aZpdXa8VqBn/23QkkTK6e9chESt7UQp7AzgUAg5Hb
i5JG6TokDZP4mT71/C10pJcilLxbduFy2a89ZOSy082+asuNgTdG3ed7z3JlgFGa
SyCr+icZYrr0BFkrlEmDLd/dqroSHs/iHU9rYFPv1XrPcJdp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net