Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: /zLAipr0w4xeJGGN85ddnKEXa5stK959gGkmdAXRBIM=
Subject key identifier: 04:14:1C:E0:42:3D:4B:24:73:85:02:49:10:A9:50:A7:BC:E6:F3:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41E31947346240A849150E2D60C957E91F450854
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Mon 31 Mar 2025 21:00:01 +0000
ROA not before: Mon 31 Mar 2025 21:00:01 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e3:19:47:34:62:40:a8:49:15:0e:2d:60:c9:57:e9:1f:45:08:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:00:01 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=8173aedd6919a7a26c3fb4157cef0ceddedad1af9bb0af6bc0f203a3f9fdd259, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:20:4e:bb:d7:4c:2d:3d:97:d4:7c:b1:42:59:
81:cc:e9:cf:aa:03:6c:c2:d2:09:5f:5d:be:ab:6a:
e6:6a:c1:17:02:5d:18:17:01:ee:56:e9:21:04:25:
9b:bf:c2:da:70:33:98:ac:0f:05:dc:a2:db:41:cf:
c8:e3:88:57:f3:2c:b7:db:f9:8f:3a:d3:09:47:5b:
45:1a:1d:06:bf:8d:47:91:28:44:2f:50:da:2e:87:
08:07:72:8d:9c:9e:f4:41:c0:c8:09:d8:7d:89:60:
a0:4f:c4:ee:90:6b:dc:52:0b:a9:c7:dd:f2:05:b4:
95:7f:2c:09:7b:42:98:82:97:8e:9b:e5:33:5b:ad:
15:af:1e:2d:3e:82:85:e9:eb:77:83:3a:1e:c4:de:
ea:1f:ec:d3:8f:1b:1e:2b:cc:34:37:dd:d3:3c:5d:
e2:45:83:95:04:da:95:bc:2e:77:32:0b:93:78:66:
31:15:82:5f:f2:f9:e4:05:fe:49:d2:59:3c:bc:33:
12:8b:c1:a2:96:8c:b1:7e:bb:b7:dd:c8:9a:54:ed:
be:3d:80:76:f9:64:c6:de:95:a7:e3:85:e9:5c:02:
37:ea:f3:23:73:aa:32:86:49:a9:0e:a4:7d:3b:60:
8a:95:ba:29:c7:61:6e:21:04:69:7a:be:5a:e0:96:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:14:1C:E0:42:3D:4B:24:73:85:02:49:10:A9:50:A7:BC:E6:F3:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:bf:b5:60:2f:e5:da:ad:66:20:70:8c:3a:e6:6b:b5:23:86:
c8:6f:11:fb:e5:a8:0c:70:9c:ea:3f:79:4d:f3:ac:d6:a5:82:
b9:39:06:d5:17:d0:11:44:56:15:9a:24:ec:a6:7e:c4:87:54:
d1:bc:bc:f2:25:6a:f7:9e:28:b5:de:c6:15:97:d9:4a:03:a2:
f3:6d:4d:54:ad:96:2d:e8:fe:c2:67:66:e4:0e:6e:4b:f4:cd:
d8:d8:8a:96:6a:42:1e:d6:1b:97:07:63:4b:73:34:a7:0a:fa:
e7:3f:a5:65:40:1b:51:61:85:37:17:b3:11:a1:03:9f:71:2c:
5d:a6:cd:7b:b8:e1:b9:50:62:34:09:0f:5b:8c:17:53:22:06:
27:e2:9f:94:99:0f:2f:e2:3a:e7:91:ed:06:b1:df:30:8b:36:
63:8a:e0:34:58:68:ca:1b:d4:c5:22:e4:71:bb:bc:3f:01:d5:
b4:f2:9f:d5:01:bc:a1:f0:51:55:46:b6:fe:4e:bb:d3:6e:1f:
df:e1:30:a2:d8:fb:40:2b:f7:14:3d:2b:52:00:3c:bd:cb:bb:
e4:fb:b9:56:31:00:6e:dc:b9:91:97:f8:5a:47:b9:ff:57:14:
14:19:69:ef:ca:71:0b:a3:b2:0e:8d:cc:81:cf:07:37:43:0a:
ec:9f:95:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQeMZRzRiQKhJFQ4tYMlX6R9FCFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTAwMDFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNzNhZWRkNjkxOWE3YTI2YzNmYjQxNTdjZWYwY2VkZGVkYWQxYWY5YmIw
YWY2YmMwZjIwM2EzZjlmZGQyNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOggTrvXTC09l9R8sUJZgczpz6oDbMLSCV9dvqtq5mrBFwJdGBcB7lbpIQQl
m7/C2nAzmKwPBdyi20HPyOOIV/Mst9v5jzrTCUdbRRodBr+NR5EoRC9Q2i6HCAdy
jZye9EHAyAnYfYlgoE/E7pBr3FILqcfd8gW0lX8sCXtCmIKXjpvlM1utFa8eLT6C
henrd4M6HsTe6h/s048bHivMNDfd0zxd4kWDlQTalbwudzILk3hmMRWCX/L55AX+
SdJZPLwzEovBopaMsX67t93ImlTtvj2Advlkxt6Vp+OF6VwCN+rzI3OqMoZJqQ6k
fTtgipW6KcdhbiEEaXq+WuCW530CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEFBzg
Qj1LJHOFAkkQqVCnvObzQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAev7VgL+XarWYgcIw65mu1I4bIbxH75agMcJzq
P3lN86zWpYK5OQbVF9ARRFYVmiTspn7Eh1TRvLzyJWr3nii13sYVl9lKA6LzbU1U
rZYt6P7CZ2bkDm5L9M3Y2IqWakIe1huXB2NLczSnCvrnP6VlQBtRYYU3F7MRoQOf
cSxdps17uOG5UGI0CQ9bjBdTIgYn4p+UmQ8v4jrnke0Gsd8wizZjiuA0WGjKG9TF
IuRxu7w/AdW08p/VAbyh8FFVRrb+TrvTbh/f4TCi2PtAK/cUPStSADy9y7vk+7lW
MQBu3LmRl/haR7n/VxQUGWnvynELo7IOjcyBzwc3Qwrsn5VH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net