Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: gjmrdFSCtoWFnp4NlyO+rt43PJGGyM5saxAcRSTErsQ=
Subject key identifier: 32:43:21:48:D2:EF:95:2E:51:82:25:6A:8D:68:40:BB:36:AA:4C:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37D2C7B96F8500A8AC6C27C353EDC14E08A5AE5C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Mon 31 Mar 2025 20:50:03 +0000
ROA not before: Mon 31 Mar 2025 20:50:03 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:d2:c7:b9:6f:85:00:a8:ac:6c:27:c3:53:ed:c1:4e:08:a5:ae:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:50:03 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=8629810b4977ab71d120c9b4eaf44e7936ae76186a97c0a93e01f738c5fb5657, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a3:03:81:71:cb:25:7c:3b:9d:2a:e4:0c:7c:
ef:2f:05:c6:4b:5e:97:82:5d:6a:a1:83:e1:c0:e6:
5c:e6:9c:1b:6d:4d:55:8a:ca:6a:26:3b:12:ee:37:
3b:51:7c:2c:f0:f5:f5:6f:dd:7a:04:90:32:7e:db:
b1:1b:75:21:75:6f:2e:40:43:10:f2:98:44:1c:e8:
6f:c2:c4:ac:99:ec:12:48:3c:4b:34:d7:f1:3f:98:
42:44:f6:8b:5e:27:ec:8d:85:7c:38:5d:0e:6a:32:
f3:03:2e:3e:75:ab:65:bd:f7:4d:04:db:6b:b1:3b:
b7:ac:d4:25:58:6d:dd:e8:c5:6c:0d:d9:99:45:26:
99:59:07:d1:89:5e:4d:0c:6a:69:06:a5:16:c1:05:
b0:53:1c:0e:41:e6:40:f2:8a:01:0a:d6:b3:53:ba:
f0:1c:ca:86:53:d2:0c:f4:9d:9d:e3:fd:2c:27:65:
5d:8c:be:7c:b7:9e:39:78:dd:4b:b0:1f:f6:8f:4d:
89:86:cf:71:1b:13:19:b0:f4:6d:a7:07:06:d6:5d:
f8:6f:97:79:fe:88:73:89:bf:2a:de:8f:8e:74:b2:
93:6d:da:b9:1e:39:ba:f1:c8:52:08:0b:11:19:9f:
41:b4:cc:06:ed:22:74:77:10:6a:97:14:6c:57:9a:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:43:21:48:D2:EF:95:2E:51:82:25:6A:8D:68:40:BB:36:AA:4C:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:9a:70:b9:e1:9d:78:d2:f6:2e:12:ad:44:d4:42:46:88:86:
89:7b:d4:2b:2d:d6:91:c5:10:b9:2f:30:19:23:21:23:2e:50:
05:0b:0c:07:d8:a7:7e:b8:5c:66:7c:fb:c0:50:5d:98:3f:fb:
0b:33:d0:e8:4a:ba:37:78:45:c9:f2:7e:3e:9d:08:32:a0:e3:
7d:dc:90:8a:ad:fc:65:6a:cd:6d:78:fc:b1:03:65:82:20:7f:
68:e0:11:11:0c:a5:45:60:68:49:4d:4e:3d:0d:2f:98:3c:fe:
fc:60:af:3c:51:8a:28:68:8d:00:e7:33:50:ec:60:38:36:fb:
92:30:20:68:e4:83:88:4c:ca:6f:17:04:20:e5:c8:19:d4:c7:
fc:08:1a:63:ee:46:d4:37:40:1f:84:f9:45:6f:df:b5:a7:5d:
ad:27:fd:05:ff:f9:ce:97:90:8b:0a:88:a7:d2:26:f6:1d:fc:
c8:a2:af:16:be:68:a9:fe:1a:11:02:15:74:fa:8d:10:2f:da:
e8:17:58:b1:88:c9:21:14:67:14:3b:5a:3b:c5:ed:43:22:0f:
66:d1:f2:41:df:15:ef:9a:4d:c1:d9:78:27:ad:fc:00:64:37:
35:b9:9f:81:74:43:29:2a:94:b1:63:33:70:71:a6:bf:ce:79:
94:c4:e4:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN9LHuW+FAKisbCfDU+3BTgilrlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUwMDNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2Mjk4MTBiNDk3N2FiNzFkMTIwYzliNGVhZjQ0ZTc5MzZhZTc2MTg2YTk3
YzBhOTNlMDFmNzM4YzVmYjU2NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI2jA4FxyyV8O50q5Ax87y8Fxktel4JdaqGD4cDmXOacG21NVYrKaiY7Eu43
O1F8LPD19W/degSQMn7bsRt1IXVvLkBDEPKYRBzob8LErJnsEkg8SzTX8T+YQkT2
i14n7I2FfDhdDmoy8wMuPnWrZb33TQTba7E7t6zUJVht3ejFbA3ZmUUmmVkH0Yle
TQxqaQalFsEFsFMcDkHmQPKKAQrWs1O68BzKhlPSDPSdneP9LCdlXYy+fLeeOXjd
S7Af9o9NiYbPcRsTGbD0bacHBtZd+G+Xef6Ic4m/Kt6PjnSyk23auR45uvHIUggL
ERmfQbTMBu0idHcQapcUbFeaXDcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyQyFI
0u+VLlGCJWqNaEC7NqpMXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgmnC54Z140vYuEq1E1EJGiIaJe9QrLdaRxRC5
LzAZIyEjLlAFCwwH2Kd+uFxmfPvAUF2YP/sLM9DoSro3eEXJ8n4+nQgyoON93JCK
rfxlas1tePyxA2WCIH9o4BERDKVFYGhJTU49DS+YPP78YK88UYooaI0A5zNQ7GA4
NvuSMCBo5IOITMpvFwQg5cgZ1Mf8CBpj7kbUN0AfhPlFb9+1p12tJ/0F//nOl5CL
Coin0ib2HfzIoq8Wvmip/hoRAhV0+o0QL9roF1ixiMkhFGcUO1o7xe1DIg9m0fJB
3xXvmk3B2XgnrfwAZDc1uZ+BdEMpKpSxYzNwcaa/znmUxOQC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net