Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
File: 89a57214-0fc2-48c6-99d6-19852ea7a30e.roa (raw, json)
Hash identifier: giOIcDdaQj7ZOUBqyDl6l2XosM7S3IHlrf0yn8hddyw=
Subject key identifier: 20:2F:8E:62:E5:8D:98:AD:FC:AF:50:C5:FF:06:0E:B7:79:3F:E1:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77E7B81C4181841BFED37866E827204746F4BD63
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
Signing time: Mon 31 Mar 2025 19:50:05 +0000
ROA not before: Mon 31 Mar 2025 19:50:05 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:e7:b8:1c:41:81:84:1b:fe:d3:78:66:e8:27:20:47:46:f4:bd:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:50:05 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=88430c3338b3f12d00c4fad9a5a618afbee48013b11d72d765b40b07ba3aaaf1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:0f:a1:c8:ea:fd:5b:eb:b6:c6:3e:af:b5:
c7:c0:aa:35:83:f4:fb:77:e3:ac:2f:cf:3d:e4:6b:
ff:8b:21:77:91:0e:44:68:67:c5:67:21:11:cd:99:
ba:d4:e5:d3:02:a6:87:42:03:ba:6e:1e:de:1a:f3:
7c:e8:d6:93:e3:bc:d9:ae:b5:bf:cd:a1:f2:ae:d6:
b2:0c:39:62:91:f6:b2:61:0d:9d:df:68:00:70:d1:
ce:d1:b5:f7:4a:f1:6d:df:ea:2a:ea:2b:4c:06:f7:
e1:ab:65:a9:7a:a2:85:3c:3e:bc:a6:36:07:bf:d8:
07:eb:61:b9:11:f2:a8:78:db:a1:0b:65:2a:07:1a:
6c:d5:19:b7:61:91:95:a8:44:6d:76:34:01:a4:59:
6a:43:70:68:49:2c:2c:b7:d7:d5:61:14:4f:7e:51:
98:20:61:7c:fe:b0:ee:e8:57:cf:88:75:68:8c:10:
b9:da:fd:ad:a2:b1:d1:2a:b5:8d:c0:59:e0:17:0c:
35:46:f3:70:d1:fb:84:47:78:1b:24:5d:4b:cd:4b:
e3:70:4e:48:ba:71:89:78:17:08:61:b7:35:82:a0:
b4:4a:a5:99:26:79:80:be:49:6f:73:f6:36:70:dd:
83:b2:b1:1e:2c:19:67:17:22:06:fa:31:cd:d7:08:
79:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2F:8E:62:E5:8D:98:AD:FC:AF:50:C5:FF:06:0E:B7:79:3F:E1:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1080::/48
Signature Algorithm: sha256WithRSAEncryption
57:bb:18:11:e4:44:c3:d2:a9:4a:47:90:4e:5f:14:e6:7c:50:
03:84:49:85:4d:3b:2a:ed:0f:37:56:39:02:45:3a:7f:93:0f:
5b:c3:7f:fa:1f:15:64:fc:e9:8e:37:ac:08:2d:e6:7d:48:0f:
cb:97:b4:51:2d:34:ed:14:30:fc:96:8b:45:ea:c4:63:aa:67:
e8:c3:ad:d0:19:33:cf:9b:ae:71:1f:6b:23:45:3e:3c:ee:dc:
90:01:66:1a:e2:c0:52:4e:3f:c5:c4:88:0d:38:bf:bb:c2:fd:
f5:3e:d8:5a:7c:82:71:b4:78:4d:51:d0:e8:ae:cd:ea:e2:82:
a5:ed:dc:7a:4a:63:d0:da:9d:d9:e3:f0:43:f9:a1:db:17:bf:
5a:d0:f8:69:e5:f5:91:40:32:7e:ff:3b:55:af:a3:f1:02:ab:
0c:2e:83:35:12:79:10:1e:b5:c0:7c:3f:86:3e:f2:fb:2d:04:
30:22:d2:33:ed:83:6f:cb:ed:1c:5c:9e:e9:a2:f1:43:38:1c:
2d:7e:91:9c:c4:ce:d0:9d:5b:ca:01:75:20:a9:a9:9d:fd:24:
28:c2:d9:d3:65:74:c9:b5:02:85:62:9c:b2:cf:10:29:c2:5a:
dd:7c:a2:cc:3b:4e:97:b2:62:8f:06:7e:32:2f:4c:90:08:87:
18:53:73:77
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd+e4HEGBhBv+03hm6CcgR0b0vWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUwMDVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NDMwYzMzMzhiM2YxMmQwMGM0ZmFkOWE1YTYxOGFmYmVlNDgwMTNiMTFk
NzJkNzY1YjQwYjA3YmEzYWFhZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRiD6HI6v1b67bGPq+1x8CqNYP0+3fjrC/PPeRr/4shd5EORGhnxWchEc2Z
utTl0wKmh0IDum4e3hrzfOjWk+O82a61v82h8q7Wsgw5YpH2smENnd9oAHDRztG1
90rxbd/qKuorTAb34atlqXqihTw+vKY2B7/YB+thuRHyqHjboQtlKgcabNUZt2GR
lahEbXY0AaRZakNwaEksLLfX1WEUT35RmCBhfP6w7uhXz4h1aIwQudr9raKx0Sq1
jcBZ4BcMNUbzcNH7hEd4GyRdS81L43BOSLpxiXgXCGG3NYKgtEqlmSZ5gL5Jb3P2
NnDdg7KxHiwZZxciBvoxzdcIeZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQgL45i
5Y2YrfyvUMX/Bg63eT/hhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODlhNTcyMTQtMGZjMi00OGM2LTk5ZDYtMTk4NTJlYTdhMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAV7sYEeREw9KpSkeQTl8U5nxQA4RJhU07Ku0P
N1Y5AkU6f5MPW8N/+h8VZPzpjjesCC3mfUgPy5e0US007RQw/JaLRerEY6pn6MOt
0Bkzz5uucR9rI0U+PO7ckAFmGuLAUk4/xcSIDTi/u8L99T7YWnyCcbR4TVHQ6K7N
6uKCpe3cekpj0Nqd2ePwQ/mh2xe/WtD4aeX1kUAyfv87Va+j8QKrDC6DNRJ5EB61
wHw/hj7y+y0EMCLSM+2Db8vtHFye6aLxQzgcLX6RnMTO0J1bygF1IKmpnf0kKMLZ
02V0ybUChWKcss8QKcJa3XyizDtOl7JijwZ+Mi9MkAiHGFNzdw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net