Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa
File: 8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa (raw, json)
Hash identifier: IXu+7T2qD9DBEt7YcV2j8iuIHBzs/XsVoE0K1bLd8zo=
Subject key identifier: 44:42:2E:E0:5D:1D:8D:BD:B0:A3:1A:B1:B3:78:36:36:BD:4A:75:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40FB37611EDB265F00E92967B8EDA0C7513D084F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:fb:37:61:1e:db:26:5f:00:e9:29:67:b8:ed:a0:c7:51:3d:08:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: serialNumber=18599849eb6682fe088f7a73e832104952ee0f8f89d0f4354f145dbb5bb27ce9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:66:a1:f0:3e:56:cd:ea:20:84:16:69:6e:9d:
d4:09:e0:05:6b:08:7e:6f:42:00:b2:9c:4e:74:c0:
bc:8a:8d:52:ed:0a:13:29:73:93:47:8d:d7:18:99:
54:f0:44:79:dc:6c:c8:d4:2a:c9:bd:97:91:eb:8b:
0f:e5:3a:19:50:89:87:da:21:32:4c:d2:7d:62:50:
f7:b8:5b:a0:fe:0c:89:61:ec:10:49:59:2d:03:b6:
bf:51:b2:4e:47:5d:18:37:f5:da:c3:cc:ec:26:ef:
75:fa:95:e3:02:4b:4b:ad:ec:ed:e6:a1:1e:44:cf:
a0:9e:36:09:cd:ae:33:50:a5:38:4d:38:a2:d7:e3:
a6:27:ee:26:34:50:c4:8f:72:ce:2f:c9:ee:58:7b:
39:7b:de:ff:3f:1a:31:7d:f1:22:b4:8e:c0:08:0e:
10:15:20:3b:c7:27:c8:67:d7:31:02:f6:18:7d:b2:
65:16:d2:ee:b0:d4:9f:fe:20:31:fd:6c:44:97:f3:
84:02:ad:ad:5d:c5:97:13:3e:e4:ea:c8:9d:89:38:
45:b9:6d:8e:76:d9:f9:38:58:e6:31:31:83:c5:85:
d1:16:be:c6:ce:2d:5a:ed:b8:c3:50:59:5c:f0:05:
94:5e:3a:d0:7f:d9:be:6c:a3:02:46:29:b2:f9:44:
f5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:42:2E:E0:5D:1D:8D:BD:B0:A3:1A:B1:B3:78:36:36:BD:4A:75:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
af:c9:51:53:ce:76:1d:43:2d:90:a7:e9:3e:72:b5:98:db:72:
96:6d:1e:0d:0c:bf:ba:46:ec:e4:26:95:9f:73:bb:ee:15:3c:
d7:df:39:4d:2d:61:78:54:8b:87:3f:c5:b3:ac:89:a4:7b:60:
3f:6b:60:dc:11:64:1a:af:01:4f:df:22:fe:ac:f8:37:46:3b:
cd:27:05:6e:69:e0:1c:a3:b2:6a:76:59:51:67:cb:dc:ad:db:
6e:3e:f8:c9:d8:d2:a4:95:e2:eb:67:cd:0d:6f:34:11:ec:78:
08:45:93:a4:4b:8c:cb:3c:d8:41:90:b7:84:77:78:a8:3a:6e:
48:eb:0a:2f:7c:b5:c7:06:7b:e7:ad:d1:f9:74:9d:23:c0:81:
ae:1d:6c:0a:16:9a:eb:10:2a:1e:4c:0f:c6:0a:32:66:17:cd:
8b:d6:7e:d5:43:a4:5e:e1:66:0d:b9:d5:08:fb:5d:30:ee:9b:
ce:b3:b3:a9:4b:16:af:31:d7:0a:f9:89:39:84:0f:63:a1:c2:
5c:94:ef:7b:5e:81:7c:8c:80:11:d8:15:c5:eb:72:dd:a8:9e:
29:62:32:28:30:1a:e9:93:9e:d1:10:b4:e0:de:4e:a8:00:c9:
56:c3:fe:c9:45:01:9b:0c:6b:9b:59:f9:d9:97:83:6d:8f:18:
9d:75:5b:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQPs3YR7bJl8A6SlnuO2gx1E9CE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NTk5ODQ5ZWI2NjgyZmUwODhmN2E3M2U4MzIxMDQ5NTJlZTBmOGY4OWQw
ZjQzNTRmMTQ1ZGJiNWJiMjdjZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpmofA+Vs3qIIQWaW6d1AngBWsIfm9CALKcTnTAvIqNUu0KEylzk0eN1xiZ
VPBEedxsyNQqyb2XkeuLD+U6GVCJh9ohMkzSfWJQ97hboP4MiWHsEElZLQO2v1Gy
TkddGDf12sPM7CbvdfqV4wJLS63s7eahHkTPoJ42Cc2uM1ClOE04otfjpifuJjRQ
xI9yzi/J7lh7OXve/z8aMX3xIrSOwAgOEBUgO8cnyGfXMQL2GH2yZRbS7rDUn/4g
Mf1sRJfzhAKtrV3FlxM+5OrInYk4RbltjnbZ+ThY5jExg8WF0Ra+xs4tWu24w1BZ
XPAFlF460H/ZvmyjAkYpsvlE9fsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREQi7g
XR2NvbCjGrGzeDY2vUp1gTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGMyMGZkMTUtMjQ2ZS00ZjQ5LTg1NDktZjA2ZWEwZDRjMmM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCvyVFTznYdQy2Qp+k+crWY23KWbR4NDL+6Ruzk
JpWfc7vuFTzX3zlNLWF4VIuHP8WzrImke2A/a2DcEWQarwFP3yL+rPg3RjvNJwVu
aeAco7JqdllRZ8vcrdtuPvjJ2NKkleLrZ80NbzQR7HgIRZOkS4zLPNhBkLeEd3io
Om5I6wovfLXHBnvnrdH5dJ0jwIGuHWwKFprrECoeTA/GCjJmF82L1n7VQ6Re4WYN
udUI+10w7pvOs7OpSxavMdcK+Yk5hA9jocJclO97XoF8jIAR2BXF63LdqJ4pYjIo
MBrpk57RELTg3k6oAMlWw/7JRQGbDGubWfnZl4NtjxiddVur
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:17 2024 by rpki-client on console.sobornost.net