Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: DK/AqP7xvO8uK2NA6f0FeJRDhOLoYGu3M7bt4j7ENqI=
Subject key identifier: EE:9F:4A:BA:81:FB:7A:C3:3B:C8:D3:AA:4D:53:C7:49:C3:87:18:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35897DE70C15D6E3ED0FE518CA84C05DFB9AE60B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Mon 31 Mar 2025 19:50:14 +0000
ROA not before: Mon 31 Mar 2025 19:50:14 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:89:7d:e7:0c:15:d6:e3:ed:0f:e5:18:ca:84:c0:5d:fb:9a:e6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:50:14 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=909aa59633b674e9154dfb512c9593b117d63dd5f302933acf999bcbc29ae4f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:e7:c0:2c:07:9d:47:83:26:ba:21:6a:f1:
54:b9:33:5e:68:0d:21:1f:d2:8a:74:92:94:35:89:
c1:a8:59:a2:35:1d:1b:25:89:e8:3c:d1:a6:3b:4e:
cd:da:6e:95:cb:4e:53:45:a0:53:f6:45:1b:48:6d:
59:35:30:43:4a:ad:66:d4:df:97:f5:6a:3b:c6:f2:
cc:90:33:a2:ee:90:34:38:68:26:23:5e:b9:e7:40:
94:91:75:85:7c:cb:f9:9b:49:6c:88:61:7b:c1:1e:
09:1c:91:ef:eb:f6:49:b1:c8:4e:be:52:cc:2c:32:
e1:21:35:c6:93:85:55:70:a0:5c:5d:3f:1e:09:ad:
a6:b0:bc:93:de:e0:2d:09:99:92:0e:4f:7c:06:21:
fc:20:ef:89:65:e3:c7:20:f6:24:ec:47:8b:7b:ca:
a1:dd:5c:e9:2a:49:d0:d9:01:c3:89:16:89:51:81:
8d:c7:c9:ad:11:81:38:22:2d:90:71:b5:80:41:68:
ac:51:f5:a7:23:e7:c5:32:e9:5e:43:91:40:be:ab:
35:c4:0e:d0:f6:47:ef:7b:41:68:22:dc:e0:88:fc:
29:f2:1a:48:ea:94:4b:f3:99:4f:21:ee:5a:3b:83:
26:f5:7e:94:bc:a9:65:71:ad:d8:c0:0e:9f:1a:1c:
41:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9F:4A:BA:81:FB:7A:C3:3B:C8:D3:AA:4D:53:C7:49:C3:87:18:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
1d:0a:af:fa:23:a0:e9:cf:41:1d:a6:01:27:1a:5a:80:d8:6e:
e2:3e:1b:9f:90:13:14:0c:89:ec:09:3c:59:fb:49:ef:94:58:
8a:43:07:02:4b:8d:c9:72:53:f3:09:3c:33:70:91:2b:b8:bb:
b2:48:46:c9:10:dc:3f:6c:fb:b8:96:0b:ab:d0:63:a6:12:2b:
bf:b8:9f:c0:4c:6a:94:f4:2d:04:df:0e:1c:ec:ee:e5:f4:d2:
23:35:5a:16:ae:55:28:db:a4:bc:d8:29:02:44:b1:91:5d:4d:
50:c1:c0:c6:e7:29:34:c5:17:70:bf:8d:52:dc:42:dd:0b:16:
e1:34:41:1b:54:50:ef:ce:46:17:34:b2:0c:1d:6d:7d:99:47:
5e:20:3c:39:c9:16:28:b1:13:f6:2e:22:1a:f1:90:de:26:9c:
11:b5:74:a8:c7:19:d3:a2:e9:33:ca:eb:b3:d2:18:51:ea:03:
74:5f:39:c0:d9:44:8e:4c:b1:89:09:61:3b:38:54:4e:44:6a:
a1:70:71:f3:da:66:4d:6b:f4:87:1d:5c:ee:b7:37:f1:28:fa:
b8:c9:2d:9e:d2:10:be:26:66:4e:be:8f:02:5d:9b:49:da:36:
24:ce:43:73:4a:d6:7f:d5:24:fd:c5:9d:cb:e5:02:a2:1c:4c:
05:5f:da:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNYl95wwV1uPtD+UYyoTAXfua5gswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUwMTRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwOWFhNTk2MzNiNjc0ZTkxNTRkZmI1MTJjOTU5M2IxMTdkNjNkZDVmMzAy
OTMzYWNmOTk5YmNiYzI5YWU0ZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2758AsB51Hgya6IWrxVLkzXmgNIR/SinSSlDWJwahZojUdGyWJ6DzRpjtO
zdpulctOU0WgU/ZFG0htWTUwQ0qtZtTfl/VqO8byzJAzou6QNDhoJiNeuedAlJF1
hXzL+ZtJbIhhe8EeCRyR7+v2SbHITr5SzCwy4SE1xpOFVXCgXF0/HgmtprC8k97g
LQmZkg5PfAYh/CDviWXjxyD2JOxHi3vKod1c6SpJ0NkBw4kWiVGBjcfJrRGBOCIt
kHG1gEForFH1pyPnxTLpXkORQL6rNcQO0PZH73tBaCLc4Ij8KfIaSOqUS/OZTyHu
WjuDJvV+lLypZXGt2MAOnxocQc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTun0q6
gft6wzvI06pNU8dJw4cYqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAdCq/6I6Dpz0EdpgEnGlqA2G7iPhufkBMUDIns
CTxZ+0nvlFiKQwcCS43JclPzCTwzcJEruLuySEbJENw/bPu4lgur0GOmEiu/uJ/A
TGqU9C0E3w4c7O7l9NIjNVoWrlUo26S82CkCRLGRXU1QwcDG5yk0xRdwv41S3ELd
CxbhNEEbVFDvzkYXNLIMHW19mUdeIDw5yRYosRP2LiIa8ZDeJpwRtXSoxxnToukz
yuuz0hhR6gN0XznA2USOTLGJCWE7OFRORGqhcHHz2mZNa/SHHVzutzfxKPq4yS2e
0hC+JmZOvo8CXZtJ2jYkzkNzStZ/1ST9xZ3L5QKiHEwFX9pF
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net