Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json)
Hash identifier: kKdboE+7T60LTSt8aqfGyxaHuEEkod78gvpAvO4iY1U=
Subject key identifier: 9F:1D:94:D2:32:A9:A2:32:58:8C:82:77:8D:A7:E4:1E:69:27:E7:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67390A24041F7311E075136BB3FA7B4702143E04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
Signing time: Mon 31 Mar 2025 20:00:07 +0000
ROA not before: Mon 31 Mar 2025 20:00:07 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:39:0a:24:04:1f:73:11:e0:75:13:6b:b3:fa:7b:47:02:14:3e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:00:07 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=5088d21dbd8b7a1871d80e0ee1c2b6287cdd528e011a556938659a780d12feeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:12:b0:86:b9:c9:ba:bd:a8:64:cd:62:01:a2:
bf:04:af:fe:c9:0b:ab:ac:76:ec:f8:91:d0:27:49:
e8:63:6f:22:b7:f3:76:73:7d:9b:93:8e:76:be:bd:
f9:46:2e:8e:65:ef:0b:d7:44:40:97:04:d7:e5:fc:
ba:c8:96:a6:42:22:48:8e:98:c8:27:d7:bf:94:7e:
40:42:bd:fe:bb:16:8e:c1:4e:29:ac:f7:cb:85:cb:
9a:1d:a2:3c:3a:75:a5:0a:63:55:9a:fa:c4:3e:75:
26:a9:b1:58:56:7a:c4:cd:1e:47:a7:cf:6d:50:7f:
ab:71:d0:cb:a1:cb:90:56:9a:8f:08:fb:95:a8:b4:
1f:24:e2:8c:e6:25:53:63:54:d1:d5:31:51:54:8b:
74:97:67:a6:4a:36:36:f5:b5:24:0d:3a:fa:1b:d2:
30:1b:b2:51:3c:66:4e:e3:86:ff:db:ab:7b:2a:8a:
23:48:d0:0d:e8:83:c7:75:2b:5e:9e:6e:01:70:f1:
e2:e1:a9:b1:90:aa:4b:a7:f0:16:f8:7c:43:19:49:
d8:b2:a3:5d:04:de:cb:38:49:ed:cc:30:30:21:4e:
fd:dd:be:83:30:79:1f:1b:0a:f6:e3:d2:6d:87:e7:
99:1e:ee:aa:4f:a1:67:f6:56:3f:6d:13:7f:02:2c:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1D:94:D2:32:A9:A2:32:58:8C:82:77:8D:A7:E4:1E:69:27:E7:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
15:fa:ba:60:5f:68:6a:f0:bc:9a:bb:d3:a7:82:4d:a2:76:10:
aa:fc:5d:8b:f9:0b:ca:52:bc:77:6d:2a:94:c6:52:c1:06:85:
e5:bc:37:60:a6:31:9b:78:0d:4c:96:1c:b3:29:ed:53:95:fa:
fb:c6:cb:22:87:55:f8:c7:5b:81:75:72:50:c1:3e:6a:8b:e9:
fc:ec:3b:ba:39:a1:15:af:7a:af:39:46:80:8d:3b:df:ce:c4:
bf:65:2a:e9:18:52:8f:a5:04:be:1a:ab:a8:0f:cc:7b:db:db:
f5:53:52:23:3b:ce:1d:0d:f5:55:c2:0a:83:cd:54:2f:a5:3e:
2a:29:5c:1f:dd:46:f6:7e:61:78:69:68:fb:37:77:99:3c:86:
3d:01:d0:3d:05:f8:78:f9:b8:8f:f6:3b:ff:63:c0:a4:26:cd:
df:d8:16:cc:9e:84:e5:21:50:35:34:11:94:2e:2a:9a:17:39:
f1:31:13:f5:19:32:c7:18:c8:fa:b5:8d:b9:72:f1:f7:11:6a:
98:87:1b:7c:90:ef:52:60:7e:90:da:0a:e7:97:cf:82:a9:3b:
be:02:68:a2:5e:47:9d:c0:c5:b9:10:dc:00:cc:d8:34:0b:b3:
8f:eb:0e:46:e5:28:a1:30:53:86:ba:8f:ce:06:8a:43:28:a0:
31:40:4c:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZzkKJAQfcxHgdRNrs/p7RwIUPgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAwMDdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwODhkMjFkYmQ4YjdhMTg3MWQ4MGUwZWUxYzJiNjI4N2NkZDUyOGUwMTFh
NTU2OTM4NjU5YTc4MGQxMmZlZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIQSsIa5ybq9qGTNYgGivwSv/skLq6x27PiR0CdJ6GNvIrfzdnN9m5OOdr69
+UYujmXvC9dEQJcE1+X8usiWpkIiSI6YyCfXv5R+QEK9/rsWjsFOKaz3y4XLmh2i
PDp1pQpjVZr6xD51JqmxWFZ6xM0eR6fPbVB/q3HQy6HLkFaajwj7lai0HyTijOYl
U2NU0dUxUVSLdJdnpko2NvW1JA06+hvSMBuyUTxmTuOG/9ureyqKI0jQDeiDx3Ur
Xp5uAXDx4uGpsZCqS6fwFvh8QxlJ2LKjXQTeyzhJ7cwwMCFO/d2+gzB5HxsK9uPS
bYfnmR7uqk+hZ/ZWP20TfwIsrWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfHZTS
MqmiMliMgneNp+QeaSfn9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQAV+rpgX2hq8Lyau9Ongk2idhCq/F2L+QvKUrx3
bSqUxlLBBoXlvDdgpjGbeA1MlhyzKe1Tlfr7xssih1X4x1uBdXJQwT5qi+n87Du6
OaEVr3qvOUaAjTvfzsS/ZSrpGFKPpQS+GquoD8x729v1U1IjO84dDfVVwgqDzVQv
pT4qKVwf3Ub2fmF4aWj7N3eZPIY9AdA9Bfh4+biP9jv/Y8CkJs3f2BbMnoTlIVA1
NBGULiqaFznxMRP1GTLHGMj6tY25cvH3EWqYhxt8kO9SYH6Q2grnl8+CqTu+Amii
XkedwMW5ENwAzNg0C7OP6w5G5SihMFOGuo/OBopDKKAxQEw9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net