Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: uUGrlAs86H1u3UG0rhkETuoOT/qSFuMLzfF/JiqUVd4=
Subject key identifier: 00:78:F8:28:46:10:8D:B5:BB:E3:E6:D9:2A:B1:CB:F2:30:CE:9C:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E9443533D278B83237CDAF17ECDDE38F76B9D1E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Mon 31 Mar 2025 21:01:01 +0000
ROA not before: Mon 31 Mar 2025 21:01:01 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:94:43:53:3d:27:8b:83:23:7c:da:f1:7e:cd:de:38:f7:6b:9d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:01:01 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=bc729c1ae3d1a576dbe6e63a758254278d6eed2ee9ec260b42614405e574e5dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:45:4b:52:9d:b2:bc:35:d2:43:da:e6:47:b2:
12:c5:a5:99:06:90:77:a1:fc:1b:74:19:f0:5a:42:
bb:ab:3c:b9:48:3b:ec:60:c6:ef:a4:c4:f2:6d:e5:
fa:38:0f:98:b2:38:c8:70:56:00:5a:2e:fd:a8:8c:
55:50:6b:08:3b:31:94:28:9e:72:b4:c4:0f:af:57:
f1:68:50:1d:bb:9a:fc:d0:13:93:c4:14:3b:f4:72:
39:4c:bc:f9:29:a1:4e:15:42:ab:dd:25:c2:b3:7d:
64:42:35:0d:fa:19:98:4d:83:bf:64:da:98:6d:24:
6b:9f:bd:69:d8:6c:a4:0e:0e:e2:f5:3d:34:41:f2:
ba:45:61:38:3c:b5:92:33:4a:ca:c3:01:89:bd:68:
11:66:0f:aa:db:5a:05:d1:94:7c:eb:3f:26:07:0d:
b9:82:3c:68:b5:d1:20:ba:48:4e:ec:a2:87:34:c8:
81:6f:9d:82:64:5a:20:31:57:cf:73:ac:0c:29:d8:
89:21:76:f0:fd:2e:b3:e9:7f:f4:44:e4:f4:7f:c3:
57:43:c5:77:90:f6:c3:2a:10:16:ba:fb:87:ad:be:
93:02:41:19:5c:1c:b4:fe:10:3a:37:5e:ce:a9:f5:
15:6d:5c:b1:95:6d:84:66:33:5b:01:6d:14:d1:c5:
5a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:78:F8:28:46:10:8D:B5:BB:E3:E6:D9:2A:B1:CB:F2:30:CE:9C:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
90:02:24:b3:5b:c5:8a:36:47:6d:57:cc:da:9b:b3:8e:f5:5a:
54:12:a2:05:15:49:ea:df:e6:93:0e:1c:86:d7:4a:c9:71:06:
45:6d:81:6b:1b:9d:f7:bf:2a:80:b9:6d:dd:8b:be:ff:07:7b:
42:ff:76:81:1c:36:19:02:9e:31:83:a3:d8:45:1a:4c:58:13:
3e:6f:d7:0b:1d:90:7f:29:a1:13:f9:b2:eb:ff:02:31:a4:08:
c5:6e:a3:15:c0:3a:07:18:3a:0e:ad:c5:01:27:49:76:52:9d:
7e:40:fc:f3:50:a0:96:ff:7b:6b:51:03:75:cc:17:41:c9:06:
2c:88:83:f5:d5:48:1c:6f:7f:34:6c:4a:56:fc:67:b9:d5:74:
5c:68:c6:f2:4c:71:e3:8a:10:09:f8:cb:34:77:79:32:d7:be:
8f:0b:9a:06:6c:c3:18:36:3f:5d:a4:a0:1d:de:25:a2:b5:d5:
66:65:2b:8a:46:6f:1a:07:1f:0c:07:c2:62:a0:a8:1e:12:2d:
8f:2e:a5:65:b6:1a:93:97:f7:fb:b3:2d:29:b9:ec:26:b4:ba:
8e:91:aa:41:68:f9:f9:72:78:7d:a9:8f:f0:d1:a8:92:49:bd:
79:4b:cf:fc:ec:8f:bc:5b:50:8a:19:bb:b6:f6:09:d5:f8:e9:
7c:1b:ea:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfpRDUz0ni4MjfNrxfs3eOPdrnR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTAxMDFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjNzI5YzFhZTNkMWE1NzZkYmU2ZTYzYTc1ODI1NDI3OGQ2ZWVkMmVlOWVj
MjYwYjQyNjE0NDA1ZTU3NGU1ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1FS1Kdsrw10kPa5keyEsWlmQaQd6H8G3QZ8FpCu6s8uUg77GDG76TE8m3l
+jgPmLI4yHBWAFou/aiMVVBrCDsxlCiecrTED69X8WhQHbua/NATk8QUO/RyOUy8
+SmhThVCq90lwrN9ZEI1DfoZmE2Dv2TamG0ka5+9adhspA4O4vU9NEHyukVhODy1
kjNKysMBib1oEWYPqttaBdGUfOs/JgcNuYI8aLXRILpITuyihzTIgW+dgmRaIDFX
z3OsDCnYiSF28P0us+l/9ETk9H/DV0PFd5D2wyoQFrr7h62+kwJBGVwctP4QOjde
zqn1FW1csZVthGYzWwFtFNHFWn0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAePgo
RhCNtbvj5tkqscvyMM6cSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCQAiSzW8WKNkdtV8zam7OO9VpUEqIFFUnq3+aT
DhyG10rJcQZFbYFrG533vyqAuW3di77/B3tC/3aBHDYZAp4xg6PYRRpMWBM+b9cL
HZB/KaET+bLr/wIxpAjFbqMVwDoHGDoOrcUBJ0l2Up1+QPzzUKCW/3trUQN1zBdB
yQYsiIP11Ugcb380bEpW/Ge51XRcaMbyTHHjihAJ+Ms0d3ky176PC5oGbMMYNj9d
pKAd3iWitdVmZSuKRm8aBx8MB8JioKgeEi2PLqVlthqTl/f7sy0puewmtLqOkapB
aPn5cnh9qY/w0aiSSb15S8/87I+8W1CKGbu29gnV+Ol8G+om
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net