Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/905bb587-bceb-45a9-857c-944564030c20.roa
File: 905bb587-bceb-45a9-857c-944564030c20.roa (raw, json)
Hash identifier: 15bQAfykT/LwRGd9wOji7V3Y6z4z3I/PTWxlnKyIRgo=
Subject key identifier: 73:B8:45:4E:EB:1C:7A:37:A5:B6:0B:4F:F3:90:C8:EF:E4:03:F5:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30AAF450570C63DE61D7DF15052A6844847704A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/905bb587-bceb-45a9-857c-944564030c20.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:aa:f4:50:57:0c:63:de:61:d7:df:15:05:2a:68:44:84:77:04:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=9023fc53161f9de4eae6c6e1cf3a7e00a6b1c7f8bfff14b43fe586caa20c59f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6c:a8:b9:1e:f9:d8:aa:c6:e4:00:e6:d4:dc:
16:0a:b5:d7:69:a6:67:7c:01:66:b6:08:e8:71:8c:
d9:ed:c7:55:17:a1:17:17:46:1a:a8:c3:7b:bb:7f:
5b:73:22:32:02:09:b1:69:1e:f7:21:60:4c:47:43:
e6:b2:be:60:37:0a:b4:f2:38:41:f1:60:ef:7a:7a:
65:00:a9:6d:01:ce:2b:ef:99:63:7d:8c:1f:75:d8:
a5:10:ac:e9:97:71:a9:8a:aa:93:71:cd:09:0c:3c:
bc:ce:87:1f:d4:cd:de:5a:9f:70:31:53:db:fd:72:
12:d0:b5:db:00:42:57:6a:a3:6e:ea:26:8d:71:5d:
8e:b1:e4:77:78:bf:81:39:81:79:45:8c:d0:f3:75:
8a:d2:48:a8:cf:2b:8f:c9:bd:01:bc:71:63:27:03:
13:48:e4:c3:4b:4f:bf:18:f8:6e:18:ff:fa:38:0f:
11:36:93:8e:e3:72:49:ae:0d:44:37:dd:ed:32:5e:
1e:22:59:0b:78:3a:c4:86:d1:95:21:52:d3:18:2d:
47:bf:74:39:a5:d9:78:eb:81:da:35:a7:56:3b:00:
c6:4c:14:16:9e:ca:50:d3:7d:08:e5:3e:fc:73:5b:
e2:00:03:0a:ad:69:0f:db:7e:ef:49:e3:77:16:dd:
9a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:45:4E:EB:1C:7A:37:A5:B6:0B:4F:F3:90:C8:EF:E4:03:F5:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/905bb587-bceb-45a9-857c-944564030c20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:12:bb:c9:f0:11:d9:cc:58:87:05:df:58:0a:23:ad:30:d8:
bd:8e:a2:27:84:6d:c7:f0:cd:31:c0:3f:fa:28:ca:8f:69:63:
2a:e7:71:8f:96:93:b8:ef:21:35:0b:6e:f0:01:67:a9:01:54:
e8:e8:89:a6:8b:1e:93:54:ed:4f:1b:74:df:10:94:5e:57:60:
08:bd:79:e1:d2:b9:fe:21:16:40:76:99:91:90:5c:7f:e3:17:
7d:86:e0:73:de:36:91:f9:5d:5a:89:8c:7a:5d:e3:a6:ee:d7:
5b:84:fa:d6:d0:6c:77:39:8f:6e:60:f4:3c:4b:9f:52:c4:b1:
01:8a:5a:04:a3:29:68:5b:1f:6c:56:38:39:2c:83:26:0d:3a:
99:5f:4d:54:74:dd:b5:ad:f6:94:65:00:9e:72:41:7f:9e:53:
70:d5:34:c9:de:e2:eb:53:63:22:1a:9b:f8:3d:93:be:1e:03:
52:5b:73:df:b1:f0:ac:df:99:76:b4:94:e2:7d:99:ff:c5:39:
5d:e9:49:c6:29:cf:3e:1f:9f:94:5d:b5:a4:6c:a6:d9:8f:9f:
17:19:e9:dc:b0:c8:dc:26:98:8a:fc:08:27:23:f9:04:b4:a2:
ef:e6:a8:40:bf:01:80:89:3f:12:4a:17:18:04:fb:33:58:f1:
5a:6c:4c:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMKr0UFcMY95h198VBSpoRIR3BKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwMjNmYzUzMTYxZjlkZTRlYWU2YzZlMWNmM2E3ZTAwYTZiMWM3ZjhiZmZm
MTRiNDNmZTU4NmNhYTIwYzU5ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxsqLke+diqxuQA5tTcFgq112mmZ3wBZrYI6HGM2e3HVRehFxdGGqjDe7t/
W3MiMgIJsWke9yFgTEdD5rK+YDcKtPI4QfFg73p6ZQCpbQHOK++ZY32MH3XYpRCs
6ZdxqYqqk3HNCQw8vM6HH9TN3lqfcDFT2/1yEtC12wBCV2qjbuomjXFdjrHkd3i/
gTmBeUWM0PN1itJIqM8rj8m9AbxxYycDE0jkw0tPvxj4bhj/+jgPETaTjuNySa4N
RDfd7TJeHiJZC3g6xIbRlSFS0xgtR790OaXZeOuB2jWnVjsAxkwUFp7KUNN9COU+
/HNb4gADCq1pD9t+70njdxbdms0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzuEVO
6xx6N6W2C0/zkMjv5AP1nTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTA1YmI1ODctYmNlYi00NWE5LTg1N2MtOTQ0NTY0MDMwYzIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUg
MA0GCSqGSIb3DQEBCwUAA4IBAQC7ErvJ8BHZzFiHBd9YCiOtMNi9jqInhG3H8M0x
wD/6KMqPaWMq53GPlpO47yE1C27wAWepAVTo6Immix6TVO1PG3TfEJReV2AIvXnh
0rn+IRZAdpmRkFx/4xd9huBz3jaR+V1aiYx6XeOm7tdbhPrW0Gx3OY9uYPQ8S59S
xLEBiloEoyloWx9sVjg5LIMmDTqZX01UdN21rfaUZQCeckF/nlNw1TTJ3uLrU2Mi
Gpv4PZO+HgNSW3PfsfCs35l2tJTifZn/xTld6UnGKc8+H5+UXbWkbKbZj58XGenc
sMjcJpiK/AgnI/kEtKLv5qhAvwGAiT8SShcYBPszWPFabEwL
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:17 2024 by rpki-client on console.sobornost.net