Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: S88j3f40wV1hbf4Y2J7jP9o4wktjSLxwi5fJtHqMDW0=
Subject key identifier: 1C:47:DD:7B:F2:64:11:B1:EF:D6:31:AC:7E:BE:52:9C:92:FB:0E:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4400DF75DCC66EF2AF4E6662D8A0BE51AC4D0FA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Mon 31 Mar 2025 20:41:08 +0000
ROA not before: Mon 31 Mar 2025 20:41:08 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:00:df:75:dc:c6:6e:f2:af:4e:66:62:d8:a0:be:51:ac:4d:0f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:41:08 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=1abb279c25db7553b25a3d7613b2d6f4fee234bddfd30b6370145a80078030e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:67:a9:70:49:0b:17:a8:73:57:1b:9e:8d:93:
ed:3b:f5:89:38:7a:3f:3b:fd:e2:2b:f4:08:86:bc:
a5:ac:a6:4d:70:e9:65:0d:a6:d7:66:4e:e9:8e:16:
50:7e:0e:6d:f4:d3:f2:d8:e1:9e:ce:27:1e:8e:f9:
50:38:53:f5:ec:b4:80:99:cf:6c:d3:98:31:bc:17:
4d:07:1d:a6:b4:91:8b:8f:e2:f0:99:bd:5c:6a:8a:
30:9e:20:e7:8c:e7:6f:24:65:8a:70:17:1a:79:72:
28:b1:73:7e:01:76:f2:3e:3a:c0:40:f5:78:b1:89:
e9:b5:4a:5d:17:9a:51:66:ce:c9:7d:52:a3:5c:f1:
54:a9:ae:bf:44:4c:c6:5d:cf:7f:44:02:37:81:b3:
40:48:19:eb:d6:ba:a0:8c:e3:37:46:49:6a:97:24:
e9:ec:89:82:c9:c3:7c:13:62:93:30:24:9b:b0:03:
2c:49:df:b3:6a:e8:c0:04:d5:da:d8:23:b9:79:60:
56:f3:1b:83:55:b0:53:a2:f2:da:e6:b3:50:3f:77:
03:aa:1c:d1:9a:b3:04:47:4b:a8:07:03:4f:b2:bd:
24:0e:9f:33:91:80:a3:14:b9:7b:98:c6:2c:9e:14:
96:d6:6e:cb:01:88:da:d8:e1:97:8d:96:ab:10:fa:
31:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:47:DD:7B:F2:64:11:B1:EF:D6:31:AC:7E:BE:52:9C:92:FB:0E:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
78:46:76:54:21:00:0a:c4:53:e2:2b:ed:fb:4f:cd:4b:9c:a0:
b0:6a:7e:76:ff:61:ea:5b:2b:88:f4:4c:4e:d6:bc:9a:11:3a:
e1:5f:da:a7:ac:2f:ae:df:f2:ac:5d:00:b7:ae:b5:31:9f:c2:
6a:c6:23:c2:c4:aa:b3:6e:9a:95:df:17:fd:6c:e4:5e:e5:7a:
59:13:72:03:b1:91:0d:2d:b9:86:32:44:08:e6:21:f7:10:63:
7d:15:5c:09:8e:0c:0c:62:dd:83:4c:b3:2f:db:7f:4a:3c:80:
1c:1e:d2:0d:d7:b1:cf:69:da:50:f8:b5:4b:75:37:5b:26:96:
f1:ac:9a:c5:49:4d:a9:22:81:88:aa:11:9e:b8:28:a6:fa:d1:
2e:8b:42:bb:e7:cf:cf:b3:69:fd:25:e0:ab:c8:89:ae:34:d6:
35:d8:d2:16:b5:5d:b7:5b:07:2d:57:02:31:5b:f4:70:19:b6:
7b:4d:91:1c:79:3d:72:58:00:95:cc:33:9d:50:11:85:3a:17:
a8:42:25:47:0f:18:2b:e1:7a:50:56:de:46:31:c5:18:c3:1e:
bb:5c:56:d9:52:65:d9:41:ab:2e:01:68:06:a1:4d:3c:9a:7e:
2b:fb:6c:c5:e9:9c:3e:6c:95:8b:21:3c:9e:ab:19:1d:23:28:
5a:3b:17:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURADfddzGbvKvTmZi2KC+UaxND6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQxMDhaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYmIyNzljMjVkYjc1NTNiMjVhM2Q3NjEzYjJkNmY0ZmVlMjM0YmRkZmQz
MGI2MzcwMTQ1YTgwMDc4MDMwZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVnqXBJCxeoc1cbno2T7Tv1iTh6Pzv94iv0CIa8paymTXDpZQ2m12ZO6Y4W
UH4ObfTT8tjhns4nHo75UDhT9ey0gJnPbNOYMbwXTQcdprSRi4/i8Jm9XGqKMJ4g
54znbyRlinAXGnlyKLFzfgF28j46wED1eLGJ6bVKXReaUWbOyX1So1zxVKmuv0RM
xl3Pf0QCN4GzQEgZ69a6oIzjN0ZJapck6eyJgsnDfBNikzAkm7ADLEnfs2rowATV
2tgjuXlgVvMbg1WwU6Ly2uazUD93A6oc0ZqzBEdLqAcDT7K9JA6fM5GAoxS5e5jG
LJ4UltZuywGI2tjhl42WqxD6MacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcR917
8mQRse/WMax+vlKckvsONDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQB4RnZUIQAKxFPiK+37T81LnKCwan52/2HqWyuI
9ExO1ryaETrhX9qnrC+u3/KsXQC3rrUxn8JqxiPCxKqzbpqV3xf9bORe5XpZE3ID
sZENLbmGMkQI5iH3EGN9FVwJjgwMYt2DTLMv239KPIAcHtIN17HPadpQ+LVLdTdb
JpbxrJrFSU2pIoGIqhGeuCim+tEui0K758/Ps2n9JeCryImuNNY12NIWtV23Wwct
VwIxW/RwGbZ7TZEceT1yWACVzDOdUBGFOheoQiVHDxgr4XpQVt5GMcUYwx67XFbZ
UmXZQasuAWgGoU08mn4r+2zF6Zw+bJWLITyeqxkdIyhaOxew
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net