Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a039a10b-545b-441d-bef2-b67325de50a1.roa
File: a039a10b-545b-441d-bef2-b67325de50a1.roa (raw, json)
Hash identifier: hDheECeiiVoCD0QeAUdBusmoHQ2YBgf0foLRtjuJGVE=
Subject key identifier: E3:9D:9C:A1:8E:D6:F8:FF:BD:F5:E1:B0:75:9F:F2:32:53:DE:88:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74BD4D50167E17A69C56143C3F5CA132D3B77662
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a039a10b-545b-441d-bef2-b67325de50a1.roa
Signing time: Mon 31 Mar 2025 20:40:43 +0000
ROA not before: Mon 31 Mar 2025 20:40:43 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:bd:4d:50:16:7e:17:a6:9c:56:14:3c:3f:5c:a1:32:d3:b7:76:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:40:43 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=2e5a6439efd06308fb20ccc1cff598bf09f86342e672358752a8cdfadb8aa593, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:3d:07:18:37:c4:79:fc:86:5c:3e:d6:a6:
cb:63:a0:d0:90:b0:1a:25:a7:9d:58:05:29:0f:ec:
93:a5:eb:88:88:f9:ad:a8:d2:34:93:5b:b6:69:58:
6a:a3:0d:fa:44:14:a8:d7:3e:ae:38:0d:4c:3f:33:
87:7c:82:c2:b9:58:2c:a2:ca:6c:8d:09:67:42:64:
fe:da:5a:af:7f:de:07:7a:be:7e:5b:43:39:3f:92:
f8:1e:d2:42:dd:f8:9f:4f:3b:bf:02:3b:b1:14:ff:
2e:2d:f7:3f:3d:c9:84:27:15:3f:21:90:fe:c4:c8:
99:1c:ce:ea:a0:ea:49:49:ff:cb:7f:34:16:af:d0:
61:10:ef:98:46:f2:9a:28:30:a4:47:12:97:e7:fc:
92:8b:e9:3c:c8:d1:41:11:9b:0e:80:68:5b:15:f8:
0a:f7:bb:b7:85:f9:0e:87:1f:44:0f:22:cd:d6:3d:
bc:68:56:1c:07:c5:d1:5c:61:e8:93:67:ce:44:be:
79:17:f2:31:fd:2d:ad:29:b3:c8:cd:1a:00:2a:01:
4b:e5:75:da:67:35:e9:39:ff:4a:45:29:cc:1a:93:
46:03:a5:c8:38:20:17:95:c0:22:7b:3b:3a:7e:7d:
38:3d:2c:d9:8d:0c:79:4c:88:27:e2:3c:b2:80:ec:
99:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:9D:9C:A1:8E:D6:F8:FF:BD:F5:E1:B0:75:9F:F2:32:53:DE:88:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a039a10b-545b-441d-bef2-b67325de50a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:92:8d:c9:d0:04:61:ad:01:2d:e9:7c:94:35:7a:c0:88:5d:
7f:32:c6:13:87:6b:49:3d:7e:b5:68:9d:69:fe:06:b4:78:a8:
18:d4:ae:5d:a3:06:0f:bc:3f:23:96:6d:57:b8:d6:dd:90:6a:
23:16:f7:98:db:0b:d0:51:00:d6:a2:9e:17:38:f8:e4:e3:f9:
0b:70:13:ed:fe:e7:09:57:9e:a8:7c:76:46:db:d6:57:33:48:
01:b9:4f:02:a6:3d:c7:fa:99:ea:31:2d:a5:88:78:27:c5:40:
c6:f4:12:64:14:e7:5a:1b:82:5e:9e:c7:10:50:5f:4d:e7:05:
2b:18:f1:51:ac:4f:f6:8a:fd:09:c2:88:38:67:7d:12:86:f9:
ee:4d:e5:b7:99:53:d9:6b:df:ac:0a:20:d1:07:47:d2:21:fb:
27:97:5d:cd:51:0e:fb:1b:ed:06:d6:85:37:e6:21:a3:bf:3b:
71:87:78:e1:5f:49:4d:98:43:38:03:eb:5d:6e:2c:f1:62:86:
d5:fc:3e:e3:2d:14:0d:0d:9a:2b:37:c3:41:51:78:39:6b:2d:
0f:6e:fa:49:3b:6a:1c:41:b5:06:e5:8f:61:01:d2:31:53:fc:
14:58:68:e8:00:5f:6f:ae:f1:f9:2d:7c:47:da:22:0e:c0:3b:
4d:55:f7:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdL1NUBZ+F6acVhQ8P1yhMtO3dmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQwNDNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNWE2NDM5ZWZkMDYzMDhmYjIwY2NjMWNmZjU5OGJmMDlmODYzNDJlNjcy
MzU4NzUyYThjZGZhZGI4YWE1OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvRPQcYN8R5/IZcPtamy2Og0JCwGiWnnVgFKQ/sk6XriIj5rajSNJNbtmlY
aqMN+kQUqNc+rjgNTD8zh3yCwrlYLKLKbI0JZ0Jk/tpar3/eB3q+fltDOT+S+B7S
Qt34n087vwI7sRT/Li33Pz3JhCcVPyGQ/sTImRzO6qDqSUn/y380Fq/QYRDvmEby
migwpEcSl+f8kovpPMjRQRGbDoBoWxX4Cve7t4X5DocfRA8izdY9vGhWHAfF0Vxh
6JNnzkS+eRfyMf0trSmzyM0aACoBS+V12mc16Tn/SkUpzBqTRgOlyDggF5XAIns7
On59OD0s2Y0MeUyIJ+I8soDsmbsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjnZyh
jtb4/7314bB1n/IyU96IpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTAzOWExMGItNTQ1Yi00NDFkLWJlZjItYjY3MzI1ZGU1MGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6ko3J0ARhrQEt6XyUNXrAiF1/MsYTh2tJPX61
aJ1p/ga0eKgY1K5dowYPvD8jlm1XuNbdkGojFveY2wvQUQDWop4XOPjk4/kLcBPt
/ucJV56ofHZG29ZXM0gBuU8Cpj3H+pnqMS2liHgnxUDG9BJkFOdaG4JenscQUF9N
5wUrGPFRrE/2iv0Jwog4Z30ShvnuTeW3mVPZa9+sCiDRB0fSIfsnl13NUQ77G+0G
1oU35iGjvztxh3jhX0lNmEM4A+tdbizxYobV/D7jLRQNDZorN8NBUXg5ay0PbvpJ
O2ocQbUG5Y9hAdIxU/wUWGjoAF9vrvH5LXxH2iIOwDtNVfe5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net