Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: a3t3wW20xWvAiGJmF+dRd725T7mxVqP8ftRz/mv/BTY=
Subject key identifier: 63:0B:F3:AE:66:EB:88:E5:A1:F6:7A:45:F6:57:AD:CF:17:DC:56:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04C554AF8AFCF385B078E650BB1945EE11453E9D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Mon 31 Mar 2025 20:50:08 +0000
ROA not before: Mon 31 Mar 2025 20:50:08 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:c5:54:af:8a:fc:f3:85:b0:78:e6:50:bb:19:45:ee:11:45:3e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:50:08 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=06eb0a38649e21cf07557255cf0bd0f94b9300ef8e78b5d6b0a5318e568db3cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c4:74:0f:ba:2a:96:de:31:1f:18:91:7e:6c:
ce:99:36:53:c7:4b:ad:19:6a:08:ea:b3:13:39:09:
4c:a8:ea:51:14:09:88:04:d7:f3:95:56:fe:17:fa:
d4:10:76:16:f7:00:53:56:78:d4:d9:0e:16:24:2d:
78:c8:b2:ae:fe:43:04:67:9a:9d:e5:29:8f:c3:bb:
32:55:e7:8e:c2:be:b4:03:fc:67:d0:86:fc:c3:f4:
6c:4a:bd:40:c0:15:25:18:4f:59:99:a8:35:df:58:
52:4a:28:2c:e3:3a:37:bb:b9:61:30:ad:9a:42:67:
4f:88:7c:e0:7c:7e:ff:ab:2f:21:7e:11:ad:e2:ae:
be:30:f6:83:df:a2:ae:bf:24:b3:af:0c:33:5b:d0:
41:6d:24:ac:11:a5:65:ab:05:fb:63:18:3e:c3:64:
b4:bd:19:67:8c:b0:90:88:37:d6:95:b1:7e:89:09:
a6:31:b9:7c:79:49:cd:05:df:59:c9:1d:28:cd:37:
75:32:e6:e2:3b:92:f9:21:94:85:79:79:de:5a:f5:
52:7c:83:c0:ce:e9:5b:b7:d1:0b:99:3a:1b:b6:9d:
c0:eb:78:e7:be:50:61:3e:a9:44:fa:db:89:9d:56:
8b:25:58:e6:bb:99:74:73:80:6d:24:be:f2:aa:87:
73:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0B:F3:AE:66:EB:88:E5:A1:F6:7A:45:F6:57:AD:CF:17:DC:56:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
69:9e:03:d7:8f:97:94:b6:38:c7:ba:a2:a9:46:b3:7d:30:58:
b9:82:08:49:14:b9:80:f3:6d:21:3a:42:10:9e:6f:b8:28:2b:
7c:a8:c3:4e:30:d5:7b:cc:d5:12:dd:87:5a:a2:44:f2:96:ec:
b8:81:a0:87:ea:5c:6f:c8:b0:9c:dd:66:30:25:53:51:80:c4:
60:10:c1:3d:b9:13:7c:09:20:05:c8:ec:65:31:36:55:33:4f:
bb:93:85:87:27:5a:d1:05:3b:74:c6:ba:5a:8c:48:72:9a:3c:
50:26:47:7c:5e:d2:ab:24:30:1c:7f:dd:99:ee:1c:11:32:5e:
35:df:1e:eb:8f:7e:67:d3:61:c6:91:09:a3:55:df:6f:02:e7:
ab:09:fc:b4:a1:fe:91:af:19:26:7e:52:5f:a4:f1:0d:45:b0:
ba:3e:15:3d:09:07:40:a1:f3:89:5e:2d:70:bf:fd:f9:48:26:
48:36:2d:b4:18:56:e8:e1:8c:ef:31:38:0c:2c:2e:25:d3:b4:
f0:47:d8:4a:3c:4a:ff:03:04:52:3e:01:c1:a2:1d:9b:98:85:
86:e9:ba:9c:05:f4:8d:5e:f8:55:08:53:18:73:07:25:4d:9d:
14:7e:56:8c:dc:66:bc:56:ec:4d:93:f3:e9:87:df:83:88:e7:
66:2f:64:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBMVUr4r884WweOZQuxlF7hFFPp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUwMDhaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZWIwYTM4NjQ5ZTIxY2YwNzU1NzI1NWNmMGJkMGY5NGI5MzAwZWY4ZTc4
YjVkNmIwYTUzMThlNTY4ZGIzY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3EdA+6KpbeMR8YkX5szpk2U8dLrRlqCOqzEzkJTKjqURQJiATX85VW/hf6
1BB2FvcAU1Z41NkOFiQteMiyrv5DBGeaneUpj8O7MlXnjsK+tAP8Z9CG/MP0bEq9
QMAVJRhPWZmoNd9YUkooLOM6N7u5YTCtmkJnT4h84Hx+/6svIX4RreKuvjD2g9+i
rr8ks68MM1vQQW0krBGlZasF+2MYPsNktL0ZZ4ywkIg31pWxfokJpjG5fHlJzQXf
WckdKM03dTLm4juS+SGUhXl53lr1UnyDwM7pW7fRC5k6G7adwOt4575QYT6pRPrb
iZ1WiyVY5ruZdHOAbSS+8qqHczsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjC/Ou
ZuuI5aH2ekX2V63PF9xWIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpngPXj5eUtjjHuqKpRrN9MFi5gghJFLmA820h
OkIQnm+4KCt8qMNOMNV7zNUS3YdaokTyluy4gaCH6lxvyLCc3WYwJVNRgMRgEME9
uRN8CSAFyOxlMTZVM0+7k4WHJ1rRBTt0xrpajEhymjxQJkd8XtKrJDAcf92Z7hwR
Ml413x7rj35n02HGkQmjVd9vAuerCfy0of6RrxkmflJfpPENRbC6PhU9CQdAofOJ
Xi1wv/35SCZINi20GFbo4YzvMTgMLC4l07TwR9hKPEr/AwRSPgHBoh2bmIWG6bqc
BfSNXvhVCFMYcwclTZ0UflaM3Ga8VuxNk/Pph9+DiOdmL2RD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net