Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: wMzP3cPxxo/miW2S1A5S7u441nLpmxSsRglA2QLESw8=
Subject key identifier: 58:99:EA:51:F9:06:35:EE:22:82:06:51:48:9A:8A:01:57:DF:18:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17672E2109AE3097892F3444AF5840D53C43A71A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Mon 31 Mar 2025 19:50:13 +0000
ROA not before: Mon 31 Mar 2025 19:50:13 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:67:2e:21:09:ae:30:97:89:2f:34:44:af:58:40:d5:3c:43:a7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:50:13 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=5738088647940d73ca5ddafcfe5bc8c3db89226b5e5496b32930d8bc5d8224fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c7:03:39:a8:73:a8:1f:00:dd:1c:20:8c:63:
72:2c:c7:09:22:8c:28:97:09:78:48:96:fa:2f:f1:
b3:b0:12:40:07:b6:91:df:9b:36:4a:2b:78:27:43:
00:7d:68:99:b1:f0:d3:32:53:79:6b:32:7d:9b:7a:
42:2c:06:cb:31:29:08:43:39:f8:a9:83:60:bf:70:
b9:fe:66:ea:54:6d:ae:c2:c8:55:a8:db:18:51:9e:
61:0a:15:c0:06:7a:ce:b3:a3:48:e4:5e:65:f7:79:
e1:55:fc:2e:cc:d5:d1:b9:8c:e4:b4:07:95:76:30:
71:b2:d8:d4:a6:19:1c:f4:33:dd:d6:ab:ca:f1:56:
ae:5e:fb:c3:a9:14:9a:bc:5d:7f:03:3e:96:16:df:
79:26:36:0c:86:f4:99:12:ed:a5:c1:dc:b3:19:5a:
db:54:b7:ec:63:10:a5:18:e1:b7:e1:e4:60:2e:dd:
46:b2:5f:99:29:36:02:c7:ec:35:8b:48:c2:87:16:
7e:2b:ec:99:fa:00:3e:28:61:dc:db:ab:9f:e9:ec:
0d:a3:d3:78:8b:a6:18:c0:76:f2:56:01:2e:13:b4:
e1:c2:63:f8:84:98:bd:0c:37:a8:82:bc:a2:30:28:
f5:33:28:ee:6f:75:e2:a6:2e:b6:cd:2b:14:ee:4f:
c4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:99:EA:51:F9:06:35:EE:22:82:06:51:48:9A:8A:01:57:DF:18:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
4e:95:68:b1:df:fe:31:41:eb:7b:7b:ae:00:b5:4a:50:f2:2e:
9c:ed:2a:f9:5f:75:8a:09:d3:8a:56:61:f6:46:27:ff:00:2f:
d7:c5:3a:a1:dd:01:f2:3d:e5:e5:04:f5:90:94:35:f7:13:fe:
1c:09:74:8e:50:57:e0:04:2b:b5:69:ec:92:63:05:17:a2:dd:
8d:9f:5e:a3:f7:7b:91:cf:42:0f:92:af:20:5e:8b:99:8d:5f:
af:6e:28:d3:5d:81:02:6b:bc:db:70:79:af:a3:a6:f7:7f:7d:
d6:95:14:5e:d5:20:43:89:88:85:6d:e4:36:07:fa:2c:54:b4:
e1:9c:d1:d1:a8:89:67:55:21:6e:14:61:06:66:41:a7:75:00:
99:81:86:91:e7:5f:3d:69:cd:2b:31:d5:31:e6:f0:17:67:1e:
fb:8e:d6:19:c6:4c:69:56:e4:15:e6:af:44:48:78:d4:1c:30:
dd:a9:68:c0:7e:51:80:96:98:db:2e:7e:b2:97:d8:b7:d6:14:
87:2f:51:05:c1:a0:d3:01:5d:be:34:b5:bb:da:42:f5:49:c7:
99:0d:59:5a:a4:c0:38:da:aa:a9:47:a1:40:1f:48:c7:5e:bc:
3d:31:7b:17:19:96:9e:3a:66:a8:e0:7e:d2:70:33:66:f7:d0:
0e:ba:8d:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF2cuIQmuMJeJLzREr1hA1TxDpxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUwMTNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3MzgwODg2NDc5NDBkNzNjYTVkZGFmY2ZlNWJjOGMzZGI4OTIyNmI1ZTU0
OTZiMzI5MzBkOGJjNWQ4MjI0ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvHAzmoc6gfAN0cIIxjcizHCSKMKJcJeEiW+i/xs7ASQAe2kd+bNkoreCdD
AH1ombHw0zJTeWsyfZt6QiwGyzEpCEM5+KmDYL9wuf5m6lRtrsLIVajbGFGeYQoV
wAZ6zrOjSOReZfd54VX8LszV0bmM5LQHlXYwcbLY1KYZHPQz3daryvFWrl77w6kU
mrxdfwM+lhbfeSY2DIb0mRLtpcHcsxla21S37GMQpRjht+HkYC7dRrJfmSk2Asfs
NYtIwocWfivsmfoAPihh3Nurn+nsDaPTeIumGMB28lYBLhO04cJj+ISYvQw3qIK8
ojAo9TMo7m914qYuts0rFO5PxMUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYmepR
+QY17iKCBlFImooBV98YVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEATpVosd/+MUHre3uuALVKUPIunO0q+V91ignT
ilZh9kYn/wAv18U6od0B8j3l5QT1kJQ19xP+HAl0jlBX4AQrtWnskmMFF6LdjZ9e
o/d7kc9CD5KvIF6LmY1fr24o012BAmu823B5r6Om93991pUUXtUgQ4mIhW3kNgf6
LFS04ZzR0aiJZ1UhbhRhBmZBp3UAmYGGkedfPWnNKzHVMebwF2ce+47WGcZMaVbk
FeavREh41Bww3alowH5RgJaY2y5+spfYt9YUhy9RBcGg0wFdvjS1u9pC9UnHmQ1Z
WqTAONqqqUehQB9Ix168PTF7FxmWnjpmqOB+0nAzZvfQDrqN4w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net