Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
File: bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa (raw, json)
Hash identifier: Lfw06SH12eF/+xY/hQogXU1Mtrbf9TaGyt8CXIBkoKQ=
Subject key identifier: A7:4C:29:32:45:3A:3A:5C:B1:97:BB:41:05:A2:54:A8:86:BB:93:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C89047A4EAB5B64B2EE74BB08B009248319F98A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
Signing time: Mon 31 Mar 2025 20:50:55 +0000
ROA not before: Mon 31 Mar 2025 20:50:55 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:89:04:7a:4e:ab:5b:64:b2:ee:74:bb:08:b0:09:24:83:19:f9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:50:55 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=14aefcf00cfffb64a32a50f3986dc5f1196a879c0712792917c9e99859eed7ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c7:ca:02:a0:b9:08:15:dc:59:4c:68:7f:bd:
d6:3a:a4:13:55:fa:93:93:b7:a0:3d:0c:33:50:c0:
1b:44:f3:a0:c9:46:06:ff:69:a5:f9:9d:7d:9b:13:
e2:99:1f:57:b2:3b:0a:c1:83:70:d5:bb:b6:39:be:
95:f9:d4:58:b8:30:c1:87:c1:b9:bc:29:67:01:32:
9c:fe:74:17:45:f3:6d:10:7a:53:b2:1e:77:6f:60:
04:ef:2f:88:f6:cc:db:18:09:78:88:e1:7f:ea:37:
b5:c2:b7:0f:74:8a:06:b3:e6:65:58:c2:44:e8:65:
55:41:3f:98:2c:bf:17:15:71:7c:ea:4e:31:15:05:
56:f1:d8:dd:0f:17:21:09:fa:1d:eb:f9:a9:40:3f:
70:6b:eb:31:a1:52:91:e6:86:92:11:aa:98:17:1f:
24:fa:40:27:4c:08:8d:39:1b:15:d5:0e:d3:87:e2:
58:f5:1e:73:d8:a1:50:f7:d1:9d:7f:96:ab:6d:54:
c6:5c:44:ec:9f:72:ad:f8:d2:df:63:bc:72:30:d4:
f1:2a:6d:4f:60:14:b3:0c:d3:69:91:04:f9:4f:3b:
40:2d:19:2e:94:e4:89:64:c0:35:9b:61:15:0d:d0:
b0:dc:ab:29:41:de:fe:dd:f5:2d:69:82:d7:0d:a3:
b3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4C:29:32:45:3A:3A:5C:B1:97:BB:41:05:A2:54:A8:86:BB:93:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:b000::/40
Signature Algorithm: sha256WithRSAEncryption
88:da:f3:b0:1f:bf:a0:d0:75:4e:07:fd:ca:b8:0c:90:42:4a:
a9:b4:60:8b:f9:84:94:a8:70:94:0c:41:fc:d2:36:05:d0:a6:
c7:b2:0b:0e:19:86:7f:19:1f:6c:77:ec:a0:36:49:9d:4a:6e:
8f:ec:ee:ed:da:c3:c6:9a:b4:72:e4:0f:55:f4:3b:aa:6b:83:
d5:7b:90:f0:18:15:53:e1:04:fb:e2:5b:4e:6a:f8:b2:48:55:
96:03:4d:cb:0d:15:1b:eb:e5:2d:3f:9d:c9:d8:8d:34:7d:4e:
a9:41:3b:64:dc:fc:d5:93:43:32:e3:e2:e4:00:5a:94:3f:6f:
67:85:a5:3e:16:ad:30:9b:eb:5a:b5:fb:75:3b:79:5e:8d:4b:
aa:3f:5e:b3:09:f3:f8:8a:40:da:98:bd:db:0a:cd:2c:80:0d:
a6:58:ab:5e:73:f8:b9:16:2f:25:d1:84:c1:e6:ec:11:79:e5:
e6:71:10:64:3f:08:72:a8:3b:17:3a:97:94:85:2d:ed:bf:2f:
2f:3d:f9:a4:b8:a0:57:23:91:32:f4:29:ec:e5:bb:6f:4f:aa:
2a:b8:49:3c:cc:00:0f:55:1d:c8:48:fa:07:15:13:b9:c7:80:
47:50:ff:03:74:29:de:84:6c:2c:9f:e7:cf:3b:50:40:77:3a:
a2:2f:e8:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDIkEek6rW2Sy7nS7CLAJJIMZ+YowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUwNTVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YWVmY2YwMGNmZmZiNjRhMzJhNTBmMzk4NmRjNWYxMTk2YTg3OWMwNzEy
NzkyOTE3YzllOTk4NTllZWQ3ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPHygKguQgV3FlMaH+91jqkE1X6k5O3oD0MM1DAG0TzoMlGBv9ppfmdfZsT
4pkfV7I7CsGDcNW7tjm+lfnUWLgwwYfBubwpZwEynP50F0XzbRB6U7Ied29gBO8v
iPbM2xgJeIjhf+o3tcK3D3SKBrPmZVjCROhlVUE/mCy/FxVxfOpOMRUFVvHY3Q8X
IQn6Hev5qUA/cGvrMaFSkeaGkhGqmBcfJPpAJ0wIjTkbFdUO04fiWPUec9ihUPfR
nX+Wq21UxlxE7J9yrfjS32O8cjDU8SptT2AUswzTaZEE+U87QC0ZLpTkiWTANZth
FQ3QsNyrKUHe/t31LWmC1w2jswsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnTCky
RTo6XLGXu0EFolSohruTcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmYxZGIwZjMtNmNhZC00ZmNjLTk2YzUtZGRkZTcwMGU2MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWw
MA0GCSqGSIb3DQEBCwUAA4IBAQCI2vOwH7+g0HVOB/3KuAyQQkqptGCL+YSUqHCU
DEH80jYF0KbHsgsOGYZ/GR9sd+ygNkmdSm6P7O7t2sPGmrRy5A9V9Duqa4PVe5Dw
GBVT4QT74ltOaviySFWWA03LDRUb6+UtP53J2I00fU6pQTtk3PzVk0My4+LkAFqU
P29nhaU+Fq0wm+tatft1O3lejUuqP16zCfP4ikDamL3bCs0sgA2mWKtec/i5Fi8l
0YTB5uwReeXmcRBkPwhyqDsXOpeUhS3tvy8vPfmkuKBXI5Ey9Cns5btvT6oquEk8
zAAPVR3ISPoHFRO5x4BHUP8DdCnehGwsn+fPO1BAdzqiL+hG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net