Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c056757c-bb27-4ef4-91ff-67b9307d3085.roa
File: c056757c-bb27-4ef4-91ff-67b9307d3085.roa (raw, json)
Hash identifier: XCjfmNj/yoTQ+KwrGWSe8KQgCAKPgVlP7QLAN01E9Ew=
Subject key identifier: DF:44:44:7B:A5:24:04:25:22:9A:F6:25:F2:7D:BE:69:0C:F4:09:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 512E512D3BB73250078438AA3F87581EDE6F9530
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c056757c-bb27-4ef4-91ff-67b9307d3085.roa
Signing time: Mon 31 Mar 2025 19:51:36 +0000
ROA not before: Mon 31 Mar 2025 19:51:36 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:50c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:2e:51:2d:3b:b7:32:50:07:84:38:aa:3f:87:58:1e:de:6f:95:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:51:36 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=775ed466d868172983dc5b71f6400cea916fc8dee2cb5015b7715c8451bad8f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:89:2c:3c:d7:66:7c:bd:5a:7e:5d:3b:99:
11:9b:12:62:e0:02:44:cc:12:b9:8b:0e:02:19:23:
10:89:a7:75:46:d4:ea:54:a6:a9:e6:16:68:d8:81:
c3:f9:cb:8d:b4:0a:4e:a0:7d:bc:4d:b8:f7:b3:99:
46:c0:87:64:20:df:1e:07:89:9d:b5:42:7f:3a:4d:
ce:0a:3c:9d:e6:dc:f2:61:57:58:b7:69:75:0f:6f:
aa:ac:b6:1a:69:6c:12:04:38:6d:c6:1b:3b:b2:3d:
8c:a2:08:25:5a:3d:a8:fa:7e:21:ab:92:7f:9c:ac:
ca:83:a9:fa:b0:58:02:ab:23:a5:77:15:35:43:e6:
cb:c7:a8:d1:7c:1c:64:6b:eb:63:15:0d:01:8e:e2:
8f:84:26:dd:b4:81:fa:6a:0d:8d:94:db:cf:02:b6:
b6:e3:b9:47:bb:0b:f8:57:bb:29:64:32:89:fc:0e:
37:0f:48:8b:11:7b:e2:f3:ea:28:ff:bc:7e:e3:ee:
6f:20:4b:fd:db:3c:0e:5f:d7:a9:cd:86:fd:a4:ea:
77:bd:be:74:b6:12:36:d1:ce:8f:dc:96:a4:62:b8:
a3:4f:7d:88:b3:55:e9:6d:f0:4f:28:8c:7a:3d:2a:
30:77:6e:30:e4:e3:3c:1b:cc:e5:7f:d8:84:18:4c:
72:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:44:44:7B:A5:24:04:25:22:9A:F6:25:F2:7D:BE:69:0C:F4:09:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c056757c-bb27-4ef4-91ff-67b9307d3085.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:63:70:7e:d7:9e:9e:a5:75:6b:d8:12:5a:31:1f:ac:bf:a6:
49:bb:91:3d:8c:18:b6:cb:87:fc:ed:3f:45:8e:cd:25:8f:aa:
44:78:d9:81:0b:b2:a4:66:74:dc:4c:b6:f8:35:f2:77:81:5b:
9b:a1:65:53:2b:26:94:f7:5f:e7:1a:19:8f:20:25:3c:dd:da:
24:26:1f:3d:9d:fd:46:1e:d4:17:50:0a:df:34:f5:ec:69:28:
be:19:29:82:1b:4f:fd:2f:3e:b5:1b:1d:a5:75:12:ff:c8:00:
74:8b:a8:33:8e:ee:ea:42:f2:ea:0b:94:7a:50:55:09:4f:64:
75:d5:6b:c1:7f:a4:6f:59:e5:24:cc:b8:a7:c2:a3:7b:b7:94:
6a:f7:28:1e:04:51:ab:b2:a2:00:7a:dd:46:25:32:76:29:a7:
31:f7:26:cf:ca:23:24:ef:87:fa:32:ea:44:79:a0:7e:ad:3f:
c6:04:a0:68:6b:c4:55:7a:d4:d0:67:c2:5d:8b:c9:5f:56:8b:
25:43:12:29:4e:b9:09:5b:c5:40:1c:e7:63:48:a0:8b:c9:4c:
e8:f1:7a:9a:ed:b3:19:05:93:65:e2:d2:40:84:8d:8a:bf:58:
9f:bb:11:98:df:fb:15:79:06:c4:08:bf:27:30:ae:8e:3d:f5:
79:48:29:07
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUS5RLTu3MlAHhDiqP4dYHt5vlTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUxMzZaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NWVkNDY2ZDg2ODE3Mjk4M2RjNWI3MWY2NDAwY2VhOTE2ZmM4ZGVlMmNi
NTAxNWI3NzE1Yzg0NTFiYWQ4ZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoliSw812Z8vVp+XTuZEZsSYuACRMwSuYsOAhkjEImndUbU6lSmqeYWaNiB
w/nLjbQKTqB9vE2497OZRsCHZCDfHgeJnbVCfzpNzgo8nebc8mFXWLdpdQ9vqqy2
GmlsEgQ4bcYbO7I9jKIIJVo9qPp+IauSf5ysyoOp+rBYAqsjpXcVNUPmy8eo0Xwc
ZGvrYxUNAY7ij4Qm3bSB+moNjZTbzwK2tuO5R7sL+Fe7KWQyifwONw9IixF74vPq
KP+8fuPubyBL/ds8Dl/Xqc2G/aTqd72+dLYSNtHOj9yWpGK4o099iLNV6W3wTyiM
ej0qMHduMOTjPBvM5X/YhBhMcgcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTfRER7
pSQEJSKa9iXyfb5pDPQJiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzA1Njc1N2MtYmIyNy00ZWY0LTkxZmYtNjdiOTMwN2QzMDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ
wDANBgkqhkiG9w0BAQsFAAOCAQEADGNwfteenqV1a9gSWjEfrL+mSbuRPYwYtsuH
/O0/RY7NJY+qRHjZgQuypGZ03Ey2+DXyd4Fbm6FlUysmlPdf5xoZjyAlPN3aJCYf
PZ39Rh7UF1AK3zT17GkovhkpghtP/S8+tRsdpXUS/8gAdIuoM47u6kLy6guUelBV
CU9kddVrwX+kb1nlJMy4p8Kje7eUavcoHgRRq7KiAHrdRiUydimnMfcmz8ojJO+H
+jLqRHmgfq0/xgSgaGvEVXrU0GfCXYvJX1aLJUMSKU65CVvFQBznY0igi8lM6PF6
mu2zGQWTZeLSQISNir9Yn7sRmN/7FXkGxAi/JzCujj31eUgpBw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net