Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: 11FX+B0OaBzxaZjUtu1Uiv9xDTMr3ntlkQNU4+VMlbg=
Subject key identifier: 57:D9:AA:E7:1C:C0:2A:FC:D2:76:E2:DA:9A:DE:E6:28:F7:C3:09:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A574EAF778DE46DFE174B9CBA5ABAE17DD0593A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Mon 31 Mar 2025 20:00:17 +0000
ROA not before: Mon 31 Mar 2025 20:00:17 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:57:4e:af:77:8d:e4:6d:fe:17:4b:9c:ba:5a:ba:e1:7d:d0:59:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:00:17 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=4712d89ffbf9615925598f500d9aa0516ec7a9e88996030de83d2270dadf96e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:89:6b:31:e1:f4:f4:52:bf:6f:b5:20:f3:
2b:fa:3a:46:be:ac:2e:ef:65:90:ce:d8:1e:6e:6f:
32:e2:83:4b:80:cf:08:15:b2:c4:a4:5a:5f:90:9f:
25:e2:c4:db:82:86:09:ea:96:a9:3a:0f:a5:19:36:
fb:9c:fc:07:2c:17:04:f5:24:a9:a0:90:14:03:26:
52:02:a7:8f:77:c8:67:a4:03:60:1d:39:a8:a3:ad:
ac:9b:6a:1b:5d:83:4c:fc:cb:35:13:e9:eb:d9:1b:
20:9d:d8:f3:f4:72:3d:95:be:c8:e9:35:b6:9e:47:
d3:b5:42:e2:5c:1e:29:66:88:b8:f8:95:9e:7a:fd:
fd:74:d3:a7:42:72:b3:86:aa:01:25:a2:cd:5d:9a:
38:90:d1:a3:c1:28:0a:0f:83:8c:e5:12:1a:88:ef:
7d:30:45:1a:2f:e6:f2:1a:1c:ee:90:31:44:62:b2:
f0:e0:d9:53:6c:c0:63:0d:28:00:ec:15:3c:2c:da:
34:2a:e1:be:41:f1:0d:ca:f2:2f:ce:5e:bf:06:ae:
fa:7e:05:e4:84:73:35:23:be:db:e3:20:85:73:69:
94:3b:de:9f:bd:8d:e9:bb:99:68:f8:a7:10:09:c6:
97:c4:b4:1c:8d:63:20:0e:52:2d:0d:a2:9f:50:40:
98:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D9:AA:E7:1C:C0:2A:FC:D2:76:E2:DA:9A:DE:E6:28:F7:C3:09:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
6e:b8:62:93:41:23:06:8f:19:b0:e5:44:b1:94:46:8d:60:5d:
b7:b5:ce:14:e6:21:e4:97:79:93:e1:7e:49:9c:78:34:c7:1c:
5b:a1:4c:81:61:9d:70:8f:f4:30:04:96:b2:e7:4d:0d:11:05:
8c:61:1f:58:c3:06:d8:54:6e:b1:92:9a:09:5c:5f:ee:bd:af:
72:b5:86:e2:20:a9:81:75:64:61:e7:f8:0a:35:1c:2c:59:ef:
32:0b:9d:ca:a2:14:6a:8e:4c:78:c9:7a:e1:94:be:a6:e2:9b:
94:28:25:94:d1:5e:31:e1:67:47:dd:d4:4a:64:28:30:68:e7:
22:a6:93:ac:a5:3d:df:c3:c1:00:e6:1c:ac:65:a8:02:ca:12:
71:4c:c2:1b:1e:30:cc:6b:2d:df:9b:f9:6a:ee:a1:c7:47:a5:
14:ec:fd:8c:30:3c:b2:8f:ba:11:79:90:be:37:6b:f0:63:3e:
17:b3:a6:de:74:a3:ce:3e:07:d8:b9:1c:d5:a5:e6:97:14:64:
c0:f5:d2:61:40:89:e7:e2:cd:f8:b0:83:1b:b4:af:38:25:a1:
2e:0e:67:1d:8f:0f:52:4a:fe:05:9c:c8:d6:d3:fb:51:35:93:
8a:01:66:f5:04:1f:77:b5:01:e4:bc:ce:55:64:8a:f9:5e:e4:
db:35:c1:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaldOr3eN5G3+F0uculq64X3QWTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAwMTdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MTJkODlmZmJmOTYxNTkyNTU5OGY1MDBkOWFhMDUxNmVjN2E5ZTg4OTk2
MDMwZGU4M2QyMjcwZGFkZjk2ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3FiWsx4fT0Ur9vtSDzK/o6Rr6sLu9lkM7YHm5vMuKDS4DPCBWyxKRaX5Cf
JeLE24KGCeqWqToPpRk2+5z8BywXBPUkqaCQFAMmUgKnj3fIZ6QDYB05qKOtrJtq
G12DTPzLNRPp69kbIJ3Y8/RyPZW+yOk1tp5H07VC4lweKWaIuPiVnnr9/XTTp0Jy
s4aqASWizV2aOJDRo8EoCg+DjOUSGojvfTBFGi/m8hoc7pAxRGKy8ODZU2zAYw0o
AOwVPCzaNCrhvkHxDcryL85evwau+n4F5IRzNSO+2+MghXNplDven72N6buZaPin
EAnGl8S0HI1jIA5SLQ2in1BAmEkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRX2arn
HMAq/NJ24tqa3uYo98MJNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAbrhik0EjBo8ZsOVEsZRGjWBdt7XOFOYh5Jd5
k+F+SZx4NMccW6FMgWGdcI/0MASWsudNDREFjGEfWMMG2FRusZKaCVxf7r2vcrWG
4iCpgXVkYef4CjUcLFnvMgudyqIUao5MeMl64ZS+puKblCgllNFeMeFnR93USmQo
MGjnIqaTrKU938PBAOYcrGWoAsoScUzCGx4wzGst35v5au6hx0elFOz9jDA8so+6
EXmQvjdr8GM+F7Om3nSjzj4H2Lkc1aXmlxRkwPXSYUCJ5+LN+LCDG7SvOCWhLg5n
HY8PUkr+BZzI1tP7UTWTigFm9QQfd7UB5LzOVWSK+V7k2zXBTQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net