Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: T41XUL0KXiwsYQgDlUV/pK6bL9j8bAEpyqQaqX0NoSU=
Subject key identifier: 91:88:6A:6E:46:88:A4:4A:44:39:11:65:71:79:A1:CE:10:95:AF:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46A136E3128145007C1B11BA4AE7D534ED2AA278
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Mon 31 Mar 2025 21:00:58 +0000
ROA not before: Mon 31 Mar 2025 21:00:58 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:a1:36:e3:12:81:45:00:7c:1b:11:ba:4a:e7:d5:34:ed:2a:a2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:00:58 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=8df8c1105c15c3c45a7c15b946259fd826ea7c4db7c0444679ffdfda55b90c23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a6:ee:01:1a:5a:75:3d:c2:ec:e5:95:1a:ac:
e8:e6:c3:c4:9f:a3:ba:1c:bf:1a:2f:46:9e:df:62:
87:de:ce:3a:7a:41:f4:e1:e6:6b:c0:6c:54:b6:2a:
85:d7:6c:78:be:a8:e5:49:1e:5b:40:fe:8a:68:1a:
3f:df:59:0f:8c:70:f7:6c:30:36:87:8e:a8:da:fc:
c4:36:57:b9:94:a7:cf:97:86:52:18:86:86:32:87:
35:41:22:1f:04:2b:a3:c5:4a:b6:21:6f:64:4b:f5:
80:4d:09:45:6e:db:02:bc:dc:ec:83:74:49:8d:e0:
f2:11:87:b4:c6:81:76:20:fb:74:ef:6e:98:04:4a:
44:e2:56:42:6f:df:03:ba:9a:a2:b8:2c:39:6a:c8:
4e:1d:ef:ea:ef:1c:3e:5a:4a:c9:b4:0f:e7:e9:28:
af:a1:1f:a5:6f:53:8c:c7:1f:0d:8f:c2:11:fb:70:
c1:56:73:f8:c9:be:4d:55:b0:06:b7:68:5f:55:1a:
e2:ee:5e:dd:df:0f:0e:b6:c2:05:49:a0:95:db:99:
e4:06:49:56:c8:ee:05:bf:f0:ed:73:ea:45:68:3a:
f4:07:4d:67:04:dd:5f:34:e8:7c:e3:c3:5b:16:f9:
b3:cb:a6:f1:a0:b3:43:9e:2a:a3:d6:da:ca:98:27:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:88:6A:6E:46:88:A4:4A:44:39:11:65:71:79:A1:CE:10:95:AF:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
5d:51:a5:62:81:00:92:27:f5:25:71:78:ab:cf:4f:7e:52:34:
5b:df:b8:bd:a1:e3:f5:ca:d8:23:4e:a8:fe:ad:a9:a2:62:46:
0a:6c:cc:6f:54:d1:1d:2e:91:90:71:a7:bb:ac:63:dd:58:29:
a5:67:7c:90:45:09:e4:9a:a2:4c:73:bd:bf:39:ed:c4:fb:89:
33:6d:ac:aa:ef:ad:ec:d6:db:70:3b:5c:54:a5:d9:f9:1d:b8:
3c:80:93:aa:7d:8e:d8:fb:bc:78:a9:14:23:67:00:f6:b8:b1:
7f:2f:16:ce:7a:fa:12:ca:f3:2a:c5:ed:da:83:f9:e6:d0:09:
45:bf:76:8c:3e:2a:87:bc:9c:43:09:77:34:86:9b:87:a1:fd:
7c:84:64:6f:a0:dd:9b:f3:ad:e4:27:14:a1:77:d8:dd:14:29:
28:b7:24:80:6d:c5:9b:12:1c:cc:cc:58:38:d1:9c:29:68:72:
d8:24:60:a7:27:93:75:8b:9b:60:ff:e6:93:a7:8f:13:1b:65:
e3:38:7d:f9:9c:50:fc:55:4b:0c:c4:55:b8:8f:bd:40:92:ec:
96:01:b5:16:e6:aa:e8:83:09:20:63:e4:ff:b0:7a:cc:20:71:
b8:c7:43:65:51:f7:c8:db:2c:db:b6:ca:dd:d7:7e:8d:67:76:
b9:ff:f2:d8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIURqE24xKBRQB8GxG6SufVNO0qongwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTAwNThaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZjhjMTEwNWMxNWMzYzQ1YTdjMTViOTQ2MjU5ZmQ4MjZlYTdjNGRiN2Mw
NDQ0Njc5ZmZkZmRhNTViOTBjMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGm7gEaWnU9wuzllRqs6ObDxJ+juhy/Gi9Gnt9ih97OOnpB9OHma8BsVLYq
hddseL6o5UkeW0D+imgaP99ZD4xw92wwNoeOqNr8xDZXuZSnz5eGUhiGhjKHNUEi
HwQro8VKtiFvZEv1gE0JRW7bArzc7IN0SY3g8hGHtMaBdiD7dO9umARKROJWQm/f
A7qaorgsOWrITh3v6u8cPlpKybQP5+kor6EfpW9TjMcfDY/CEftwwVZz+Mm+TVWw
BrdoX1Ua4u5e3d8PDrbCBUmglduZ5AZJVsjuBb/w7XPqRWg69AdNZwTdXzTofOPD
Wxb5s8um8aCzQ54qo9baypgnKLsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSRiGpu
RoikSkQ5EWVxeaHOEJWvfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBAF1RpWKBAJIn9SVxeKvPT35SNFvfuL2h4/XK2CNO
qP6tqaJiRgpszG9U0R0ukZBxp7usY91YKaVnfJBFCeSaokxzvb857cT7iTNtrKrv
rezW23A7XFSl2fkduDyAk6p9jtj7vHipFCNnAPa4sX8vFs56+hLK8yrF7dqD+ebQ
CUW/dow+Koe8nEMJdzSGm4eh/XyEZG+g3ZvzreQnFKF32N0UKSi3JIBtxZsSHMzM
WDjRnCloctgkYKcnk3WLm2D/5pOnjxMbZeM4ffmcUPxVSwzEVbiPvUCS7JYBtRbm
quiDCSBj5P+weswgcbjHQ2VR98jbLNu2yt3Xfo1ndrn/8tg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:14 2025 by rpki-client on console.sobornost.net