Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
File: d735e06b-da70-43f9-a07c-a9978bc62606.roa (raw, json)
Hash identifier: YmdnbRHd88DTxqaPvq/ppbp5FjoUthCKy9n86Sz5me8=
Subject key identifier: E4:3F:E0:2D:80:5D:91:73:E2:F9:84:28:A0:28:33:A7:B7:B0:14:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14A906BA09A9104964F4BE7075AD2427DA4E80B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a9:06:ba:09:a9:10:49:64:f4:be:70:75:ad:24:27:da:4e:80:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: serialNumber=55222746f01a18b2943b2a730c5396bf610e2aa24cd8fa59eca46a8a40d67548, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0b:b0:81:cd:6f:61:40:1a:e1:65:4b:b7:80:
b5:b6:20:a8:86:c8:44:6e:5f:78:9d:6c:1c:37:93:
5c:f1:9d:ef:9e:06:61:83:e5:6a:b6:d8:1c:75:25:
ab:87:4b:f2:31:6f:05:d2:27:46:1b:79:4d:fd:19:
b7:8e:5c:d3:d0:23:3b:76:85:f9:7d:8f:b2:06:7e:
a5:14:61:20:c6:7a:e0:43:f6:89:c5:f6:8f:a0:eb:
4c:15:a4:8a:c7:ff:d4:37:e6:d0:e5:6f:38:31:0f:
21:fa:20:91:74:b7:64:5e:28:41:8a:b9:9c:f6:a9:
d8:00:6a:36:d2:df:1d:35:66:52:b6:ca:da:60:f0:
7d:0c:be:96:57:af:a8:29:cb:5e:de:3a:88:d5:d6:
ed:90:db:44:37:2c:b1:d3:84:22:e0:7f:54:9d:67:
c6:a3:45:e7:a5:35:c2:c1:42:a1:e4:1e:8f:35:03:
fb:7a:ca:bb:e4:01:e5:80:99:b7:c0:a5:23:bd:1b:
cc:dc:35:3e:80:07:ca:a2:bb:ed:68:c1:fc:18:c2:
2b:36:99:fe:f9:dc:84:93:37:36:d9:c9:70:50:c2:
75:bb:02:4d:d6:fe:6f:18:a1:4c:e7:e5:1d:f1:31:
65:3b:c1:6c:71:ee:a4:28:0f:b3:66:7c:8c:6a:5b:
7b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3F:E0:2D:80:5D:91:73:E2:F9:84:28:A0:28:33:A7:B7:B0:14:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:ed:1b:33:47:8f:49:2f:49:7f:6e:b1:88:a7:ea:03:a5:88:
f5:73:30:5f:2d:c9:1b:82:0f:67:5a:c7:6f:8b:67:f3:13:48:
18:0a:14:39:7a:97:26:25:4f:6d:dc:bc:6a:29:14:ba:16:f6:
0d:24:f2:71:ba:c2:14:bf:a5:18:46:80:98:7c:0f:3f:78:5d:
ef:66:82:3e:38:3b:2e:15:bf:8b:6d:bb:c5:91:57:69:44:b8:
37:a7:a6:1e:52:af:9e:1d:3e:dd:63:32:82:a4:04:d0:dd:bf:
c3:94:a8:e4:ef:af:a1:8b:16:0e:b7:4e:5d:0a:f1:1e:47:63:
73:8c:a0:be:f4:8d:37:4d:88:b1:7c:7b:95:50:e8:b0:ea:2d:
15:8f:3e:c1:d5:9f:c4:08:0b:71:68:b9:2b:9b:dd:c7:94:2c:
1e:ef:73:70:44:27:3d:b2:d1:b3:5c:9e:66:1d:ec:b5:3d:8d:
64:af:b4:33:7f:32:2d:86:52:07:3c:05:7e:2c:00:9d:d0:35:
99:a1:3c:8d:96:9d:14:11:95:5b:72:c6:96:b3:51:54:c7:07:
05:92:c7:b9:1e:4a:34:c0:5f:32:00:46:8b:73:d6:83:68:a0:
c1:05:82:74:69:0f:56:17:1c:0d:8f:bf:77:7e:ad:29:39:aa:
a9:9b:f5:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFKkGugmpEElk9L5wda0kJ9pOgLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1MjIyNzQ2ZjAxYTE4YjI5NDNiMmE3MzBjNTM5NmJmNjEwZTJhYTI0Y2Q4
ZmE1OWVjYTQ2YThhNDBkNjc1NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkLsIHNb2FAGuFlS7eAtbYgqIbIRG5feJ1sHDeTXPGd754GYYPlarbYHHUl
q4dL8jFvBdInRht5Tf0Zt45c09AjO3aF+X2PsgZ+pRRhIMZ64EP2icX2j6DrTBWk
isf/1Dfm0OVvODEPIfogkXS3ZF4oQYq5nPap2ABqNtLfHTVmUrbK2mDwfQy+llev
qCnLXt46iNXW7ZDbRDcssdOEIuB/VJ1nxqNF56U1wsFCoeQejzUD+3rKu+QB5YCZ
t8ClI70bzNw1PoAHyqK77WjB/BjCKzaZ/vnchJM3NtnJcFDCdbsCTdb+bxihTOfl
HfExZTvBbHHupCgPs2Z8jGpbey0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkP+At
gF2Rc+L5hCigKDOnt7AUBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDczNWUwNmItZGE3MC00M2Y5LWEwN2MtYTk5NzhiYzYyNjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC27RszR49JL0l/brGIp+oDpYj1czBfLckbgg9n
Wsdvi2fzE0gYChQ5epcmJU9t3LxqKRS6FvYNJPJxusIUv6UYRoCYfA8/eF3vZoI+
ODsuFb+LbbvFkVdpRLg3p6YeUq+eHT7dYzKCpATQ3b/DlKjk76+hixYOt05dCvEe
R2NzjKC+9I03TYixfHuVUOiw6i0Vjz7B1Z/ECAtxaLkrm93HlCwe73NwRCc9stGz
XJ5mHey1PY1kr7QzfzIthlIHPAV+LACd0DWZoTyNlp0UEZVbcsaWs1FUxwcFkse5
Hko0wF8yAEaLc9aDaKDBBYJ0aQ9WFxwNj793fq0pOaqpm/Vd
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:17 2024 by rpki-client on console.sobornost.net