Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: XnKk+zymR+OnKNDt9H1C2XbURvg+D6maT57JTrcrEZo=
Subject key identifier: 6B:D4:DF:DE:4A:40:25:78:4C:F2:DC:EB:A1:B6:4D:43:D1:90:89:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11BA64DBADDFE2292FF206EA0DFA425899A9CB90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Mon 31 Mar 2025 19:50:04 +0000
ROA not before: Mon 31 Mar 2025 19:50:04 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ba:64:db:ad:df:e2:29:2f:f2:06:ea:0d:fa:42:58:99:a9:cb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:50:04 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=b379a592f8375224211a4cb515522c86f4974d29021fdfc78524eeb2b0022b53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:65:ad:97:8f:fa:3a:84:46:0d:c3:89:45:
d5:68:30:b9:e4:62:80:b6:55:a6:e1:f5:02:88:de:
2e:9e:03:c1:ab:19:c6:d9:ca:60:74:81:9d:f2:6e:
46:d9:73:17:da:d4:d2:f6:04:8b:1d:bc:42:f5:bd:
9a:70:58:aa:f6:8e:1a:87:eb:a2:1b:fb:ad:c7:63:
b3:fe:ab:9e:02:ca:ce:d8:72:83:92:ca:ec:eb:fe:
23:0e:ad:5b:dd:a2:34:91:3c:ae:fa:57:60:ff:71:
4d:26:54:93:c4:04:41:9d:11:43:58:09:86:dd:4b:
45:9e:d4:59:85:ca:f5:c6:dd:0d:fa:93:6f:bd:2d:
fe:6b:93:f4:64:17:ba:48:dd:6d:a3:cb:6c:2b:20:
af:60:80:47:f3:df:6b:f3:2c:3e:1d:4b:99:f7:55:
68:8a:3b:4f:76:1c:a9:54:16:b3:81:4e:d9:32:3e:
7c:5c:be:23:6a:5d:79:bb:8f:3d:81:0a:50:fd:c9:
04:19:16:90:01:c9:9a:20:89:10:51:5c:34:89:38:
b6:57:0b:bb:a7:04:af:99:4e:0a:2b:54:49:d0:4b:
39:49:5c:51:1b:1e:e8:55:65:e6:b3:37:bf:d0:93:
13:95:13:eb:01:8f:18:e5:62:d8:92:9e:e0:0d:24:
e1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D4:DF:DE:4A:40:25:78:4C:F2:DC:EB:A1:B6:4D:43:D1:90:89:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:55:c2:7d:fe:89:3e:db:b8:f0:78:d1:25:1b:6c:c3:32:29:
b4:94:76:6e:fa:2b:e0:b9:72:4a:8b:8a:5c:3d:02:f2:3c:20:
f0:7b:9f:5e:55:2f:dc:09:b1:ae:9d:38:c6:a7:a2:80:19:91:
db:eb:d7:de:83:54:3c:4b:d8:f2:74:de:be:ec:51:13:97:e6:
5a:b3:21:d6:ce:3b:7f:f5:cd:11:6d:fe:6a:00:70:06:9b:37:
b1:dd:d3:0f:04:23:1b:49:26:7d:77:01:24:9a:2e:f0:e8:6e:
4a:7f:08:bf:1b:65:6a:0f:21:0c:d1:31:9a:b0:a5:1d:b8:35:
b4:06:26:41:6e:a7:3e:cd:da:ca:3d:91:52:53:56:b0:3d:1a:
e4:8c:52:e7:ec:a0:a9:d6:0b:cc:c1:bb:ff:be:2a:42:23:36:
e4:34:4a:ae:31:1e:cc:56:70:0d:e6:f5:21:d2:24:58:c7:0f:
2b:23:c4:dc:de:00:c3:3f:15:1f:fe:56:98:26:31:fd:07:6f:
a3:c9:33:81:07:09:46:db:16:cc:d0:4b:9a:31:eb:c3:5f:31:
9e:5f:af:91:08:1c:57:6c:55:00:64:ef:4d:e9:8e:57:cf:a9:
b0:17:e9:ee:c8:84:da:fc:d8:4e:5f:1d:b9:fb:b1:4f:a8:71:
7e:7b:ad:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEbpk263f4ikv8gbqDfpCWJmpy5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUwMDRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNzlhNTkyZjgzNzUyMjQyMTFhNGNiNTE1NTIyYzg2ZjQ5NzRkMjkwMjFm
ZGZjNzg1MjRlZWIyYjAwMjJiNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUVZa2Xj/o6hEYNw4lF1WgwueRigLZVpuH1AojeLp4DwasZxtnKYHSBnfJu
RtlzF9rU0vYEix28QvW9mnBYqvaOGofrohv7rcdjs/6rngLKzthyg5LK7Ov+Iw6t
W92iNJE8rvpXYP9xTSZUk8QEQZ0RQ1gJht1LRZ7UWYXK9cbdDfqTb70t/muT9GQX
ukjdbaPLbCsgr2CAR/Pfa/MsPh1LmfdVaIo7T3YcqVQWs4FO2TI+fFy+I2pdebuP
PYEKUP3JBBkWkAHJmiCJEFFcNIk4tlcLu6cEr5lOCitUSdBLOUlcURse6FVl5rM3
v9CTE5UT6wGPGOVi2JKe4A0k4ccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRr1N/e
SkAleEzy3Ouhtk1D0ZCJpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+VcJ9/ok+27jweNElG2zDMim0lHZu+ivguXJK
i4pcPQLyPCDwe59eVS/cCbGunTjGp6KAGZHb69feg1Q8S9jydN6+7FETl+ZasyHW
zjt/9c0Rbf5qAHAGmzex3dMPBCMbSSZ9dwEkmi7w6G5Kfwi/G2VqDyEM0TGasKUd
uDW0BiZBbqc+zdrKPZFSU1awPRrkjFLn7KCp1gvMwbv/vipCIzbkNEquMR7MVnAN
5vUh0iRYxw8rI8Tc3gDDPxUf/laYJjH9B2+jyTOBBwlG2xbM0EuaMevDXzGeX6+R
CBxXbFUAZO9N6Y5Xz6mwF+nuyITa/NhOXx25+7FPqHF+e61A
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:14 2025 by rpki-client on console.sobornost.net