Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
File: dedc9540-e267-4454-a449-e65933af6f0f.roa (raw, json)
Hash identifier: uta+iPF2kRiv7pAwyn7GPRLT84iMMbtijruMTs8U5yM=
Subject key identifier: 5E:88:EF:B5:00:69:22:E6:3F:B9:2A:FD:A9:1D:82:91:23:B4:56:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DA04BE10844F0483E71B36912839F562487FE53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
Signing time: Mon 31 Mar 2025 21:01:16 +0000
ROA not before: Mon 31 Mar 2025 21:01:16 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:a0:4b:e1:08:44:f0:48:3e:71:b3:69:12:83:9f:56:24:87:fe:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:01:16 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=dbd9512332f5e3e4fad4567a1497750c23447007d8131a65fa3abcfc7a237602, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f0:ac:8b:0a:f4:82:34:6f:49:c4:f4:77:32:
90:93:dc:fd:3f:8f:a5:18:9a:c9:25:d9:c2:fb:40:
74:cc:b0:bd:42:5f:f3:8c:a3:34:91:f6:fb:0c:96:
32:1f:da:85:88:09:f2:39:e2:78:75:0a:04:b2:e6:
28:81:65:b6:54:4a:4d:b6:80:0c:46:ec:00:f8:06:
41:94:5d:24:d7:8f:3c:a0:c1:99:c0:e6:d0:34:1f:
15:5b:8b:bb:55:c8:45:3e:35:61:c5:dd:2f:25:a9:
0f:ee:68:a9:fc:e6:e1:76:fa:1b:37:82:80:18:f4:
26:19:13:6b:c5:84:5d:1f:8e:a0:db:ce:e9:42:87:
c0:5b:fc:97:e9:35:1a:f8:2a:32:1c:82:a8:a7:a8:
0b:47:4c:e7:2c:f0:67:f4:2e:fb:d4:10:a6:16:89:
b0:d8:ff:92:e0:f2:4c:09:34:6a:13:fe:8d:67:5d:
c7:81:de:e9:28:d0:6c:19:b3:52:01:48:a3:36:76:
26:1c:9f:dc:cf:89:20:9e:77:72:ab:e2:2d:e0:e6:
01:51:c5:89:e1:3d:f7:51:0a:77:04:79:cf:e4:b6:
62:83:71:f0:69:9f:60:1a:1a:73:a0:4a:bd:20:dc:
78:b8:9e:f1:6d:4a:84:93:a0:72:31:50:20:05:c2:
a0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:88:EF:B5:00:69:22:E6:3F:B9:2A:FD:A9:1D:82:91:23:B4:56:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:1000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:a4:13:54:6b:5f:10:91:a8:ae:3a:d9:24:91:e9:c1:a1:5b:
e7:30:87:1a:3e:1b:5a:18:31:3c:0b:3d:d6:d8:79:fd:c2:4d:
67:c6:8a:ec:ef:a9:67:3b:38:bd:49:89:18:91:77:7c:23:91:
dc:8c:02:3c:df:e8:d1:88:78:df:4c:30:77:bd:c4:3b:25:22:
77:cb:42:e6:59:a3:da:c9:38:6f:e4:fc:3e:64:cf:64:2c:94:
51:76:89:4e:b4:51:14:3f:99:2f:0a:ba:8b:a7:f4:12:92:d1:
1b:45:36:42:29:27:63:00:b3:1c:4f:25:ba:9f:97:d2:18:cb:
cc:2b:86:e3:41:7a:da:4d:ce:b4:92:79:bd:ca:57:3b:b1:5c:
bd:a4:45:6e:e0:a6:c4:72:18:a5:0e:88:aa:06:56:94:6b:aa:
14:b2:d0:44:89:69:ec:2d:1f:e1:41:34:e2:75:77:99:7d:85:
bd:b7:02:eb:ac:1e:52:65:5d:a5:70:08:30:88:f9:ad:6f:84:
86:cd:4a:90:42:91:0b:a7:0c:1c:15:8c:c9:ab:fd:c2:80:a6:
20:dd:a9:e2:4b:a4:93:ac:72:ee:84:bc:ea:a8:f5:94:a5:40:
14:44:cf:28:17:9b:50:85:33:bf:83:4f:bc:dd:af:2b:f3:c6:
37:b4:d5:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHaBL4QhE8Eg+cbNpEoOfViSH/lMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTAxMTZaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiZDk1MTIzMzJmNWUzZTRmYWQ0NTY3YTE0OTc3NTBjMjM0NDcwMDdkODEz
MWE2NWZhM2FiY2ZjN2EyMzc2MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHwrIsK9II0b0nE9HcykJPc/T+PpRiaySXZwvtAdMywvUJf84yjNJH2+wyW
Mh/ahYgJ8jnieHUKBLLmKIFltlRKTbaADEbsAPgGQZRdJNePPKDBmcDm0DQfFVuL
u1XIRT41YcXdLyWpD+5oqfzm4Xb6GzeCgBj0JhkTa8WEXR+OoNvO6UKHwFv8l+k1
GvgqMhyCqKeoC0dM5yzwZ/Qu+9QQphaJsNj/kuDyTAk0ahP+jWddx4He6SjQbBmz
UgFIozZ2Jhyf3M+JIJ53cqviLeDmAVHFieE991EKdwR5z+S2YoNx8GmfYBoac6BK
vSDceLie8W1KhJOgcjFQIAXCoMsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReiO+1
AGki5j+5Kv2pHYKRI7RWMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVkYzk1NDAtZTI2Ny00NDU0LWE0NDktZTY1OTMzYWY2ZjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBrpBNUa18QkaiuOtkkkenBoVvnMIcaPhtaGDE8
Cz3W2Hn9wk1nxors76lnOzi9SYkYkXd8I5HcjAI83+jRiHjfTDB3vcQ7JSJ3y0Lm
WaPayThv5Pw+ZM9kLJRRdolOtFEUP5kvCrqLp/QSktEbRTZCKSdjALMcTyW6n5fS
GMvMK4bjQXraTc60knm9ylc7sVy9pEVu4KbEchilDoiqBlaUa6oUstBEiWnsLR/h
QTTidXeZfYW9twLrrB5SZV2lcAgwiPmtb4SGzUqQQpELpwwcFYzJq/3CgKYg3ani
S6STrHLuhLzqqPWUpUAURM8oF5tQhTO/g0+83a8r88Y3tNXK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:14 2025 by rpki-client on console.sobornost.net