Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e17dcec5-9d55-4765-8f83-957d1f5c0010.roa
File: e17dcec5-9d55-4765-8f83-957d1f5c0010.roa (raw, json)
Hash identifier: 1NldM2FmGik6Ya6xdDUGUeeYuiAy4kQn1YqJSKQtow4=
Subject key identifier: 72:20:91:10:CD:92:4A:3A:A0:66:38:B9:95:54:77:20:B4:BA:20:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B14848A049AA59C5642F00D8780F3377BD12B7F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e17dcec5-9d55-4765-8f83-957d1f5c0010.roa
Signing time: Mon 31 Mar 2025 20:10:52 +0000
ROA not before: Mon 31 Mar 2025 20:10:52 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8020::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:14:84:8a:04:9a:a5:9c:56:42:f0:0d:87:80:f3:37:7b:d1:2b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:10:52 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=e72d4e4b5816f604eac5856c04254d72daf2c5f896c5c03fc5bec68a0fac0050, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:de:21:bb:6c:9f:6f:17:71:86:61:84:97:
3d:5c:6d:18:05:97:38:34:84:46:ee:a5:87:9a:44:
cc:ef:21:ce:07:9c:23:c0:b2:f0:14:a0:71:d8:13:
77:ea:9a:f3:1c:ce:87:15:c7:73:cb:a1:41:14:a7:
f9:55:5e:3e:4d:72:4b:88:1e:40:30:70:23:d0:f9:
7d:b8:b5:84:c4:51:b1:e8:df:2f:93:90:14:28:40:
c2:61:56:ee:50:aa:0b:a0:b6:99:43:f4:fd:56:d0:
5b:15:05:bc:ae:48:9e:4a:9c:8a:ac:24:7d:65:17:
0b:2a:99:df:d0:b5:98:27:97:59:02:2f:3b:9c:3f:
77:62:3a:a7:8a:4f:a6:90:06:d0:18:5d:39:65:f6:
27:da:b7:6f:f1:7f:ac:d8:7e:88:6b:e7:80:89:9c:
cc:bb:33:97:4a:c3:1e:9f:e9:ca:66:cd:3c:3f:e0:
e8:4d:e2:27:6c:06:d5:66:d7:0e:21:0d:19:51:7b:
c3:bf:1b:dd:0f:01:5d:c3:0c:a5:94:f2:f7:07:d6:
2b:61:0a:cf:61:2e:65:c1:d9:d0:4b:b2:ba:dc:83:
32:9a:ee:05:7a:fd:db:68:d6:4e:73:c5:3a:fa:22:
4f:36:53:c4:56:ca:a1:87:b9:9e:5e:f9:9c:c9:32:
ab:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:20:91:10:CD:92:4A:3A:A0:66:38:B9:95:54:77:20:B4:BA:20:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e17dcec5-9d55-4765-8f83-957d1f5c0010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8020::/46
Signature Algorithm: sha256WithRSAEncryption
2b:ff:2e:8f:77:8e:36:15:bd:e8:37:6f:31:b7:18:5a:f4:fa:
00:d4:eb:6e:9d:b7:40:80:24:42:f2:10:1f:e6:56:23:00:82:
fc:eb:b7:60:7d:0b:26:50:ee:4c:4d:44:22:c4:04:6b:ab:1a:
d3:8a:28:49:6a:1a:b6:66:03:7d:2d:e9:40:8a:9d:af:b2:ed:
83:df:86:d2:32:b6:49:73:49:19:1b:92:73:06:0a:7c:1d:96:
7b:44:72:7f:a0:78:1e:02:2c:ec:19:d2:57:28:6f:3f:07:09:
cf:87:98:75:d1:38:bc:ae:8b:fe:f1:71:1a:26:58:02:be:3f:
2b:e7:f3:d8:b8:19:60:2c:bc:b3:96:eb:e3:39:3f:e6:ea:ed:
8d:87:1b:6b:3a:92:49:6f:61:cf:90:c7:b8:bf:6f:15:a9:22:
d9:7c:a7:33:83:c6:29:15:75:7f:0f:2b:dc:5a:0a:00:79:dc:
03:ba:70:3e:e9:a8:71:a7:61:c4:54:ca:f4:3d:e6:97:7e:65:
91:93:4a:11:14:92:f8:e3:0b:8a:bb:2a:cd:70:c8:ba:3f:09:
52:f8:bc:3e:c3:e4:57:1c:ce:d7:59:f5:b7:e4:c7:4a:dc:91:
aa:91:e8:a7:03:c5:7c:2e:ea:8c:59:27:1c:45:05:64:59:df:
1c:fe:48:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGxSEigSapZxWQvANh4DzN3vRK38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDEwNTJaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MmQ0ZTRiNTgxNmY2MDRlYWM1ODU2YzA0MjU0ZDcyZGFmMmM1Zjg5NmM1
YzAzZmM1YmVjNjhhMGZhYzAwNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLh3iG7bJ9vF3GGYYSXPVxtGAWXODSERu6lh5pEzO8hzgecI8Cy8BSgcdgT
d+qa8xzOhxXHc8uhQRSn+VVePk1yS4geQDBwI9D5fbi1hMRRsejfL5OQFChAwmFW
7lCqC6C2mUP0/VbQWxUFvK5InkqciqwkfWUXCyqZ39C1mCeXWQIvO5w/d2I6p4pP
ppAG0BhdOWX2J9q3b/F/rNh+iGvngImczLszl0rDHp/pymbNPD/g6E3iJ2wG1WbX
DiENGVF7w78b3Q8BXcMMpZTy9wfWK2EKz2EuZcHZ0EuyutyDMpruBXr922jWTnPF
OvoiTzZTxFbKoYe5nl75nMkyq50CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyIJEQ
zZJKOqBmOLmVVHcgtLogdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTE3ZGNlYzUtOWQ1NS00NzY1LThmODMtOTU3ZDFmNWMwMDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
IDANBgkqhkiG9w0BAQsFAAOCAQEAK/8uj3eONhW96DdvMbcYWvT6ANTrbp23QIAk
QvIQH+ZWIwCC/Ou3YH0LJlDuTE1EIsQEa6sa04ooSWoatmYDfS3pQIqdr7Ltg9+G
0jK2SXNJGRuScwYKfB2We0Ryf6B4HgIs7BnSVyhvPwcJz4eYddE4vK6L/vFxGiZY
Ar4/K+fz2LgZYCy8s5br4zk/5urtjYcbazqSSW9hz5DHuL9vFaki2XynM4PGKRV1
fw8r3FoKAHncA7pwPumocadhxFTK9D3ml35lkZNKERSS+OMLirsqzXDIuj8JUvi8
PsPkVxzO11n1t+THStyRqpHopwPFfC7qjFknHEUFZFnfHP5IJA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:14 2025 by rpki-client on console.sobornost.net