Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1eddf70-a157-496a-9da4-f9eb58800a4a.roa
File: e1eddf70-a157-496a-9da4-f9eb58800a4a.roa (raw, json)
Hash identifier: 3DEWZgHMW9ker+XrsCNLvR2uVaMwN4C96FWe9lAIZkE=
Subject key identifier: 3C:32:93:56:F1:33:BB:4D:47:80:47:5C:42:17:29:68:35:33:F0:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2191498CABA35DFD4D4C634BFD6EC7592DC2FF6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1eddf70-a157-496a-9da4-f9eb58800a4a.roa
Signing time: Mon 31 Mar 2025 20:40:31 +0000
ROA not before: Mon 31 Mar 2025 20:40:31 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:91:49:8c:ab:a3:5d:fd:4d:4c:63:4b:fd:6e:c7:59:2d:c2:ff:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:40:31 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=f4e236bd1ba79d83a0c53389e362c0b763dd546e4ea1a407152e85973fa522d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ce:3a:66:40:cc:09:7d:f6:f4:f3:f1:4e:74:
05:56:79:91:09:96:d9:9d:01:ef:a0:04:a3:11:e2:
f0:fd:71:ab:15:b4:1a:3b:ba:16:95:06:6e:db:d4:
0f:bf:b4:0c:6f:e8:90:b7:66:a4:89:98:a1:2e:9b:
85:4b:16:97:54:4a:f9:f4:87:2c:b4:c6:e8:26:18:
f2:53:6f:68:de:5a:8f:09:ce:bb:6a:c8:e7:45:9e:
cb:dd:9d:23:d3:52:8e:df:5c:1d:7c:45:26:fb:17:
7f:63:7e:84:29:67:c2:19:4a:ec:42:fd:fc:15:3e:
72:90:0d:9a:26:a5:d5:f7:2d:00:00:7f:8c:43:b1:
87:3c:2b:34:40:6a:83:75:4f:07:5e:65:b0:62:17:
b4:ac:ab:11:41:35:0f:a6:21:cc:a1:28:5e:f4:58:
72:9e:d9:5b:5f:5d:e7:77:62:c3:66:ac:ed:a4:0b:
74:ab:e2:3e:60:dc:ef:ad:33:63:8a:82:8e:9d:f7:
b1:a7:07:a2:4a:27:e7:34:49:12:1d:1d:91:a9:ef:
b6:94:d7:e9:ad:04:b7:b6:59:24:35:ff:d0:0f:fc:
fd:73:b9:fb:1e:14:cc:12:12:e4:a0:1c:d9:26:26:
53:1b:b1:d3:9b:2f:f2:a5:7d:2b:b5:14:6d:6b:ef:
8d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:32:93:56:F1:33:BB:4D:47:80:47:5C:42:17:29:68:35:33:F0:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1eddf70-a157-496a-9da4-f9eb58800a4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
70:a3:0c:1f:c1:fd:cb:15:d8:ef:ad:5b:36:72:47:f3:2b:83:
76:6e:30:36:36:ed:a6:0d:48:6c:12:42:64:6b:a6:c2:76:f7:
4b:0c:a0:c6:b3:08:f0:e3:d5:ee:03:4c:2c:6e:65:42:53:a9:
cb:1d:84:c6:fb:06:71:f7:70:66:4b:34:09:0a:6a:9b:4e:80:
09:e9:3f:ef:01:0c:92:d1:75:e5:09:40:a8:c6:57:3e:72:96:
e3:e0:ff:b4:2e:30:c9:7c:e0:e2:5b:10:73:91:69:ae:cf:51:
24:ce:27:5b:6f:b1:16:f5:cd:3a:c0:c5:5d:a8:bb:83:b6:7f:
c9:78:b0:c9:ac:df:3a:49:b9:37:14:70:c1:d2:31:a9:e9:a4:
ec:66:ba:39:bc:12:2a:07:cd:df:ba:ba:db:df:30:4f:e7:54:
23:57:d0:0a:92:ef:6b:98:aa:5b:86:47:e3:1c:4d:6c:e2:ad:
58:64:71:36:34:f1:fb:48:1d:55:bd:08:ba:3d:96:7e:89:ec:
5d:81:e9:01:fd:21:5a:4c:b6:8a:fa:90:35:cf:39:4a:9f:a2:
44:04:9d:42:85:ab:ba:64:4e:3c:ad:77:6e:31:96:e2:d4:b3:
01:4a:17:19:4d:08:ec:9f:ca:9c:89:26:08:35:d4:13:ff:d1:
7e:19:d2:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIZFJjKujXf1NTGNL/W7HWS3C/28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQwMzFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0ZTIzNmJkMWJhNzlkODNhMGM1MzM4OWUzNjJjMGI3NjNkZDU0NmU0ZWEx
YTQwNzE1MmU4NTk3M2ZhNTIyZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHOOmZAzAl99vTz8U50BVZ5kQmW2Z0B76AEoxHi8P1xqxW0Gju6FpUGbtvU
D7+0DG/okLdmpImYoS6bhUsWl1RK+fSHLLTG6CYY8lNvaN5ajwnOu2rI50Wey92d
I9NSjt9cHXxFJvsXf2N+hClnwhlK7EL9/BU+cpANmial1fctAAB/jEOxhzwrNEBq
g3VPB15lsGIXtKyrEUE1D6YhzKEoXvRYcp7ZW19d53diw2as7aQLdKviPmDc760z
Y4qCjp33sacHokon5zRJEh0dkanvtpTX6a0Et7ZZJDX/0A/8/XO5+x4UzBIS5KAc
2SYmUxux05sv8qV9K7UUbWvvjYkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8MpNW
8TO7TUeAR1xCFyloNTPwQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTFlZGRmNzAtYTE1Ny00OTZhLTlkYTQtZjllYjU4ODAwYTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G5g
MA0GCSqGSIb3DQEBCwUAA4IBAQBwowwfwf3LFdjvrVs2ckfzK4N2bjA2Nu2mDUhs
EkJka6bCdvdLDKDGswjw49XuA0wsbmVCU6nLHYTG+wZx93BmSzQJCmqbToAJ6T/v
AQyS0XXlCUCoxlc+cpbj4P+0LjDJfODiWxBzkWmuz1Ekzidbb7EW9c06wMVdqLuD
tn/JeLDJrN86Sbk3FHDB0jGp6aTsZro5vBIqB83furrb3zBP51QjV9AKku9rmKpb
hkfjHE1s4q1YZHE2NPH7SB1VvQi6PZZ+iexdgekB/SFaTLaK+pA1zzlKn6JEBJ1C
hau6ZE48rXduMZbi1LMBShcZTQjsn8qciSYINdQT/9F+GdLE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:14 2025 by rpki-client on console.sobornost.net