Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: k5Rimwmv0tkrZ6g76dY5PBHr6oy3ltFEZ5iW4xdsNIU=
Subject key identifier: 78:24:97:CE:12:11:5E:AE:3F:55:07:77:B4:B4:12:19:B5:54:7A:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F48E7E3EB2E75B144547A53CC357AA2DC64CE67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Mon 31 Mar 2025 20:51:10 +0000
ROA not before: Mon 31 Mar 2025 20:51:10 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:48:e7:e3:eb:2e:75:b1:44:54:7a:53:cc:35:7a:a2:dc:64:ce:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:51:10 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=e32851d8b9378092ce6c1756c33de2e96cfcbd3a281b5f8898ec053f788c51cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3b:d7:1d:71:a8:aa:4b:8e:b3:b5:f9:39:70:
e7:10:f9:5d:a8:2d:7b:f3:da:0c:44:55:d6:1d:a9:
53:1d:da:7e:81:8c:8d:9a:be:cb:8a:89:39:35:28:
05:da:16:3a:2e:6c:0e:f5:65:3e:b3:0d:36:2c:55:
7a:d7:df:a1:c8:99:fb:60:61:84:50:34:0e:50:b7:
66:32:9e:80:41:d9:6f:a6:52:67:06:1e:cf:b3:f8:
9c:ed:1d:6b:f8:9d:b3:02:2a:fa:53:68:02:1e:a2:
ac:79:1a:f3:18:b7:e5:76:20:7f:ff:79:4d:5a:24:
c5:1f:92:ca:78:d2:39:75:6f:18:33:d2:57:72:54:
a8:3e:bc:4e:51:23:79:ac:fd:44:48:00:b2:64:16:
e3:23:78:42:8e:7c:36:5c:81:4d:20:1c:bc:48:27:
6e:12:29:a5:d4:17:72:4c:74:c6:a9:f3:1a:36:82:
40:16:c6:f9:12:8e:1f:55:5e:9c:f0:2c:03:ac:a6:
d5:f5:4f:20:59:1e:5b:cf:0b:c3:45:4f:c2:38:97:
b6:4e:92:6f:6c:58:dd:99:cc:91:49:ae:4f:bf:ad:
36:79:0b:18:9b:1f:b6:87:6c:28:d3:8c:23:cd:ec:
97:14:60:e3:36:6f:06:9d:07:24:e7:ab:f7:33:3c:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:24:97:CE:12:11:5E:AE:3F:55:07:77:B4:B4:12:19:B5:54:7A:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
72:31:67:41:0d:f0:c1:e4:45:35:1e:6e:87:ae:4c:f0:89:99:
51:75:de:30:79:c0:0c:62:7a:2a:c8:ae:3f:b5:c9:88:8a:3f:
53:1b:73:bc:84:96:95:9a:97:87:e7:00:33:52:8b:aa:a1:8b:
26:db:8c:59:ba:13:91:72:e6:53:94:05:59:80:df:80:6d:21:
f1:94:1b:63:58:e0:c9:ff:58:0b:5b:3b:7e:c5:a6:82:eb:c9:
10:8c:98:9b:ba:3f:7a:29:ad:07:fa:be:34:d7:37:81:77:47:
8b:a1:ad:3e:60:54:64:b8:e1:1c:04:54:ca:71:9e:8b:bb:a8:
75:9d:6b:d2:bc:92:60:85:04:b0:e4:3b:4b:5b:28:85:9c:e6:
c8:1a:a5:e5:33:f1:c4:dc:be:7f:34:6d:cf:11:ae:81:4f:31:
aa:a8:95:90:a3:29:8b:77:3f:7d:5e:ba:fe:62:7c:b7:00:56:
16:44:a3:6b:cf:8f:5f:c7:67:7f:7a:c7:1c:c1:11:58:b6:62:
9e:40:8d:b6:e0:98:30:c8:17:bf:ba:b6:b3:b5:ae:ee:73:f2:
64:56:6f:a4:63:22:6f:c7:fb:c4:45:c2:a1:8c:da:37:a9:9c:
2f:bf:c5:f5:8c:ce:21:0c:2e:fe:d1:7f:03:d9:18:ae:ba:f7:
17:eb:5e:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT0jn4+sudbFEVHpTzDV6otxkzmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUxMTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMjg1MWQ4YjkzNzgwOTJjZTZjMTc1NmMzM2RlMmU5NmNmY2JkM2EyODFi
NWY4ODk4ZWMwNTNmNzg4YzUxY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA71x1xqKpLjrO1+Tlw5xD5Xagte/PaDERV1h2pUx3afoGMjZq+y4qJOTUo
BdoWOi5sDvVlPrMNNixVetffociZ+2BhhFA0DlC3ZjKegEHZb6ZSZwYez7P4nO0d
a/idswIq+lNoAh6irHka8xi35XYgf/95TVokxR+SynjSOXVvGDPSV3JUqD68TlEj
eaz9REgAsmQW4yN4Qo58NlyBTSAcvEgnbhIppdQXckx0xqnzGjaCQBbG+RKOH1Ve
nPAsA6ym1fVPIFkeW88Lw0VPwjiXtk6Sb2xY3ZnMkUmuT7+tNnkLGJsftodsKNOM
I83slxRg4zZvBp0HJOer9zM8iR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4JJfO
EhFerj9VB3e0tBIZtVR6SjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQByMWdBDfDB5EU1Hm6HrkzwiZlRdd4wecAMYnoq
yK4/tcmIij9TG3O8hJaVmpeH5wAzUouqoYsm24xZuhORcuZTlAVZgN+AbSHxlBtj
WODJ/1gLWzt+xaaC68kQjJibuj96Ka0H+r401zeBd0eLoa0+YFRkuOEcBFTKcZ6L
u6h1nWvSvJJghQSw5DtLWyiFnObIGqXlM/HE3L5/NG3PEa6BTzGqqJWQoymLdz99
Xrr+Yny3AFYWRKNrz49fx2d/esccwRFYtmKeQI224JgwyBe/urazta7uc/JkVm+k
YyJvx/vERcKhjNo3qZwvv8X1jM4hDC7+0X8D2RiuuvcX614c
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:14 2025 by rpki-client on console.sobornost.net