Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
File: fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa (raw, json)
Hash identifier: M7ZNTyy9gukDVcAsyZYfTofuNJYBGhDq70LC9NZ3faQ=
Subject key identifier: BA:10:53:FD:A0:59:33:85:44:33:00:89:02:D8:28:77:6B:22:DA:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 442BD1F4AC80FA241F7FC58C897A2D8AF422BE60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:2b:d1:f4:ac:80:fa:24:1f:7f:c5:8c:89:7a:2d:8a:f4:22:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=bd993da67ff465a7141d1e6e5e804795b9398af51d8202788f6c39738d065e0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:c3:3c:64:7d:b5:9c:d9:00:5e:78:fd:17:
a9:0d:89:d0:bf:06:45:6a:55:25:1e:dd:2f:5c:3e:
8c:de:67:a6:2b:4c:96:12:c0:96:6c:ee:63:12:9b:
e4:22:1a:16:16:2e:0c:91:f3:6c:a1:b0:d5:d2:4e:
4d:e4:2e:6e:99:47:5f:80:a3:7b:ee:e9:04:23:5d:
07:0c:46:cb:44:98:6f:7c:33:b4:81:eb:b1:ef:79:
4d:98:8d:4f:bd:da:b5:ff:37:58:ff:63:68:e9:85:
3c:9f:6f:8c:c2:b0:0f:18:67:84:e7:de:3b:b4:d5:
8c:fa:ad:f1:92:1a:9d:7d:ea:97:7d:cc:a6:6c:4d:
4a:4b:03:f5:e0:e9:be:9f:c9:aa:07:42:12:2d:e5:
9a:48:5c:95:a3:28:3f:cf:e8:3d:bb:9f:44:8b:08:
bb:86:6f:3e:4c:ba:cc:5a:d1:d1:ff:62:03:95:a8:
95:54:9c:fd:57:5f:79:d2:36:e0:cb:5f:76:d2:6b:
90:c7:16:f1:7b:1a:0c:47:34:59:58:44:81:3c:77:
43:f0:51:a1:5f:dc:57:30:3e:cb:b6:4b:9c:f6:38:
d7:9e:25:0e:18:b0:7f:5b:34:94:3b:70:86:c2:29:
8e:30:5f:a4:89:01:d7:09:b9:8f:f1:9e:13:43:25:
e4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:10:53:FD:A0:59:33:85:44:33:00:89:02:D8:28:77:6B:22:DA:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:d4:a7:94:93:b5:e7:5b:90:0a:d8:46:eb:11:c6:61:7f:3d:
76:08:11:f8:1d:0d:09:4a:f7:c2:66:5a:f3:54:8f:8d:dd:1a:
2f:53:d7:04:65:09:a2:55:b2:7a:d0:e1:10:f0:39:e6:1f:ce:
f0:45:b2:34:08:8c:3d:1b:d8:5f:90:3d:94:21:20:ae:5e:42:
14:83:65:d4:4c:f0:56:fb:fe:61:99:b8:43:94:4c:1c:35:fa:
bc:ba:9a:45:f5:f2:8d:14:05:ba:ef:80:fb:b6:41:ab:7a:aa:
68:80:c1:fd:63:ed:a4:11:ed:c1:57:bc:2d:98:68:9a:e4:be:
c3:60:db:62:34:6a:85:a2:1a:db:b5:54:b8:be:c3:fd:cd:0d:
d9:00:1d:29:d6:f0:0d:da:42:86:a7:c0:e1:e6:23:77:27:75:
59:24:e0:20:f3:e9:7f:01:0f:2a:10:1b:be:3a:7d:57:65:f4:
76:64:32:49:ee:08:af:c0:99:7a:72:19:eb:de:d6:c5:65:d4:
a4:d3:ed:45:da:01:08:bf:80:eb:6c:dc:c7:9a:34:b9:94:53:
97:7b:cc:b5:06:e2:7a:a9:aa:ce:b7:18:2b:40:7c:d9:5b:94:
c8:9a:e0:e0:8f:80:2f:9e:74:92:6a:24:e2:5b:e9:01:1a:56:
d2:5a:67:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURCvR9KyA+iQff8WMiXotivQivmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkOTkzZGE2N2ZmNDY1YTcxNDFkMWU2ZTVlODA0Nzk1YjkzOThhZjUxZDgy
MDI3ODhmNmMzOTczOGQwNjVlMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRfwzxkfbWc2QBeeP0XqQ2J0L8GRWpVJR7dL1w+jN5npitMlhLAlmzuYxKb
5CIaFhYuDJHzbKGw1dJOTeQubplHX4Cje+7pBCNdBwxGy0SYb3wztIHrse95TZiN
T73atf83WP9jaOmFPJ9vjMKwDxhnhOfeO7TVjPqt8ZIanX3ql33MpmxNSksD9eDp
vp/JqgdCEi3lmkhclaMoP8/oPbufRIsIu4ZvPky6zFrR0f9iA5WolVSc/VdfedI2
4MtfdtJrkMcW8XsaDEc0WVhEgTx3Q/BRoV/cVzA+y7ZLnPY4154lDhiwf1s0lDtw
hsIpjjBfpIkB1wm5j/GeE0Ml5DsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6EFP9
oFkzhUQzAIkC2Ch3ayLaajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZmYTRiOWQtYzY5NC00ZGQyLTgyZTYtMGViZTMxMDk1YmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC31KeUk7XnW5AK2EbrEcZhfz12CBH4HQ0JSvfC
ZlrzVI+N3RovU9cEZQmiVbJ60OEQ8DnmH87wRbI0CIw9G9hfkD2UISCuXkIUg2XU
TPBW+/5hmbhDlEwcNfq8uppF9fKNFAW674D7tkGreqpogMH9Y+2kEe3BV7wtmGia
5L7DYNtiNGqFohrbtVS4vsP9zQ3ZAB0p1vAN2kKGp8Dh5iN3J3VZJOAg8+l/AQ8q
EBu+On1XZfR2ZDJJ7givwJl6chnr3tbFZdSk0+1F2gEIv4DrbNzHmjS5lFOXe8y1
BuJ6qarOtxgrQHzZW5TImuDgj4AvnnSSaiTiW+kBGlbSWmcp
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:00 2025 by rpki-client on console.sobornost.net