Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: 1XIPern/bGGZiVDIGmoKNYO+zs5O4Ws783jk9RcXpjw=
Subject key identifier: F2:45:AF:3F:72:5C:04:FF:FA:3D:00:66:92:84:ED:19:B4:1E:8D:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5329D2EE981C49B499F304CB5F2718E8BEBF5FB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:29:d2:ee:98:1c:49:b4:99:f3:04:cb:5f:27:18:e8:be:bf:5f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=5c9d3125916b1bc2b7e59cd717d5835ec949ca5ab215a94b58113e570d7a8016, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:55:70:cb:3f:fb:92:10:47:d2:34:32:76:
fa:61:10:88:8c:f4:7a:61:92:f8:29:bc:bb:ea:03:
9b:56:fa:84:dc:a6:7c:e2:32:5d:33:71:27:f4:4d:
4c:bd:34:34:8e:89:e2:61:da:26:0b:3b:71:7f:be:
80:71:80:37:e9:bf:b2:b1:fd:2c:85:b9:02:86:de:
9c:00:2e:6f:35:08:80:b4:d3:54:b3:df:f2:92:5e:
c6:b3:0a:35:8b:5e:5d:7e:a7:ad:3a:d5:6b:44:c2:
dd:5b:52:b4:4d:b9:74:5d:08:06:b7:14:f2:a2:9a:
25:25:b6:3e:70:18:04:37:6b:9e:f8:9c:db:b7:0b:
bc:bb:b3:b6:01:6c:7d:e1:ec:46:15:0c:3f:78:8c:
19:45:5f:83:68:6f:1a:d1:57:57:40:f5:1c:da:6d:
d0:0a:f6:c0:c2:3c:88:ef:b0:13:be:79:ed:4c:b6:
15:c6:ae:dd:89:cd:24:eb:b6:f8:6e:5b:ad:de:77:
bf:cb:43:6c:1e:02:b4:2a:6d:ee:f3:f3:2f:85:7e:
a1:c3:81:3d:43:5d:a7:67:51:08:dd:92:08:3d:c8:
d7:93:8b:e3:e3:9c:bb:cd:b2:cc:ac:1e:f1:45:2e:
90:8c:be:df:a1:dd:25:41:3a:3c:7e:14:ef:80:db:
98:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:45:AF:3F:72:5C:04:FF:FA:3D:00:66:92:84:ED:19:B4:1E:8D:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
c5:9a:df:ca:ff:5f:38:37:f6:f3:6d:85:98:85:30:e4:5f:dd:
27:9b:4e:6a:7d:5d:b6:e6:29:dc:89:97:96:ca:3b:ce:6b:30:
54:81:5e:cd:c1:01:dc:77:0c:ad:3e:58:d2:eb:b8:82:27:18:
da:a3:d2:c9:a1:55:4b:14:aa:d4:db:1f:e2:9d:a1:8c:78:37:
b5:ce:41:e2:71:d5:49:2d:42:83:1b:58:c3:10:d8:d2:2c:d9:
4a:69:bb:66:e8:67:53:82:a6:66:f2:22:4b:93:e4:4e:24:9f:
a8:11:be:51:0f:96:55:42:00:c8:05:fd:44:76:7d:b4:00:b1:
19:75:10:bc:2a:ba:0a:7f:c8:d4:ad:3a:1d:9a:73:72:55:00:
49:9f:05:fa:b0:b3:7a:e4:04:7a:5c:fe:43:33:69:b8:aa:fa:
a9:db:8a:be:aa:2a:ef:04:29:e6:47:62:50:31:a9:17:47:49:
19:c7:25:55:3d:d8:96:96:fb:56:38:27:a8:83:2d:eb:65:84:
c2:61:7b:1f:20:7b:6a:dc:c4:82:e4:1a:d7:e1:93:95:18:d1:
c1:ca:46:b5:e2:8c:ea:da:06:e4:80:61:30:f3:95:98:fb:51:
4d:bc:b7:33:62:12:db:56:e4:49:ba:38:40:1e:b2:f8:0e:7b:
b3:37:58:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUynS7pgcSbSZ8wTLXycY6L6/X7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjOWQzMTI1OTE2YjFiYzJiN2U1OWNkNzE3ZDU4MzVlYzk0OWNhNWFiMjE1
YTk0YjU4MTEzZTU3MGQ3YTgwMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhQVXDLP/uSEEfSNDJ2+mEQiIz0emGS+Cm8u+oDm1b6hNymfOIyXTNxJ/RN
TL00NI6J4mHaJgs7cX++gHGAN+m/srH9LIW5AobenAAubzUIgLTTVLPf8pJexrMK
NYteXX6nrTrVa0TC3VtStE25dF0IBrcU8qKaJSW2PnAYBDdrnvic27cLvLuztgFs
feHsRhUMP3iMGUVfg2hvGtFXV0D1HNpt0Ar2wMI8iO+wE7557Uy2Fcau3YnNJOu2
+G5brd53v8tDbB4CtCpt7vPzL4V+ocOBPUNdp2dRCN2SCD3I15OL4+Ocu82yzKwe
8UUukIy+36HdJUE6PH4U74DbmOcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTyRa8/
clwE//o9AGaShO0ZtB6N2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEAxZrfyv9fODf2822FmIUw5F/dJ5tOan1dtuYp3ImX
lso7zmswVIFezcEB3HcMrT5Y0uu4gicY2qPSyaFVSxSq1Nsf4p2hjHg3tc5B4nHV
SS1CgxtYwxDY0izZSmm7ZuhnU4KmZvIiS5PkTiSfqBG+UQ+WVUIAyAX9RHZ9tACx
GXUQvCq6Cn/I1K06HZpzclUASZ8F+rCzeuQEelz+QzNpuKr6qduKvqoq7wQp5kdi
UDGpF0dJGcclVT3Ylpb7VjgnqIMt62WEwmF7HyB7atzEguQa1+GTlRjRwcpGteKM
6toG5IBhMPOVmPtRTby3M2IS21bkSbo4QB6y+A57szdYiQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:11 2025 by rpki-client