Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
File: 007aa6ae-ee04-4168-a465-d2d3db70f19f.roa (raw, json)
Hash identifier: QhQmXSONk3hRxkYBJkpUMwBI/nNA6+tL2kEjqd/ViWk=
Subject key identifier: 36:DD:D3:25:FC:37:62:68:28:2E:DD:C3:17:6A:FB:B6:A7:A7:FC:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5290A3089562763A33CABBC9F1BFC3F0760F2C5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
Signing time: Wed 05 Mar 2025 15:00:57 +0000
ROA not before: Wed 05 Mar 2025 15:00:57 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:90:a3:08:95:62:76:3a:33:ca:bb:c9:f1:bf:c3:f0:76:0f:2c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:00:57 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:33:19:ca:bf:4a:5d:5e:95:d1:a9:09:de:8e:
11:3b:12:aa:a7:bb:9f:4d:7d:2d:49:51:a8:06:24:
60:1a:37:74:05:a6:e7:12:4f:64:72:f5:9d:d1:1c:
30:ff:55:8f:06:6b:54:24:b4:da:8b:69:d0:21:87:
fe:f0:43:70:87:a5:b3:1b:d0:d2:77:16:93:91:19:
27:4e:8d:32:01:61:ae:db:34:0e:11:4d:5b:e4:9f:
88:99:66:79:a1:d4:ad:51:5d:15:0c:20:d1:c3:51:
2e:f2:29:b3:3c:9e:63:8f:03:1b:23:a0:53:62:2b:
e5:b9:06:d3:58:ac:29:81:5f:a4:3c:df:6d:c5:e8:
0e:6e:e4:bb:5c:0c:99:b1:08:67:45:48:64:56:87:
23:18:c1:80:0f:d3:c4:9b:2d:98:14:5b:02:d5:91:
ce:04:a9:15:b9:f6:f6:a2:c1:f9:28:f9:56:12:3e:
05:51:f0:d1:7e:c7:78:52:ec:7b:d7:dd:04:1c:d9:
dc:b4:7f:4e:73:30:a5:c3:b5:0f:94:f2:af:20:94:
63:4d:2d:14:89:f5:da:61:ee:43:14:75:d9:a6:6e:
55:29:82:76:16:5a:e2:67:18:3d:b1:f4:a6:e6:31:
5a:a5:f7:6f:c9:b8:ab:e0:24:54:86:ff:a6:4c:a0:
ba:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DD:D3:25:FC:37:62:68:28:2E:DD:C3:17:6A:FB:B6:A7:A7:FC:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1040::/48
Signature Algorithm: sha256WithRSAEncryption
68:7f:c6:52:7c:b5:36:cd:d9:a0:42:20:60:c5:e2:be:7a:03:
d7:cb:ed:68:aa:81:a1:2f:d8:69:d7:ca:5c:6a:06:1a:0e:6d:
bf:b4:14:45:05:61:56:6e:be:3e:dc:03:03:0c:2b:70:37:87:
87:89:c0:2e:23:26:a1:31:04:3f:37:34:9b:fd:37:1d:0e:2b:
b8:89:29:c3:0d:39:0a:98:eb:3b:0f:7e:2d:c3:25:54:52:45:
68:85:14:ae:ba:ba:08:57:36:a7:02:4c:05:09:6e:2a:ef:f0:
46:9f:ea:86:48:44:83:e1:b7:12:95:82:7f:64:6c:84:6c:34:
5f:3c:d3:0d:3f:5e:97:55:15:97:ff:7d:96:be:3f:7b:c7:10:
e0:86:67:62:41:67:67:09:86:68:44:26:06:2b:59:5c:99:d0:
4b:b2:41:ad:bd:71:a6:ac:fb:d3:b1:c8:d4:c7:4f:ed:a8:fc:
26:d4:6e:b0:c7:3c:88:05:4a:c8:82:f7:d3:c8:9b:ea:41:ef:
64:2f:cc:30:57:44:c5:28:09:e3:fa:75:e9:13:84:25:d4:64:
20:79:1f:e3:e2:cb:86:fc:e1:2b:e0:dd:0c:de:0c:76:8e:6d:
16:dd:52:5a:ec:f6:80:ef:63:11:5f:80:19:c7:82:aa:0c:94:
83:bc:ce:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUpCjCJVidjozyrvJ8b/D8HYPLFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTAwNTdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ODViOTM1ODliMDNmMDRjMTY2MmU3ZjA2NTE4ZTMxNWYyZjUzODVlZjUw
NjQxOTcxZDZiYjc3M2ViODU3OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYzGcq/Sl1eldGpCd6OETsSqqe7n019LUlRqAYkYBo3dAWm5xJPZHL1ndEc
MP9VjwZrVCS02otp0CGH/vBDcIelsxvQ0ncWk5EZJ06NMgFhrts0DhFNW+SfiJlm
eaHUrVFdFQwg0cNRLvIpszyeY48DGyOgU2Ir5bkG01isKYFfpDzfbcXoDm7ku1wM
mbEIZ0VIZFaHIxjBgA/TxJstmBRbAtWRzgSpFbn29qLB+Sj5VhI+BVHw0X7HeFLs
e9fdBBzZ3LR/TnMwpcO1D5TyryCUY00tFIn12mHuQxR12aZuVSmCdhZa4mcYPbH0
puYxWqX3b8m4q+AkVIb/pkygusMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ23dMl
/DdiaCgu3cMXavu2p6f8rjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDA3YWE2YWUtZWUwNC00MTY4LWE0NjUtZDJkM2RiNzBmMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAaH/GUny1Ns3ZoEIgYMXivnoD18vtaKqBoS/Y
adfKXGoGGg5tv7QURQVhVm6+PtwDAwwrcDeHh4nALiMmoTEEPzc0m/03HQ4ruIkp
ww05CpjrOw9+LcMlVFJFaIUUrrq6CFc2pwJMBQluKu/wRp/qhkhEg+G3EpWCf2Rs
hGw0XzzTDT9el1UVl/99lr4/e8cQ4IZnYkFnZwmGaEQmBitZXJnQS7JBrb1xpqz7
07HI1MdP7aj8JtRusMc8iAVKyIL308ib6kHvZC/MMFdExSgJ4/p16ROEJdRkIHkf
4+LLhvzhK+DdDN4Mdo5tFt1SWuz2gO9jEV+AGceCqgyUg7zONA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:49 2025 by rpki-client