Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04b3d59a-1622-4222-b4f7-96e18174cf66.roa
File: 04b3d59a-1622-4222-b4f7-96e18174cf66.roa (raw, json)
Hash identifier: QINZA/ewgtSUi54EP1i4mNqbqe9376fFS1rGc+rKAis=
Subject key identifier: 0B:C8:60:D7:18:DC:2C:F9:6E:49:4C:4F:41:68:83:B2:D3:11:DD:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B952A9C54F2D2FA2F40A3E8668B59EEBA90B0D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04b3d59a-1622-4222-b4f7-96e18174cf66.roa
Signing time: Wed 05 Mar 2025 17:41:43 +0000
ROA not before: Wed 05 Mar 2025 17:41:43 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:95:2a:9c:54:f2:d2:fa:2f:40:a3:e8:66:8b:59:ee:ba:90:b0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:41:43 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0b:1c:7a:eb:06:2e:a3:d3:0f:dc:39:fd:e3:
5a:bf:df:0d:eb:a9:c9:4c:99:34:62:3c:01:12:b7:
a1:74:0a:da:4f:ae:b2:c0:2d:16:06:8a:54:e1:cc:
06:75:19:82:26:4e:e2:86:6b:38:96:fc:51:b3:ee:
7e:2f:c9:d6:d6:fb:98:d1:76:48:1c:30:e4:f2:41:
bc:46:c2:cf:d3:07:ba:62:76:a5:c4:a4:6b:7e:4f:
4a:52:7a:33:53:b5:ab:93:f9:65:bd:bc:4d:d9:7f:
a8:29:72:1d:31:81:a7:24:a4:62:fd:8e:cf:3a:de:
b4:47:e6:a8:ea:6d:06:fe:78:0f:d8:11:d8:3d:53:
55:85:81:e0:37:76:e5:74:aa:a0:cc:4c:6e:c6:bf:
47:2e:27:ef:cf:3e:e1:b4:23:59:69:0d:d8:19:76:
6e:3d:69:e2:75:be:8f:29:9f:88:a2:e1:8a:97:02:
7d:f7:5a:4e:74:f7:a9:24:21:31:78:58:b2:78:bb:
fd:5c:16:71:ac:6a:ee:47:04:9a:17:41:d9:32:f2:
78:35:f2:ea:1b:13:f0:6c:ba:b0:57:d5:b0:78:fe:
d4:67:fc:4a:d2:dc:9c:c3:ac:e8:48:9a:48:bc:8e:
ec:77:91:da:28:21:9e:b4:07:fd:e9:a5:08:e5:82:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C8:60:D7:18:DC:2C:F9:6E:49:4C:4F:41:68:83:B2:D3:11:DD:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04b3d59a-1622-4222-b4f7-96e18174cf66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
40:01:53:da:3e:99:04:d2:b8:4e:58:58:0b:16:7a:2d:c4:cc:
e9:9f:0e:0a:43:20:69:16:c6:4d:55:dd:44:75:d9:57:d8:4e:
1c:d2:a5:a3:53:c5:de:f3:5f:90:39:2a:54:ac:4e:b4:56:81:
86:a7:03:64:7d:37:d3:c0:c5:88:13:96:b7:7e:5d:3f:42:d4:
6b:56:71:4d:9b:c2:8c:79:15:5f:f7:ed:01:18:a4:a5:5e:1c:
b3:67:90:7c:8c:95:d4:f5:96:8d:8d:0a:6d:d3:1d:54:ea:48:
72:cf:8d:a5:9c:54:5e:74:36:2d:ed:eb:1c:8b:8f:f0:a0:17:
0e:a5:10:b2:77:36:fd:39:3a:26:fb:80:0d:d2:c4:f2:39:cf:
67:b3:99:15:4d:3f:e9:07:58:99:1a:12:12:ab:e8:bb:75:53:
de:de:cf:1a:5d:c6:c7:5f:6d:2e:d2:d4:3c:c0:46:aa:94:03:
18:3c:52:a4:0e:ac:ba:8c:cb:dd:51:a9:29:a9:54:fa:b8:63:
ae:12:9b:b3:84:0a:00:fe:5f:75:93:d6:e8:2b:b2:10:a4:89:
1e:0e:20:77:06:12:83:da:89:27:e7:07:cc:ec:bb:d4:56:a4:
b8:2b:07:08:5b:4e:a2:9b:81:0a:88:61:ed:f6:fe:5e:a9:17:
13:00:6c:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS5UqnFTy0vovQKPoZotZ7rqQsNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQxNDNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MWYzNWNjMzU5MWU0ZWI0OTVkMGVlNzEwYTljYWYyNjRkNTE5ZWVhZGM4
ZmZiODFhNWVjMDA2NTQ0NmNiNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8LHHrrBi6j0w/cOf3jWr/fDeupyUyZNGI8ARK3oXQK2k+ussAtFgaKVOHM
BnUZgiZO4oZrOJb8UbPufi/J1tb7mNF2SBww5PJBvEbCz9MHumJ2pcSka35PSlJ6
M1O1q5P5Zb28Tdl/qClyHTGBpySkYv2OzzretEfmqOptBv54D9gR2D1TVYWB4Dd2
5XSqoMxMbsa/Ry4n788+4bQjWWkN2Bl2bj1p4nW+jymfiKLhipcCffdaTnT3qSQh
MXhYsni7/VwWcaxq7kcEmhdB2TLyeDXy6hsT8Gy6sFfVsHj+1Gf8StLcnMOs6Eia
SLyO7HeR2ighnrQH/emlCOWCh/ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLyGDX
GNws+W5JTE9BaIOy0xHdvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRiM2Q1OWEtMTYyMi00MjIyLWI0ZjctOTZlMTgxNzRjZjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G6A
MA0GCSqGSIb3DQEBCwUAA4IBAQBAAVPaPpkE0rhOWFgLFnotxMzpnw4KQyBpFsZN
Vd1EddlX2E4c0qWjU8Xe81+QOSpUrE60VoGGpwNkfTfTwMWIE5a3fl0/QtRrVnFN
m8KMeRVf9+0BGKSlXhyzZ5B8jJXU9ZaNjQpt0x1U6khyz42lnFRedDYt7esci4/w
oBcOpRCydzb9OTom+4AN0sTyOc9ns5kVTT/pB1iZGhISq+i7dVPe3s8aXcbHX20u
0tQ8wEaqlAMYPFKkDqy6jMvdUakpqVT6uGOuEpuzhAoA/l91k9boK7IQpIkeDiB3
BhKD2okn5wfM7LvUVqS4KwcIW06im4EKiGHt9v5eqRcTAGyO
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:45 2025 by rpki-client