Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa
File: 0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa (raw, json)
Hash identifier: LR2ewduc4dO/vSKK2XCOR1V1oVZdXWK8SBKk8cHOxwc=
Subject key identifier: BB:33:94:F8:85:7E:F1:AC:6A:18:24:61:89:57:34:2A:B2:F7:18:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4318E932D427B11B39D4F942C69F1A1FD1741AF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa
Signing time: Wed 26 Mar 2025 19:37:11 +0000
ROA not before: Wed 26 Mar 2025 19:37:11 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:18:e9:32:d4:27:b1:1b:39:d4:f9:42:c6:9f:1a:1f:d1:74:1a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 26 19:37:11 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7d:79:9e:af:0c:73:29:81:b8:e1:f4:34:52:
6b:de:73:7b:4b:2e:e1:ab:66:a0:8a:4c:bb:c9:88:
8e:39:19:d9:d8:cd:b3:97:6b:45:f2:fb:c1:30:18:
9b:e5:5f:fc:27:f3:ab:cc:22:c4:67:23:09:42:9b:
81:f3:7c:48:e8:6b:ee:96:5d:d9:ce:f6:8b:2b:e8:
50:f4:e1:8f:a0:a1:2e:bf:b2:3a:5c:f4:2c:02:b3:
94:13:7f:64:a1:09:ac:3f:de:1b:f0:d9:ac:2f:e4:
7b:2c:a7:de:89:98:29:a9:d9:b0:1f:b3:a5:d5:42:
6b:72:fe:5a:81:3d:ae:6d:f3:bb:55:2c:d0:da:6e:
0d:11:8a:8a:7c:a8:60:94:a5:e2:36:d0:43:62:9e:
3a:fa:cd:04:f2:a3:62:42:d4:68:5b:9b:2a:a6:05:
63:d5:f5:f9:59:01:0a:ce:32:3e:42:c6:b4:ea:af:
84:53:1b:10:5a:65:f9:1d:c3:46:8a:28:1f:21:5e:
c3:e8:5e:30:e7:f5:78:da:82:93:7f:8e:be:dc:9d:
fa:08:15:0f:05:5c:c5:62:02:cb:bc:f4:2a:9f:57:
f0:14:76:f7:05:5f:66:8d:3d:38:62:52:19:22:ca:
1c:8e:52:05:76:e4:98:28:e2:f4:d4:28:28:16:53:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:33:94:F8:85:7E:F1:AC:6A:18:24:61:89:57:34:2A:B2:F7:18:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:800::/40
Signature Algorithm: sha256WithRSAEncryption
64:af:b8:21:15:47:04:3f:bc:db:22:99:23:77:f1:59:ab:7e:
31:da:70:17:e1:89:d6:8b:bd:7a:6d:4c:e0:0a:40:13:a8:2a:
ff:fe:1c:c2:92:6b:2f:d5:35:f2:46:d6:38:5d:e8:c1:27:92:
cf:0b:9f:fd:12:86:49:07:7f:47:39:c1:b2:de:11:f2:91:1c:
35:93:ee:06:45:01:ef:87:9f:94:c0:52:b5:7e:48:57:1a:ce:
c1:ff:30:1b:f2:4a:4f:03:29:86:2d:ee:e8:20:d8:8c:50:b3:
b6:ef:23:62:5f:5a:ed:e3:cd:e0:7b:e3:3a:15:1f:78:7c:5a:
ba:bc:b0:7c:0c:06:82:ee:a2:eb:08:22:45:9c:25:f8:92:55:
26:7f:6d:8e:f4:93:6a:f5:ad:03:1c:95:83:72:08:cd:d0:b9:
56:e8:c5:5b:a8:6a:a7:a3:43:c1:d4:c6:11:a1:19:37:75:27:
7a:99:60:3e:92:fd:23:d4:7a:73:ba:a0:1a:dc:10:8c:78:72:
5e:65:f0:f1:d2:6e:f3:30:1d:cf:d7:8d:26:d9:d4:86:e0:9c:
90:b4:98:04:ed:8d:71:b4:50:bc:06:23:2d:a7:cc:dc:8b:db:
3f:95:8d:ee:a2:20:e5:a4:b7:bc:62:f7:a3:6c:3f:73:e5:3b:
41:72:62:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQxjpMtQnsRs51PlCxp8aH9F0GvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjYxOTM3MTFaFw0yNTA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzOGRiNDY3N2E5ODQ3MTM0ZTU2NzgzZWFhNDE0MTkzZGEzOTI5NjMwYmQ3
MzI0MDBlNWRkNWNjNDVhNWUxYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM59eZ6vDHMpgbjh9DRSa95ze0su4atmoIpMu8mIjjkZ2djNs5drRfL7wTAY
m+Vf/Cfzq8wixGcjCUKbgfN8SOhr7pZd2c72iyvoUPThj6ChLr+yOlz0LAKzlBN/
ZKEJrD/eG/DZrC/keyyn3omYKanZsB+zpdVCa3L+WoE9rm3zu1Us0NpuDRGKinyo
YJSl4jbQQ2KeOvrNBPKjYkLUaFubKqYFY9X1+VkBCs4yPkLGtOqvhFMbEFpl+R3D
RoooHyFew+heMOf1eNqCk3+Ovtyd+ggVDwVcxWICy7z0Kp9X8BR29wVfZo09OGJS
GSLKHI5SBXbkmCji9NQoKBZTRmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7M5T4
hX7xrGoYJGGJVzQqsvcYTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDU4OGY3YTItMjQ3Ny00YmUwLTg3ZDYtODlkMWE0YzdkZjA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HcI
MA0GCSqGSIb3DQEBCwUAA4IBAQBkr7ghFUcEP7zbIpkjd/FZq34x2nAX4YnWi716
bUzgCkATqCr//hzCkmsv1TXyRtY4XejBJ5LPC5/9EoZJB39HOcGy3hHykRw1k+4G
RQHvh5+UwFK1fkhXGs7B/zAb8kpPAymGLe7oINiMULO27yNiX1rt483ge+M6FR94
fFq6vLB8DAaC7qLrCCJFnCX4klUmf22O9JNq9a0DHJWDcgjN0LlW6MVbqGqno0PB
1MYRoRk3dSd6mWA+kv0j1HpzuqAa3BCMeHJeZfDx0m7zMB3P140m2dSG4JyQtJgE
7Y1xtFC8BiMtp8zci9s/lY3uoiDlpLe8YvejbD9z5TtBcmLM
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:35 2025 by rpki-client