Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json)
Hash identifier: 9uXDtCNRUhu+XI3TxCTPiOd1GAPk433873oTeLupeYw=
Subject key identifier: AE:2D:47:A0:88:65:3E:D1:38:29:16:79:30:9F:EF:C3:50:36:8E:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C124DD055514FD5786FBE2DC8D3BCF7E2425D66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
Signing time: Wed 05 Mar 2025 16:20:56 +0000
ROA not before: Wed 05 Mar 2025 16:20:56 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:12:4d:d0:55:51:4f:d5:78:6f:be:2d:c8:d3:bc:f7:e2:42:5d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:20:56 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4a:dc:7e:c8:d7:d4:aa:b0:b6:a1:e0:a6:01:
fb:1b:40:3f:c5:43:fc:fa:90:eb:89:52:3e:01:3b:
42:15:7d:d8:96:a5:16:11:d6:d6:4f:5d:a3:a9:51:
49:37:8f:27:92:9c:68:d7:31:41:c0:30:75:1d:c1:
0b:68:5f:64:72:4c:74:47:44:37:51:ba:1a:d2:1f:
44:37:7c:ab:b0:0f:b7:ba:9f:ef:bc:04:0c:f7:60:
11:00:f3:c6:0d:ff:b3:57:c1:3a:78:5b:30:18:4a:
87:d3:ac:c4:d9:54:2e:42:0b:41:57:da:c6:ed:f7:
50:8c:dd:4a:e1:1e:97:8e:e2:d6:45:c7:9b:bf:3c:
9b:ee:1a:95:ca:40:83:06:ba:d7:cb:69:44:84:b1:
97:d6:48:07:3b:6a:49:fc:cd:29:80:30:5b:08:aa:
1d:bc:7f:c2:bd:45:9d:29:26:51:c6:12:a4:43:85:
75:28:c3:d4:75:97:62:60:60:56:81:b5:30:83:ff:
71:cc:92:a6:04:f9:3b:af:e0:14:ab:bc:68:d6:80:
72:3c:41:af:d0:22:c2:78:c5:7d:b2:6e:63:76:c2:
84:ef:65:a2:bf:c6:22:20:7f:03:8b:50:96:1e:09:
b2:67:7b:2a:77:bb:b0:5e:34:70:71:57:ae:8d:cb:
e1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2D:47:A0:88:65:3E:D1:38:29:16:79:30:9F:EF:C3:50:36:8E:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1080::/48
Signature Algorithm: sha256WithRSAEncryption
aa:04:aa:c7:2c:dd:34:cf:96:23:63:1a:4d:54:86:bd:e7:db:
c2:76:13:01:f7:0c:08:37:6d:74:ba:be:db:d7:f8:5d:b0:33:
a5:c9:2b:63:29:95:91:9e:2f:25:39:21:5b:8a:69:c5:b0:48:
87:7a:a0:eb:fa:2c:f0:dc:85:6b:69:03:dd:38:b5:1e:56:cc:
8d:40:3d:ab:e9:7b:10:1d:fe:35:b0:58:2d:f9:51:44:b1:84:
be:41:3e:24:6c:b9:30:a1:bb:30:49:7a:28:93:31:83:f0:35:
ce:68:a1:3e:d0:96:c6:57:33:9b:38:b5:2c:2d:45:b2:f5:60:
21:7e:26:c1:a5:ff:25:f7:72:61:22:5f:6e:82:fc:86:ce:88:
d4:1a:28:0f:f7:dc:69:5f:b1:12:a1:f0:1f:a1:ca:cf:9a:19:
89:87:57:d3:bd:4a:5e:3c:29:d5:b0:cb:e7:15:36:43:8f:5b:
0c:12:15:5d:c7:a4:d8:0c:5c:aa:98:35:b4:ef:a2:24:0c:c1:
bc:b8:ee:35:ea:f5:5a:f8:97:ce:e8:dd:32:bb:2a:27:72:0f:
22:2f:c9:0c:cc:a1:60:f9:17:ea:db:3c:ab:f0:35:13:a8:0e:
27:b3:fe:44:d1:fe:39:aa:f2:53:a2:bc:67:28:65:54:bd:31:
59:73:e9:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHBJN0FVRT9V4b74tyNO89+JCXWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjIwNTZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZmI3OGUzNTE2ZGIwYmFkMGUzYzgzMDViY2ZiNDgzMjU3Yzk5NDZlNDA4
NWI2NjczYTU5NGJhMzhlYjU2N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9K3H7I19SqsLah4KYB+xtAP8VD/PqQ64lSPgE7QhV92JalFhHW1k9do6lR
STePJ5KcaNcxQcAwdR3BC2hfZHJMdEdEN1G6GtIfRDd8q7APt7qf77wEDPdgEQDz
xg3/s1fBOnhbMBhKh9OsxNlULkILQVfaxu33UIzdSuEel47i1kXHm788m+4alcpA
gwa618tpRISxl9ZIBztqSfzNKYAwWwiqHbx/wr1FnSkmUcYSpEOFdSjD1HWXYmBg
VoG1MIP/ccySpgT5O6/gFKu8aNaAcjxBr9AiwnjFfbJuY3bChO9lor/GIiB/A4tQ
lh4Jsmd7Kne7sF40cHFXro3L4TECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSuLUeg
iGU+0TgpFnkwn+/DUDaOnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAqgSqxyzdNM+WI2MaTVSGvefbwnYTAfcMCDdt
dLq+29f4XbAzpckrYymVkZ4vJTkhW4ppxbBIh3qg6/os8NyFa2kD3Ti1HlbMjUA9
q+l7EB3+NbBYLflRRLGEvkE+JGy5MKG7MEl6KJMxg/A1zmihPtCWxlczmzi1LC1F
svVgIX4mwaX/JfdyYSJfboL8hs6I1BooD/fcaV+xEqHwH6HKz5oZiYdX071KXjwp
1bDL5xU2Q49bDBIVXcek2Axcqpg1tO+iJAzBvLjuNer1WviXzujdMrsqJ3IPIi/J
DMyhYPkX6ts8q/A1E6gOJ7P+RNH+OaryU6K8ZyhlVL0xWXPplw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:26 2025 by rpki-client