Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: TBUAJkg4xOz4xHZggnELTb3Gu7TZUglNDfiE17X17x0=
Subject key identifier: 02:CB:7C:AB:82:BB:74:B0:C8:22:AA:F1:3F:90:0A:47:0B:54:5C:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C28C628C49E2ED90C83E449C0F0E4E4A4C83A9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Wed 05 Mar 2025 17:50:25 +0000
ROA not before: Wed 05 Mar 2025 17:50:25 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:28:c6:28:c4:9e:2e:d9:0c:83:e4:49:c0:f0:e4:e4:a4:c8:3a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:50:25 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d5:fb:dc:63:f1:0a:76:a4:59:0a:b1:f2:61:
75:a9:63:a0:e3:cd:af:d8:5d:2e:44:89:59:bb:2d:
4b:4d:66:41:9b:a7:89:1a:0c:e9:df:28:cb:23:33:
fb:8d:66:06:88:e8:98:9d:bd:1d:4d:ce:89:de:13:
95:53:ed:59:d6:0c:ba:2a:31:d8:1d:08:36:6d:9e:
47:0b:11:cd:9a:f2:ed:ba:a8:ee:f6:52:00:f4:eb:
a5:db:70:36:12:de:46:3f:af:18:95:61:17:77:56:
d3:93:c8:ff:6a:3f:38:b7:75:e5:97:a2:f1:fe:df:
01:e4:32:bb:ff:67:49:c3:96:8a:b6:52:c7:91:38:
6f:21:f5:76:5a:4b:c4:bf:1c:34:f2:cd:cd:2d:4a:
1b:d4:8c:fe:d6:bf:04:2f:91:ba:f4:4d:ec:90:d2:
07:cf:2d:47:0d:62:db:2e:2b:d0:de:e9:ac:17:47:
19:74:1e:c5:a3:68:5e:1a:45:ea:52:e3:9a:82:f3:
84:6b:01:6f:31:58:be:10:ba:1b:0c:18:42:6c:ed:
bc:89:d3:62:5c:19:bc:35:f6:81:63:f2:dd:7c:84:
6b:9d:17:d8:38:25:73:b7:67:44:0e:96:05:19:7a:
41:19:85:40:0f:24:36:9c:70:63:7f:96:bc:75:e0:
3e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CB:7C:AB:82:BB:74:B0:C8:22:AA:F1:3F:90:0A:47:0B:54:5C:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
6c:30:fa:e3:f7:23:2f:e9:51:58:48:b6:49:69:00:60:26:2f:
94:65:37:1c:df:5a:73:96:31:04:52:e2:21:3e:3d:d1:36:e4:
69:5b:c0:48:88:a8:b6:cd:a5:18:04:29:5c:b8:f9:08:38:15:
2e:a5:cc:02:4f:e0:e5:96:19:d8:2c:a5:f1:db:30:d7:64:97:
a9:15:03:31:d8:93:da:31:39:f6:a6:fe:fe:c8:2f:6c:7a:2d:
fc:02:f1:b2:d6:4c:34:e2:18:d9:56:ac:1d:75:c0:a5:73:ad:
b7:9f:3b:22:37:3f:9e:bc:83:d3:50:ae:1e:7d:59:5f:b0:e7:
02:3c:3c:55:e4:91:65:b3:23:91:17:57:45:95:97:d0:0e:ce:
13:e0:a1:b5:32:33:23:91:b0:20:f0:47:03:bf:6a:99:27:1a:
d0:f0:e9:92:bc:fa:17:9e:be:8b:15:45:bf:93:70:b1:6e:4a:
f3:18:9d:e8:e9:19:ac:e2:b8:bc:b3:13:aa:24:3b:33:9c:18:
00:a3:cb:d8:3d:b4:55:3f:df:b9:5e:39:05:6b:84:23:2a:ec:
be:a4:f6:ef:9e:9b:bc:ec:03:41:e9:ae:48:fc:af:4f:1b:a9:
7f:5f:30:1d:19:af:e9:93:50:72:9f:af:aa:21:78:03:04:a3:
d5:0e:c5:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbCjGKMSeLtkMg+RJwPDk5KTIOp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzUwMjVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNDMyOTdlNTRiYTczYjg3Y2JlZjhkYzU0ZDU5MWE0NGM3MDE4NGNhOTJi
ZTU0OTZjNzRhYmU1NzRiZGZmOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLV+9xj8Qp2pFkKsfJhdaljoOPNr9hdLkSJWbstS01mQZuniRoM6d8oyyMz
+41mBojomJ29HU3Oid4TlVPtWdYMuiox2B0INm2eRwsRzZry7bqo7vZSAPTrpdtw
NhLeRj+vGJVhF3dW05PI/2o/OLd15Zei8f7fAeQyu/9nScOWirZSx5E4byH1dlpL
xL8cNPLNzS1KG9SM/ta/BC+RuvRN7JDSB88tRw1i2y4r0N7prBdHGXQexaNoXhpF
6lLjmoLzhGsBbzFYvhC6GwwYQmztvInTYlwZvDX2gWPy3XyEa50X2Dglc7dnRA6W
BRl6QRmFQA8kNpxwY3+WvHXgPvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCy3yr
grt0sMgiqvE/kApHC1RclDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBsMPrj9yMv6VFYSLZJaQBgJi+UZTcc31pzljEE
UuIhPj3RNuRpW8BIiKi2zaUYBClcuPkIOBUupcwCT+DllhnYLKXx2zDXZJepFQMx
2JPaMTn2pv7+yC9sei38AvGy1kw04hjZVqwddcClc623nzsiNz+evIPTUK4efVlf
sOcCPDxV5JFlsyORF1dFlZfQDs4T4KG1MjMjkbAg8EcDv2qZJxrQ8OmSvPoXnr6L
FUW/k3CxbkrzGJ3o6Rms4ri8sxOqJDsznBgAo8vYPbRVP9+5XjkFa4QjKuy+pPbv
npu87ANB6a5I/K9PG6l/XzAdGa/pk1Byn6+qIXgDBKPVDsXZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:44 2025 by rpki-client