Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: kZu7RJ8e0WTkFiHMc1NXRj7tLkHIKek5/hs5Hzvpf0s=
Subject key identifier: 73:F0:4B:3D:C3:DE:60:46:B7:ED:1D:66:A3:6C:7E:93:0D:36:0E:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BAF6F97A2E052BDC2FA9930BACB1524BF50DA2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Wed 05 Mar 2025 17:31:22 +0000
ROA not before: Wed 05 Mar 2025 17:31:22 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:af:6f:97:a2:e0:52:bd:c2:fa:99:30:ba:cb:15:24:bf:50:da:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:31:22 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:82:55:26:5f:56:20:de:6e:da:28:05:2a:eb:
31:5c:69:21:50:10:ea:28:62:f7:2c:97:f9:6b:7a:
42:45:eb:d2:e8:37:0a:59:75:b8:5e:12:09:f1:15:
a7:9b:13:d6:f1:69:3e:88:f4:85:91:2e:b4:1a:0b:
47:ca:e1:b0:71:f6:52:9f:a4:99:7b:77:fe:e3:54:
a9:14:d4:c8:26:79:ed:c2:2a:29:98:d2:fc:43:4e:
92:5d:7d:66:8a:44:ff:a8:00:a1:82:ac:42:d8:95:
75:f6:1b:9b:33:5c:d1:6d:3f:9e:a5:e4:60:f3:8d:
f8:3e:22:27:c0:0a:59:8f:1b:3d:0e:e7:fd:d0:6a:
97:f1:ff:7d:65:d7:c6:1d:cf:6f:b4:d7:06:6b:96:
91:e2:39:60:3f:bd:92:6d:ab:a9:94:2b:61:ef:6b:
c1:f4:05:60:a6:44:16:22:d6:64:7a:29:9d:64:1f:
3f:68:a2:f5:98:a9:14:e0:f0:ed:c6:47:c4:90:f1:
c2:f6:a7:98:a8:d3:58:b2:81:8c:2c:f6:74:ea:77:
64:93:b4:20:8f:a6:a1:73:8a:a6:25:6c:4f:11:29:
67:ed:10:2d:fd:c0:63:5a:84:af:77:4c:32:25:4b:
d0:19:46:45:5c:77:13:04:b4:8f:8a:7f:71:fa:8b:
ba:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F0:4B:3D:C3:DE:60:46:B7:ED:1D:66:A3:6C:7E:93:0D:36:0E:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
72:fc:fe:82:5b:68:e5:c3:8f:2c:21:e8:27:cf:c0:45:d9:97:
ae:c2:f8:c1:e4:56:19:34:7a:2f:20:42:78:01:60:47:42:d4:
2d:b9:41:23:09:f3:3e:e0:ff:a9:be:08:2d:7a:b5:bc:1a:c8:
fa:b1:b9:d3:1f:b8:dd:43:14:00:15:c1:9c:3a:b2:b8:98:d1:
f8:f4:a3:31:01:a6:34:a8:9f:83:1e:2d:f5:e3:ac:f7:7d:5d:
a1:be:65:22:8d:fc:b2:cb:95:c5:cb:6e:ce:d3:3a:39:f5:62:
f7:9d:39:26:4c:5c:4b:95:87:74:48:71:84:8f:5b:39:b5:d4:
a1:67:69:93:98:38:cd:d9:97:5f:37:57:97:bf:64:32:b5:8f:
60:cd:47:97:49:74:42:58:35:e8:6d:8b:1d:20:3c:99:55:7a:
89:ae:d3:ee:d4:f1:1a:80:e6:8b:40:f1:ed:1d:92:b1:81:0e:
91:4b:69:47:77:c9:9a:34:c9:ea:3a:51:6d:cd:2f:20:4e:a5:
c4:7a:f9:9a:64:63:2e:57:90:41:1c:b1:e5:b9:8f:3e:f9:e1:
cb:02:dd:39:30:b8:e0:34:5c:7f:9d:5b:8f:1f:2d:0f:ba:6c:
de:85:a7:9e:48:3f:e3:f9:9c:a3:a5:2d:2b:92:4c:b1:bd:ef:
2c:aa:04:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO69vl6LgUr3C+pkwussVJL9Q2i4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzMxMjJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlZTJhYzA3ODA3OGQ3YjljMjU4NDMwMjc0NzFjYTljN2M2ZDNjZmRlMWQy
ZTg0NDA5NzYyMTRiY2Q4OTU3NDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyCVSZfViDebtooBSrrMVxpIVAQ6ihi9yyX+Wt6QkXr0ug3Cll1uF4SCfEV
p5sT1vFpPoj0hZEutBoLR8rhsHH2Up+kmXt3/uNUqRTUyCZ57cIqKZjS/ENOkl19
ZopE/6gAoYKsQtiVdfYbmzNc0W0/nqXkYPON+D4iJ8AKWY8bPQ7n/dBql/H/fWXX
xh3Pb7TXBmuWkeI5YD+9km2rqZQrYe9rwfQFYKZEFiLWZHopnWQfP2ii9ZipFODw
7cZHxJDxwvanmKjTWLKBjCz2dOp3ZJO0II+moXOKpiVsTxEpZ+0QLf3AY1qEr3dM
MiVL0BlGRVx3EwS0j4p/cfqLuq8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRz8Es9
w95gRrftHWajbH6TDTYOuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQBy/P6CW2jlw48sIegnz8BF2ZeuwvjB5FYZNHov
IEJ4AWBHQtQtuUEjCfM+4P+pvggterW8Gsj6sbnTH7jdQxQAFcGcOrK4mNH49KMx
AaY0qJ+DHi3146z3fV2hvmUijfyyy5XFy27O0zo59WL3nTkmTFxLlYd0SHGEj1s5
tdShZ2mTmDjN2ZdfN1eXv2QytY9gzUeXSXRCWDXobYsdIDyZVXqJrtPu1PEagOaL
QPHtHZKxgQ6RS2lHd8maNMnqOlFtzS8gTqXEevmaZGMuV5BBHLHluY8++eHLAt05
MLjgNFx/nVuPHy0PumzehaeeSD/j+ZyjpS0rkkyxve8sqgSG
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:25 2025 by rpki-client