Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: qsZnk9Xm4ekesL5lu33T27YvqxZGc7uaQALFU3pINpg=
Subject key identifier: 14:EF:A8:75:20:7E:95:F4:43:5C:0B:21:3C:08:19:E3:8E:D5:CB:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EAA4BC1053085E028E671C130CE3C87D97C2E6C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Wed 05 Mar 2025 17:40:26 +0000
ROA not before: Wed 05 Mar 2025 17:40:26 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:aa:4b:c1:05:30:85:e0:28:e6:71:c1:30:ce:3c:87:d9:7c:2e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:40:26 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:d4:6d:8a:b7:5b:22:22:a5:55:27:62:fb:
55:ee:30:54:2e:ab:da:3e:ba:e3:df:14:9a:3b:1d:
12:1e:32:ed:a8:6c:b8:70:d2:c0:df:b7:96:a6:85:
c5:78:5d:eb:aa:5d:bd:f0:24:2c:bf:d3:59:bc:19:
01:7b:fd:54:34:89:1d:11:ed:2b:84:7a:40:48:e1:
44:a4:e4:24:7d:71:e9:03:15:91:bb:b2:66:bb:bd:
f7:46:a0:81:ed:03:69:ab:cd:7f:a2:59:0a:1b:87:
ed:1d:01:66:4b:c5:2d:88:16:0a:2e:60:2c:98:2c:
ec:9e:09:89:68:15:05:a1:42:aa:fd:31:e8:b6:35:
82:39:0b:f3:95:27:31:d8:0b:38:7b:8d:02:29:1d:
3e:ab:38:99:9b:3d:b9:90:fe:e0:4b:88:06:98:00:
f8:02:3f:6c:ad:0f:9c:49:1e:ac:ab:74:a5:f2:45:
01:4a:fe:f6:9a:b3:7b:a7:b1:2e:a7:1a:8d:59:b3:
63:09:66:5c:0d:be:f2:09:73:39:2a:a3:93:4d:31:
99:e3:fc:da:e5:d8:a2:49:f2:53:3f:91:66:8b:ea:
54:fc:86:3a:f0:90:f3:82:04:e4:9f:eb:3e:7b:1d:
d1:3e:43:50:5f:a2:b1:21:b3:cc:d6:3a:eb:73:f5:
31:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EF:A8:75:20:7E:95:F4:43:5C:0B:21:3C:08:19:E3:8E:D5:CB:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
7c:9e:bd:dd:68:7f:40:b0:fe:bd:9c:8e:41:50:10:7f:70:ff:
5b:16:30:08:59:a3:e7:58:aa:0a:3b:02:c3:49:db:18:66:de:
ab:7f:08:10:bf:a3:1c:07:d6:aa:e6:74:6d:4a:94:d1:f1:5d:
cc:b7:29:bf:ee:f9:01:7b:54:c6:a8:fc:e4:80:06:6d:40:03:
f6:3b:17:15:04:7f:5f:ce:bc:a5:18:fc:f4:08:3b:00:3d:54:
b1:e9:6f:5b:18:6c:db:54:d0:2f:3b:18:f5:74:19:a0:ae:d3:
7e:a8:0b:69:c5:87:b9:7d:25:b6:9a:0c:35:d0:06:7d:ed:95:
84:5d:7f:fa:31:a6:f4:c9:b9:97:32:c9:56:32:5d:1e:63:c1:
ea:a1:63:c5:b0:7a:c2:dd:be:bb:38:fc:92:ff:20:a7:ce:3d:
9e:b3:b7:00:9a:43:b9:54:41:04:16:9c:66:87:0f:7c:c0:78:
33:a9:4a:99:48:5b:bf:53:0e:9b:d6:2a:bc:a6:e9:5b:7a:dd:
e9:c9:ed:8b:b3:2c:8b:bd:27:85:d8:9c:ca:00:d6:9e:e7:a3:
22:20:30:d7:e0:21:12:11:8c:08:2f:a9:c5:4d:80:8a:51:48:
8b:9a:19:a3:d6:1a:8a:a2:4e:c9:40:98:a7:7e:23:ba:d2:e8:
3d:64:5a:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfqpLwQUwheAo5nHBMM48h9l8LmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQwMjZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMmUzZjBkZTM2MmE0NmE4ZmFjNDc0OWJjZjdhNTY4YzIyYjk3OTIyMDlm
OGQyZGZmMTU1OGU2MmZhODk2MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgE1G2Kt1siIqVVJ2L7Ve4wVC6r2j66498UmjsdEh4y7ahsuHDSwN+3lqaF
xXhd66pdvfAkLL/TWbwZAXv9VDSJHRHtK4R6QEjhRKTkJH1x6QMVkbuyZru990ag
ge0DaavNf6JZChuH7R0BZkvFLYgWCi5gLJgs7J4JiWgVBaFCqv0x6LY1gjkL85Un
MdgLOHuNAikdPqs4mZs9uZD+4EuIBpgA+AI/bK0PnEkerKt0pfJFAUr+9pqze6ex
LqcajVmzYwlmXA2+8glzOSqjk00xmeP82uXYoknyUz+RZovqVPyGOvCQ84IE5J/r
Pnsd0T5DUF+isSGzzNY663P1MTECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQU76h1
IH6V9ENcCyE8CBnjjtXLtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQB8nr3daH9AsP69nI5BUBB/cP9bFjAIWaPnWKoK
OwLDSdsYZt6rfwgQv6McB9aq5nRtSpTR8V3Mtym/7vkBe1TGqPzkgAZtQAP2OxcV
BH9fzrylGPz0CDsAPVSx6W9bGGzbVNAvOxj1dBmgrtN+qAtpxYe5fSW2mgw10AZ9
7ZWEXX/6Mab0ybmXMslWMl0eY8HqoWPFsHrC3b67OPyS/yCnzj2es7cAmkO5VEEE
Fpxmhw98wHgzqUqZSFu/Uw6b1iq8pulbet3pye2LsyyLvSeF2JzKANae56MiIDDX
4CESEYwIL6nFTYCKUUiLmhmj1hqKok7JQJinfiO60ug9ZFo+
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:39 2025 by rpki-client