Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: 02nui3w3aITK7cgR6JcZUjB0OB3LvgTrse/FtWtxN7o=
Subject key identifier: 06:23:1A:3F:CD:1C:93:AA:4E:2F:98:5A:A3:D2:B0:DD:09:FE:02:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06BF7B8147DDEE83B5B179EEAB5ED93A1ADA6336
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Wed 05 Mar 2025 16:40:54 +0000
ROA not before: Wed 05 Mar 2025 16:40:54 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:bf:7b:81:47:dd:ee:83:b5:b1:79:ee:ab:5e:d9:3a:1a:da:63:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:40:54 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1a:82:04:83:5d:b7:83:73:44:9d:5e:eb:1a:
55:73:79:75:b1:c8:09:e5:f7:8a:2d:de:f1:41:11:
3a:89:3d:37:61:43:04:30:0b:16:47:6e:60:69:03:
72:44:82:c3:b0:26:54:0b:57:d6:1f:12:54:b5:5c:
bb:e6:50:d8:40:4c:0c:ac:60:a9:46:14:89:bd:fe:
f9:56:c3:1c:4c:85:9b:01:75:24:3c:45:6c:df:74:
2a:fe:fa:d5:63:e2:59:da:58:2e:da:c1:e1:88:12:
e2:dd:33:1b:01:6b:ab:57:75:49:7b:9a:fe:f8:4c:
c8:3c:bd:a6:f3:17:5b:57:75:e3:1d:16:78:05:50:
19:82:42:3d:4e:29:17:b4:ed:8c:ab:32:e7:f4:3d:
05:67:69:a4:0a:38:41:3d:50:e7:18:48:64:13:b1:
58:fe:8e:6c:d4:bc:82:13:79:16:aa:f3:45:ab:4f:
53:a8:91:47:b0:91:be:94:a3:50:5e:ee:76:ed:48:
44:8f:ff:0a:cc:1a:49:66:b2:61:36:62:05:a4:c6:
d8:12:e7:ed:e3:cc:89:6f:91:e1:e6:5d:1d:93:52:
f8:0b:90:f5:fc:16:13:6f:d3:76:a0:0b:5a:2d:20:
05:7b:f1:62:e6:0a:e4:77:46:fb:53:79:5f:1d:47:
4b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:23:1A:3F:CD:1C:93:AA:4E:2F:98:5A:A3:D2:B0:DD:09:FE:02:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
5c:0b:ce:13:bb:fe:72:73:06:da:83:6e:a0:d8:dc:e2:95:5e:
36:20:bb:94:79:04:5e:a6:b0:b3:0a:25:ad:ae:f8:ec:6d:b5:
fc:9f:76:ac:38:7f:c2:30:5c:29:6e:c8:aa:f7:87:e0:86:ff:
f2:7b:ef:c5:01:e3:1f:4b:64:62:7e:72:de:73:50:1c:98:95:
fc:f5:e1:c6:7d:b3:ca:85:25:d1:c5:4e:ce:f7:69:34:43:ad:
73:13:70:70:06:cc:4a:af:ae:a4:ca:9f:94:15:1e:d6:73:50:
c8:d9:e5:8e:8c:6c:1f:54:40:99:c4:16:3f:f5:95:50:5f:bd:
6c:98:6f:3b:a5:bb:ba:f7:d4:10:17:e8:fc:65:1e:7b:2f:e7:
37:43:93:68:19:58:e8:d9:e1:d5:cd:d8:0e:dd:b4:18:ba:40:
25:4f:c8:80:31:56:b3:4d:62:50:68:ac:d2:80:a6:9c:f9:fd:
29:d9:64:24:cc:5b:db:a8:c1:28:be:3a:28:1d:a4:46:f2:6d:
9f:24:b3:b5:7e:9a:d7:02:8d:be:63:00:fc:8a:2e:91:79:af:
c0:6d:50:4b:6c:89:49:c0:8c:5a:0a:c4:35:9f:ca:4f:c4:63:
23:63:56:86:fe:1b:58:36:bc:1b:05:9b:c5:83:7e:f1:4f:77:
b4:07:f7:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBr97gUfd7oO1sXnuq17ZOhraYzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjQwNTRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0YTcxN2UzOTJhY2ViYjY3ZTU2ZTA2YzAzODlhYmJhYjZhZWMxYjc0ZWE1
OWVlNzU5MzE0MTZlY2QxNDk3ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMaggSDXbeDc0SdXusaVXN5dbHICeX3ii3e8UEROok9N2FDBDALFkduYGkD
ckSCw7AmVAtX1h8SVLVcu+ZQ2EBMDKxgqUYUib3++VbDHEyFmwF1JDxFbN90Kv76
1WPiWdpYLtrB4YgS4t0zGwFrq1d1SXua/vhMyDy9pvMXW1d14x0WeAVQGYJCPU4p
F7TtjKsy5/Q9BWdppAo4QT1Q5xhIZBOxWP6ObNS8ghN5FqrzRatPU6iRR7CRvpSj
UF7udu1IRI//CswaSWayYTZiBaTG2BLn7ePMiW+R4eZdHZNS+AuQ9fwWE2/TdqAL
Wi0gBXvxYuYK5HdG+1N5Xx1HS+ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGIxo/
zRyTqk4vmFqj0rDdCf4CKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEAXAvOE7v+cnMG2oNuoNjc4pVeNiC7lHkEXqaw
swolra747G21/J92rDh/wjBcKW7IqveH4Ib/8nvvxQHjH0tkYn5y3nNQHJiV/PXh
xn2zyoUl0cVOzvdpNEOtcxNwcAbMSq+upMqflBUe1nNQyNnljoxsH1RAmcQWP/WV
UF+9bJhvO6W7uvfUEBfo/GUeey/nN0OTaBlY6Nnh1c3YDt20GLpAJU/IgDFWs01i
UGis0oCmnPn9KdlkJMxb26jBKL46KB2kRvJtnySztX6a1wKNvmMA/IoukXmvwG1Q
S2yJScCMWgrENZ/KT8RjI2NWhv4bWDa8GwWbxYN+8U93tAf3Dg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:19 2025 by rpki-client