Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: ZOp5KmwK8s3iCvCpLjOTdlo+QAKAFHtEXH7myUpIDqM=
Subject key identifier: AC:4E:28:81:30:5E:E2:51:07:5A:7B:DC:20:83:1D:87:C0:AE:AC:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4318BEC1335A2068B3062206E5A7C4A974D8CBD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Wed 05 Mar 2025 17:31:21 +0000
ROA not before: Wed 05 Mar 2025 17:31:21 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:18:be:c1:33:5a:20:68:b3:06:22:06:e5:a7:c4:a9:74:d8:cb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:31:21 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:73:f8:93:df:5c:a3:4f:ef:d8:64:b3:96:
d5:81:8f:94:74:fa:de:9d:01:a2:e1:3d:49:4e:ba:
ec:67:e3:1a:13:9b:1b:22:19:44:91:5e:ff:7f:ae:
ee:01:b0:73:42:2d:20:f7:60:00:e8:ee:db:47:b8:
e3:33:1d:81:0e:fc:40:6f:bd:52:6f:1f:95:4e:92:
24:0f:c3:77:24:dd:1f:8b:80:3e:cb:af:76:a4:8d:
a6:c5:a7:ad:98:8f:14:55:ba:d6:3c:4d:b5:b9:d0:
cd:c3:ce:7e:a2:a1:d8:e4:53:bc:f2:9e:69:f6:69:
df:9b:72:93:13:54:6a:1f:6d:c6:9d:be:c2:3c:0c:
58:7a:ee:72:76:61:ab:83:fb:88:ed:09:db:c5:b7:
ab:8c:9e:c1:89:12:e4:52:2a:a2:df:41:79:2f:b3:
bf:49:31:e0:7b:89:c5:0f:a0:cd:e2:f9:51:df:9d:
25:b4:8b:f0:0c:bd:21:96:52:74:8b:f3:53:17:4e:
03:06:3d:24:97:5a:24:dc:e0:56:f8:65:17:c3:bb:
63:10:bd:93:76:20:8e:49:4c:fd:39:15:05:db:12:
1b:00:68:69:df:a6:52:83:67:2b:87:18:2b:b3:69:
28:0b:78:64:a1:d2:9a:0b:17:30:0c:f2:95:12:d2:
e6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4E:28:81:30:5E:E2:51:07:5A:7B:DC:20:83:1D:87:C0:AE:AC:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:c4:d9:a0:e9:18:d3:d4:25:87:d0:a7:e7:c7:98:cd:dc:2c:
82:ca:bf:c9:83:fe:da:88:8c:ba:a2:f6:9b:48:48:87:eb:0c:
14:a2:1f:15:b4:2c:49:b3:7b:4b:40:6d:75:c7:6e:0e:af:76:
a5:4c:75:f4:87:56:d4:fa:67:9b:63:02:30:f3:c7:91:78:a4:
ae:f3:1a:cd:23:6d:8d:f1:c3:b1:c2:81:a4:b6:d4:7e:e2:51:
a3:75:0c:46:f1:2e:3e:eb:09:82:f1:ba:ed:c2:75:71:8f:f4:
5d:11:4d:c4:95:e4:7a:76:00:ed:35:c6:0f:6a:bc:11:c6:85:
a9:81:d7:4b:6b:3e:57:a8:3a:db:86:6a:a3:5f:3f:f7:97:98:
2d:33:73:4e:3d:c2:98:67:6f:bf:96:de:00:a8:6e:f2:10:bd:
de:24:0a:45:05:1d:7b:88:c9:95:e5:8f:f5:10:ea:d1:5b:0e:
a6:4e:72:71:a2:8c:b4:5d:24:23:ba:d5:df:c5:cd:8b:5e:d5:
31:e2:e0:d3:ed:e1:b6:24:2e:27:ba:d0:e3:58:2b:27:a3:c2:
0a:99:6b:ee:e5:1d:ce:30:f7:c1:c0:4a:04:4b:96:b9:68:87:
8d:10:38:6c:38:4e:1d:fe:3e:b1:c3:78:04:0f:9a:4b:3a:63:
a4:a4:dc:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQxi+wTNaIGizBiIG5afEqXTYy9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzMxMjFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzN2JlZGM2Mjg4NDZkMTdkOGU1ZmI3MDJlY2FhMTE3ODQ0YTJhOTU0Y2Ey
NjNiNzE4NWYxZjQ2Y2NmYzY2NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd6c/iT31yjT+/YZLOW1YGPlHT63p0BouE9SU667GfjGhObGyIZRJFe/3+u
7gGwc0ItIPdgAOju20e44zMdgQ78QG+9Um8flU6SJA/DdyTdH4uAPsuvdqSNpsWn
rZiPFFW61jxNtbnQzcPOfqKh2ORTvPKeafZp35tykxNUah9txp2+wjwMWHrucnZh
q4P7iO0J28W3q4yewYkS5FIqot9BeS+zv0kx4HuJxQ+gzeL5Ud+dJbSL8Ay9IZZS
dIvzUxdOAwY9JJdaJNzgVvhlF8O7YxC9k3YgjklM/TkVBdsSGwBoad+mUoNnK4cY
K7NpKAt4ZKHSmgsXMAzylRLS5pMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsTiiB
MF7iUQdae9wggx2HwK6saTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQClxNmg6RjT1CWH0Kfnx5jN3CyCyr/Jg/7aiIy6
ovabSEiH6wwUoh8VtCxJs3tLQG11x24Or3alTHX0h1bU+mebYwIw88eReKSu8xrN
I22N8cOxwoGkttR+4lGjdQxG8S4+6wmC8brtwnVxj/RdEU3EleR6dgDtNcYParwR
xoWpgddLaz5XqDrbhmqjXz/3l5gtM3NOPcKYZ2+/lt4AqG7yEL3eJApFBR17iMmV
5Y/1EOrRWw6mTnJxooy0XSQjutXfxc2LXtUx4uDT7eG2JC4nutDjWCsno8IKmWvu
5R3OMPfBwEoES5a5aIeNEDhsOE4d/j6xw3gED5pLOmOkpNyV
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:48 2025 by rpki-client