Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: VbNtOr11ARM49hsvddbMrxCiUy94iiZZFFSil9jZE7Q=
Subject key identifier: 51:EB:8D:D7:63:6D:87:CE:35:43:BF:6F:B8:9F:1E:0B:DA:11:A6:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07A826477BF810C6F98DA084AA3F331C2EE20538
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Wed 05 Mar 2025 16:21:11 +0000
ROA not before: Wed 05 Mar 2025 16:21:11 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:a8:26:47:7b:f8:10:c6:f9:8d:a0:84:aa:3f:33:1c:2e:e2:05:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:21:11 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bf:01:48:aa:78:8a:dd:e5:c7:99:66:8d:51:
a0:14:4b:b1:e3:70:b1:da:16:76:63:bf:72:e2:87:
a7:6c:ad:c0:8e:b1:61:62:21:bc:d5:7d:51:ee:d8:
4d:cf:b8:bb:ce:0b:cd:1a:7d:46:b1:38:9c:02:0a:
e2:d0:90:d7:fe:fe:9a:c3:50:47:05:5d:c5:46:48:
e0:87:df:59:31:77:db:1e:98:18:b3:c8:04:11:5e:
ef:25:4c:ed:eb:8d:e4:30:34:94:98:d8:29:c1:50:
db:a2:f9:57:e3:9f:42:ae:a0:11:dd:c2:45:60:c2:
62:41:4e:02:c3:8f:ed:f2:34:4d:50:17:ce:60:1c:
30:73:82:f7:64:14:6e:19:65:05:13:e4:be:60:1c:
b6:4e:77:75:0f:c0:58:7d:8e:73:cd:ed:d4:6d:a7:
25:cf:b0:7c:07:fa:44:4d:b8:1a:bf:e2:92:e8:98:
6d:b7:83:3d:26:bb:ad:a3:88:ab:33:db:02:4e:a3:
10:d6:61:e6:04:03:76:8b:4d:dd:bd:f4:3d:3c:b2:
ee:3f:2c:c5:86:44:24:2b:41:09:68:27:c1:19:9d:
48:57:15:bb:41:b4:44:1e:d4:16:32:55:5d:8e:53:
ba:97:af:de:0b:8c:e5:08:e4:02:9e:78:5d:22:16:
35:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:EB:8D:D7:63:6D:87:CE:35:43:BF:6F:B8:9F:1E:0B:DA:11:A6:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
1e:ea:2d:ac:5e:a6:07:1b:c0:b4:67:cc:16:3d:35:a2:4c:c5:
97:2b:d7:c7:09:fa:08:76:16:c4:8e:96:09:45:43:b3:72:7e:
15:5d:4a:5d:88:14:c1:a2:df:21:e5:d8:d2:15:73:23:76:4d:
3f:2f:17:49:d7:4a:ba:cb:18:1e:39:72:b7:e0:fd:16:c8:f1:
80:de:50:4f:3c:97:fc:be:f2:cd:b1:bf:4c:f8:fc:b7:d6:0c:
70:5e:e0:33:e6:c5:af:40:97:69:3c:7e:3e:9b:58:5a:0b:4e:
3e:d4:50:46:9b:72:d3:66:1b:c1:ac:25:bf:22:6d:9a:00:d0:
5f:25:97:93:31:9a:56:a9:2e:82:cd:6b:eb:59:16:eb:df:99:
e5:58:54:cc:63:eb:6e:dd:e7:80:e3:ce:52:88:b4:ef:81:3e:
23:6d:f3:92:ae:f2:f3:9c:d2:15:d2:da:95:37:64:d0:f9:0e:
2d:d1:1e:4c:60:38:43:6f:06:ae:08:e1:3e:32:14:d2:e0:b5:
c7:e0:ee:ac:5a:4f:d1:ec:1a:15:01:38:57:d7:97:6f:22:e9:
3c:77:b1:78:3b:90:22:5e:bf:ec:da:ac:99:e3:9f:9d:4f:22:
6a:bf:a8:2d:b6:ef:d1:c0:f5:18:82:91:65:7e:2f:ba:78:cb:
b4:e4:5b:1d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB6gmR3v4EMb5jaCEqj8zHC7iBTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjIxMTFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MmQ0NTRhZGI5Yzc4NDVkOTcyYzk0NzI4OWJmMGMyYzhhNzA0YTNjNzE3
M2E4MjMxMDBiN2VjZDgwMmE0ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALi/AUiqeIrd5ceZZo1RoBRLseNwsdoWdmO/cuKHp2ytwI6xYWIhvNV9Ue7Y
Tc+4u84LzRp9RrE4nAIK4tCQ1/7+msNQRwVdxUZI4IffWTF32x6YGLPIBBFe7yVM
7euN5DA0lJjYKcFQ26L5V+OfQq6gEd3CRWDCYkFOAsOP7fI0TVAXzmAcMHOC92QU
bhllBRPkvmActk53dQ/AWH2Oc83t1G2nJc+wfAf6RE24Gr/ikuiYbbeDPSa7raOI
qzPbAk6jENZh5gQDdotN3b30PTyy7j8sxYZEJCtBCWgnwRmdSFcVu0G0RB7UFjJV
XY5Tupev3guM5QjkAp54XSIWNWkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRR643X
Y22HzjVDv2+4nx4L2hGmOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEAHuotrF6mBxvAtGfMFj01okzFlyvXxwn6CHYW
xI6WCUVDs3J+FV1KXYgUwaLfIeXY0hVzI3ZNPy8XSddKussYHjlyt+D9FsjxgN5Q
TzyX/L7yzbG/TPj8t9YMcF7gM+bFr0CXaTx+PptYWgtOPtRQRpty02YbwawlvyJt
mgDQXyWXkzGaVqkugs1r61kW69+Z5VhUzGPrbt3ngOPOUoi074E+I23zkq7y85zS
FdLalTdk0PkOLdEeTGA4Q28GrgjhPjIU0uC1x+DurFpP0ewaFQE4V9eXbyLpPHex
eDuQIl6/7NqsmeOfnU8iar+oLbbv0cD1GIKRZX4vunjLtORbHQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:38 2025 by rpki-client