Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: tp7JZt8riMoQwIOMbo8yTdrO2uvUZVylb3/PgD493xk=
Subject key identifier: D5:92:1D:74:72:AE:A9:07:53:80:90:58:DF:81:F6:04:52:EC:BD:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12FAF8392DC22C32E4C81CFCECA2986610BAA173
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Wed 05 Mar 2025 22:06:56 +0000
ROA not before: Wed 05 Mar 2025 22:06:56 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:fa:f8:39:2d:c2:2c:32:e4:c8:1c:fc:ec:a2:98:66:10:ba:a1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 22:06:56 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:c2:b1:df:87:15:06:c3:4e:24:df:11:ec:
e2:3f:aa:a1:27:5e:c8:81:e7:07:cd:4a:e9:0d:ae:
5c:59:20:1f:02:7c:e1:07:55:44:9e:47:9a:44:80:
8a:7f:f7:98:84:09:f9:af:fa:a3:2e:be:cf:eb:36:
2a:56:1d:66:cc:b6:1f:45:b9:6e:31:80:e5:b5:d3:
29:21:93:30:14:df:02:fc:cb:89:a5:82:ec:51:74:
68:09:1a:02:29:b1:17:bd:b7:e6:d2:eb:5c:04:72:
9a:41:c2:8b:f3:aa:96:17:3c:62:ff:07:db:fb:d0:
9c:ee:e4:ff:62:d9:86:32:a1:c8:34:b3:ab:bf:56:
d8:25:04:8f:8a:b5:1a:dd:e0:92:56:69:2b:8a:e7:
6c:d1:92:d4:69:fb:97:4c:87:59:ed:66:33:8a:87:
bd:ba:c5:09:18:fc:74:8d:c9:1e:1b:37:0d:78:0b:
02:ad:79:23:39:97:66:15:59:f2:30:13:48:53:27:
50:23:08:7c:2a:8c:e7:65:c2:21:c5:9b:a7:bd:50:
8b:b9:98:4b:7d:48:f5:b2:5e:c5:1c:60:fe:a6:5c:
37:e5:c4:06:df:28:df:70:34:f4:e6:ce:36:76:c8:
63:41:12:23:6d:7f:33:02:0a:46:a0:7a:bf:c2:50:
e6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:92:1D:74:72:AE:A9:07:53:80:90:58:DF:81:F6:04:52:EC:BD:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
15:03:51:7d:ff:3c:c2:85:07:30:36:0b:8b:3d:41:89:67:5e:
e0:2a:4b:8e:33:e1:4f:63:fe:50:46:47:0d:c1:d4:e9:86:14:
12:e7:24:ba:3f:ae:96:f1:1d:8a:38:8b:a4:c8:ed:f0:a2:54:
a2:4e:e0:99:0a:ca:88:14:0a:9d:c2:8f:6e:4d:00:ba:2a:2e:
55:ab:e4:3f:82:46:b0:07:ee:7f:86:98:65:e1:09:11:65:e0:
fd:63:9c:7b:e0:23:d2:89:27:01:5a:ff:b9:4c:a6:63:d0:47:
3a:69:2a:e7:5f:17:6f:f4:65:28:17:fc:82:20:ea:3b:f5:c4:
ee:92:c3:cc:7d:40:ac:98:b9:c2:46:ab:99:e7:98:e5:bf:7c:
20:6c:d7:40:29:4c:b5:e9:1e:b9:c4:0b:f8:12:d7:b0:ef:87:
f1:c3:15:59:ef:de:2b:c2:e4:a3:92:f7:20:1f:12:21:fe:b8:
5b:5a:11:35:c3:31:71:fe:cd:f9:a9:38:6c:72:94:15:41:c9:
db:a0:44:dd:5a:be:5f:a7:6c:cc:92:49:e1:79:a2:0f:de:b5:
15:6c:59:4e:fb:1c:e5:b7:e9:e3:b9:b9:45:d0:59:d3:7d:35:
17:b5:49:10:1b:53:f8:a9:cf:9b:aa:d1:d1:4c:8c:d3:4a:72:
84:9f:76:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEvr4OS3CLDLkyBz87KKYZhC6oXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUyMjA2NTZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNGRlNDQ3ZWUyOTg2NmM4MjM2ZmYzOGQ4ZjAwN2FhNDMwNmFjMGNlOTFm
ZDE2NzY2Mjc5NjNjYTAwZmUyZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbowrHfhxUGw04k3xHs4j+qoSdeyIHnB81K6Q2uXFkgHwJ84QdVRJ5HmkSA
in/3mIQJ+a/6oy6+z+s2KlYdZsy2H0W5bjGA5bXTKSGTMBTfAvzLiaWC7FF0aAka
AimxF7235tLrXARymkHCi/Oqlhc8Yv8H2/vQnO7k/2LZhjKhyDSzq79W2CUEj4q1
Gt3gklZpK4rnbNGS1Gn7l0yHWe1mM4qHvbrFCRj8dI3JHhs3DXgLAq15IzmXZhVZ
8jATSFMnUCMIfCqM52XCIcWbp71Qi7mYS31I9bJexRxg/qZcN+XEBt8o33A09ObO
NnbIY0ESI21/MwIKRqB6v8JQ5jsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVkh10
cq6pB1OAkFjfgfYEUuy9gjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAVA1F9/zzChQcwNguLPUGJZ17gKkuOM+FPY/5Q
RkcNwdTphhQS5yS6P66W8R2KOIukyO3wolSiTuCZCsqIFAqdwo9uTQC6Ki5Vq+Q/
gkawB+5/hphl4QkRZeD9Y5x74CPSiScBWv+5TKZj0Ec6aSrnXxdv9GUoF/yCIOo7
9cTuksPMfUCsmLnCRquZ55jlv3wgbNdAKUy16R65xAv4Etew74fxwxVZ794rwuSj
kvcgHxIh/rhbWhE1wzFx/s35qThscpQVQcnboETdWr5fp2zMkknheaIP3rUVbFlO
+xzlt+njublF0FnTfTUXtUkQG1P4qc+bqtHRTIzTSnKEn3Zj
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:16 2025 by rpki-client