Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2846cce8-8219-4608-8452-5c6e931026b5.roa
File: 2846cce8-8219-4608-8452-5c6e931026b5.roa (raw, json)
Hash identifier: u6Ae/ODllfE7yQBsbPKzZ8X1a+b+DfSzTL+++1ih1Zg=
Subject key identifier: C7:B8:03:8A:80:34:09:B7:AC:59:AD:5E:82:C2:B4:00:84:95:F5:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BD60D30F15CEC25AA640E8853DDEA1E441FB13D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2846cce8-8219-4608-8452-5c6e931026b5.roa
Signing time: Wed 05 Mar 2025 15:00:51 +0000
ROA not before: Wed 05 Mar 2025 15:00:51 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d6:0d:30:f1:5c:ec:25:aa:64:0e:88:53:dd:ea:1e:44:1f:b1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:00:51 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c8:89:2b:c1:81:9f:27:9e:ee:c7:2e:ab:b6:
51:4f:55:55:50:04:75:f7:c9:b2:b7:26:10:53:a2:
82:d7:db:9c:21:20:b8:71:ac:8c:56:bc:ea:da:59:
e9:c0:e5:af:20:a0:00:49:a8:87:92:92:a4:49:85:
ed:c1:e1:ea:c8:69:63:60:be:9f:6b:f1:ff:2e:0b:
3a:f2:54:fc:f5:17:67:13:fd:18:82:c9:71:45:1b:
4f:cb:8f:b7:6d:76:2b:4f:aa:9f:cf:cf:04:f3:a5:
af:bb:80:40:4b:45:01:7a:a5:bd:00:36:5d:55:00:
f2:eb:c8:0b:4e:ff:9f:54:03:e9:ae:de:c5:e8:b4:
b1:03:2e:aa:d7:8f:40:f3:d8:bc:05:39:59:75:dc:
70:a3:8f:3f:f8:c6:e0:de:d3:9f:bb:84:c3:52:79:
c8:45:2d:4d:f2:69:4e:dc:62:8b:16:12:64:08:b9:
a2:83:2e:76:0b:99:60:30:13:61:cb:c1:5b:61:a9:
2b:9a:e0:a9:e8:28:38:27:ed:b5:b7:0b:ee:56:28:
53:1f:a3:a6:31:f8:52:fc:4c:26:5f:39:07:d0:7f:
fb:da:45:eb:a8:07:f8:56:df:be:31:02:df:9b:b4:
8e:42:e1:a2:40:fb:13:75:9b:0a:3d:71:21:87:94:
5d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B8:03:8A:80:34:09:B7:AC:59:AD:5E:82:C2:B4:00:84:95:F5:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2846cce8-8219-4608-8452-5c6e931026b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4080::/48
Signature Algorithm: sha256WithRSAEncryption
b4:26:aa:ae:4d:99:36:5b:e0:03:0e:0d:3a:97:65:9e:ac:7a:
f1:e2:e5:37:fe:da:ab:a9:44:bf:0a:c9:eb:47:83:f0:c5:3a:
40:8e:bb:7d:f1:c2:ae:89:4a:5f:2a:6d:18:31:32:1f:67:cc:
74:e2:1b:80:6f:1c:87:a0:05:d9:02:6b:c5:4c:df:52:3c:08:
98:4f:c3:14:34:4a:07:59:8d:74:1c:e7:de:43:19:e5:21:8c:
16:c5:97:96:06:aa:ba:89:ef:7e:10:46:d4:9b:f5:d4:14:40:
a2:08:f3:41:db:cd:c5:ee:a6:36:95:47:b1:19:f3:47:c3:53:
4e:03:ee:bb:65:2a:54:0a:89:72:f9:40:4b:6e:c8:0d:67:be:
96:48:9d:bb:0e:5f:f1:5d:3d:4e:e6:df:63:28:80:9b:1f:53:
b9:ea:ae:4b:eb:57:dc:d0:11:1c:09:fb:f8:ed:99:7a:31:84:
7a:36:7c:86:06:43:20:80:13:d1:85:fc:b8:0c:44:29:1d:94:
fa:06:66:13:72:f1:14:cc:ec:f1:a4:db:ed:24:bd:c0:de:3c:
c5:fd:77:05:e7:16:7e:a3:e9:fc:83:21:3a:c9:5d:f5:71:d9:
aa:66:9f:af:99:6a:fa:ac:ec:d6:43:13:5b:ac:af:d3:cf:31:
50:a8:91:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO9YNMPFc7CWqZA6IU93qHkQfsT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTAwNTFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyZmE4MjY2NTE1ODMwN2ViMjg5ZTQyMTQyYzFmM2IwM2Q4MWQyOWNhYmQz
ZjNlNWQ0Mjg0ZGQzYjg1MmQzMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3IiSvBgZ8nnu7HLqu2UU9VVVAEdffJsrcmEFOigtfbnCEguHGsjFa86tpZ
6cDlryCgAEmoh5KSpEmF7cHh6shpY2C+n2vx/y4LOvJU/PUXZxP9GILJcUUbT8uP
t212K0+qn8/PBPOlr7uAQEtFAXqlvQA2XVUA8uvIC07/n1QD6a7exei0sQMuqteP
QPPYvAU5WXXccKOPP/jG4N7Tn7uEw1J5yEUtTfJpTtxiixYSZAi5ooMudguZYDAT
YcvBW2GpK5rgqegoOCfttbcL7lYoUx+jpjH4UvxMJl85B9B/+9pF66gH+FbfvjEC
35u0jkLhokD7E3WbCj1xIYeUXYMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTHuAOK
gDQJt6xZrV6CwrQAhJX1jTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg0NmNjZTgtODIxOS00NjA4LTg0NTItNWM2ZTkzMTAyNmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRA
gDANBgkqhkiG9w0BAQsFAAOCAQEAtCaqrk2ZNlvgAw4NOpdlnqx68eLlN/7aq6lE
vwrJ60eD8MU6QI67ffHCrolKXyptGDEyH2fMdOIbgG8ch6AF2QJrxUzfUjwImE/D
FDRKB1mNdBzn3kMZ5SGMFsWXlgaquonvfhBG1Jv11BRAogjzQdvNxe6mNpVHsRnz
R8NTTgPuu2UqVAqJcvlAS27IDWe+lkiduw5f8V09TubfYyiAmx9TuequS+tX3NAR
HAn7+O2ZejGEejZ8hgZDIIAT0YX8uAxEKR2U+gZmE3LxFMzs8aTb7SS9wN48xf13
BecWfqPp/IMhOsld9XHZqmafr5lq+qzs1kMTW6yv088xUKiRNQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:09 2025 by rpki-client