Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: 9CpL6JQHJWr8yGI8e4KfkBLwTXM/Sh/XTM0ZlB/i39c=
Subject key identifier: 61:26:56:01:98:D4:40:15:56:DD:BF:B8:84:0C:B9:A0:31:35:6E:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C7D6A18F2A6AE8A2E7C571D860BBF5A329595D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Fri 07 Mar 2025 15:00:19 +0000
ROA not before: Fri 07 Mar 2025 15:00:19 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:7d:6a:18:f2:a6:ae:8a:2e:7c:57:1d:86:0b:bf:5a:32:95:95:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:00:19 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:52:3b:bc:80:5e:b6:c6:e5:c9:8e:03:f3:
18:0b:92:06:2a:ac:f7:2b:3e:a6:a5:95:6b:d6:c6:
75:18:0a:af:1b:07:26:47:3d:82:b4:da:42:36:46:
f5:08:e1:a7:82:f9:30:6b:f9:79:15:49:c3:45:ea:
ae:16:7a:da:1f:45:7a:a9:2d:97:01:2b:42:76:1d:
21:25:fb:89:ef:1a:6e:31:de:8c:26:5e:a2:cb:90:
dd:b0:b1:99:6f:9b:f9:e5:77:c4:9d:01:88:69:6c:
d1:51:fe:bb:fa:ac:70:7b:13:77:62:91:dd:b9:79:
e2:85:4a:e3:0a:1c:f3:d7:46:f4:0b:ed:37:3b:b7:
cb:b1:41:da:11:21:ca:1b:38:93:54:95:0d:12:72:
e0:76:be:e3:71:8d:a7:77:f6:af:bb:38:cc:37:af:
36:6b:10:1e:1b:ef:76:13:2c:80:84:43:f4:ad:8c:
07:c7:e1:af:90:8c:5b:ff:2f:95:a9:21:e5:ec:8c:
97:0b:bf:c6:97:27:e4:2b:9f:26:dc:d1:4f:3f:2e:
c4:2b:77:13:fe:24:d8:9b:73:6d:5b:6e:60:ff:8f:
07:d2:4f:5a:0c:d7:f0:c1:19:ad:4b:cd:b1:ca:e8:
19:ad:eb:53:05:5b:23:de:df:35:1b:82:14:ef:ea:
fc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:26:56:01:98:D4:40:15:56:DD:BF:B8:84:0C:B9:A0:31:35:6E:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:0e:1b:fb:78:cc:9e:05:52:0e:96:77:96:3f:90:46:6c:80:
7f:a3:ac:8d:59:d4:96:c7:94:13:b6:0a:0a:ed:82:a3:70:3b:
15:18:ce:73:b6:12:8d:a0:e0:9a:5c:ca:48:17:2f:6f:ac:96:
90:ef:6a:b7:57:92:cc:06:b8:b7:02:c8:78:60:05:b7:a7:32:
62:e2:00:2a:c4:4b:16:45:1c:ea:0b:cd:16:1b:c7:9d:70:ef:
8f:45:5c:a1:8f:00:42:59:e3:36:f8:fc:21:6b:d2:78:2e:b8:
cb:10:36:7a:e7:d7:9d:2e:62:d0:34:6c:ee:f4:c8:d8:ba:32:
aa:da:d3:ba:48:9d:e9:30:07:e1:bb:a7:18:2e:4f:57:f3:42:
11:5d:31:e5:b9:32:97:15:d8:68:da:d6:38:73:92:75:7f:52:
aa:fe:4d:1c:19:09:c5:4a:88:62:9e:b7:21:23:60:2c:78:96:
4b:87:7d:a4:ff:6f:d0:3e:3b:22:e7:e1:3d:7a:7b:26:29:05:
cf:b7:07:81:c1:f5:e8:d8:ce:5f:de:7f:ed:4b:af:0c:ca:f4:
c3:b8:5a:2c:45:df:29:3a:7e:c6:12:a8:f2:37:a4:79:fe:5d:
4b:82:02:60:ea:ce:aa:e6:37:61:ae:72:a8:2a:84:6b:cd:5c:
5f:7a:00:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbH1qGPKmrooufFcdhgu/WjKVldYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTAwMTlaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxYTcxZWM3YzQwYWY3ZTQ1Mjc2ZWEwMWJkNzM5NDlkZjk1NjVlYTkwMGY2
ODVjMjhhMjZkMWEwOWM0YWZjNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbQUju8gF62xuXJjgPzGAuSBiqs9ys+pqWVa9bGdRgKrxsHJkc9grTaQjZG
9Qjhp4L5MGv5eRVJw0XqrhZ62h9FeqktlwErQnYdISX7ie8abjHejCZeosuQ3bCx
mW+b+eV3xJ0BiGls0VH+u/qscHsTd2KR3bl54oVK4woc89dG9AvtNzu3y7FB2hEh
yhs4k1SVDRJy4Ha+43GNp3f2r7s4zDevNmsQHhvvdhMsgIRD9K2MB8fhr5CMW/8v
lakh5eyMlwu/xpcn5CufJtzRTz8uxCt3E/4k2JtzbVtuYP+PB9JPWgzX8MEZrUvN
scroGa3rUwVbI97fNRuCFO/q/DMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhJlYB
mNRAFVbdv7iEDLmgMTVusDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQCeDhv7eMyeBVIOlneWP5BGbIB/o6yNWdSWx5QT
tgoK7YKjcDsVGM5zthKNoOCaXMpIFy9vrJaQ72q3V5LMBri3Ash4YAW3pzJi4gAq
xEsWRRzqC80WG8edcO+PRVyhjwBCWeM2+Pwha9J4LrjLEDZ659edLmLQNGzu9MjY
ujKq2tO6SJ3pMAfhu6cYLk9X80IRXTHluTKXFdho2tY4c5J1f1Kq/k0cGQnFSohi
nrchI2AseJZLh32k/2/QPjsi5+E9ensmKQXPtweBwfXo2M5f3n/tS68MyvTDuFos
Rd8pOn7GEqjyN6R5/l1LggJg6s6q5jdhrnKoKoRrzVxfegBn
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:28:46 2025 by rpki-client