Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: Tvx1shSAx4Af6FKpWaTKdN3VIQ9fTer+ZhD2tn8+p5g=
Subject key identifier: 97:CF:30:18:30:F8:91:66:10:24:AA:A6:B7:5F:E1:05:D9:1E:42:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 534DA6802D1B918C6436B23112E674EF44ADFCC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Fri 07 Mar 2025 15:00:10 +0000
ROA not before: Fri 07 Mar 2025 15:00:10 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:4d:a6:80:2d:1b:91:8c:64:36:b2:31:12:e6:74:ef:44:ad:fc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:00:10 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:cf:f8:2b:4c:cc:d4:62:70:ba:15:b9:e4:
2e:98:63:01:92:fb:f6:3c:e6:90:dc:11:c0:c0:41:
9e:70:c4:bf:23:75:6a:d0:8c:47:42:43:ee:11:b9:
49:eb:dc:31:e6:9f:66:a0:8d:50:2d:a8:25:f8:38:
23:c0:14:60:44:0f:40:97:2f:07:fd:ec:d0:20:eb:
57:d9:bd:dc:63:31:59:65:c6:cb:a7:53:e9:51:79:
20:77:7e:d4:da:f1:30:d9:88:2b:a3:40:4f:02:6c:
8a:cf:62:7b:4c:d1:60:6f:02:8c:56:ee:d1:be:bc:
9a:a0:97:69:19:91:7f:f8:3f:2f:c9:3b:cf:cb:e6:
5d:12:1c:83:bd:51:28:38:e3:9f:ec:35:1d:1b:83:
d9:d8:77:54:00:2c:1b:9c:de:db:28:2a:d3:af:ac:
d4:9f:22:bb:13:cb:39:6c:32:cd:f0:d3:ce:5a:d6:
21:2d:bf:8a:9f:60:59:02:a0:f4:d7:c3:a6:45:d3:
c6:22:d3:6a:17:e7:38:8a:8e:b2:4a:01:10:78:ed:
a7:12:67:f7:df:f3:72:05:fd:d2:66:bc:d4:ab:17:
4f:30:53:6a:5c:f5:74:01:bb:f0:7c:a9:65:68:87:
ea:9d:98:e3:12:20:18:3e:7e:0d:b5:f0:50:82:62:
64:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CF:30:18:30:F8:91:66:10:24:AA:A6:B7:5F:E1:05:D9:1E:42:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
60:cc:a9:de:d7:4b:07:94:c3:89:92:83:24:d5:8e:0b:c7:aa:
0e:d6:70:fb:da:b8:cc:34:7e:9b:37:82:e7:c3:4c:67:95:6b:
66:88:56:b8:8e:2e:b2:9a:4a:0b:8c:39:6a:a7:e4:f8:c5:5d:
3d:e7:5c:d5:f9:93:b0:a3:5b:16:ff:24:8e:c5:c1:2e:a3:27:
a8:08:bb:3e:c6:53:bc:0a:25:4f:11:78:d7:6f:a7:67:63:3f:
ca:06:08:bd:c7:08:8a:21:c1:c9:b1:ae:cb:4a:90:a9:38:00:
6b:73:cd:b3:ad:f4:9d:2b:31:a1:04:a6:b6:28:2b:88:e1:98:
d5:1c:d7:fa:9b:9c:26:51:9c:c2:d9:78:89:15:35:47:47:10:
a6:e5:63:66:97:cb:ba:80:25:dd:a9:ec:52:7d:c0:a1:12:ff:
3e:e8:2e:05:40:ea:c9:2e:f8:ca:00:2a:86:ac:00:0b:3b:42:
bf:81:41:f5:4a:ed:96:e7:96:be:19:3c:65:92:50:cd:7b:ec:
79:89:f5:f2:9c:39:e8:f9:cc:e6:39:38:f2:3e:55:75:72:d2:
9f:11:e5:38:ea:85:41:14:96:f3:d5:ef:ae:74:b1:0a:60:d8:
86:75:87:13:da:47:7f:bd:47:b8:04:cc:dd:a3:c8:f8:4d:fd:
37:3d:e6:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU02mgC0bkYxkNrIxEuZ070St/McwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTAwMTBaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1Y2NhOTZhOTI2MjM3ZjdiYmI5MDJjY2QyYWJjNGQyMTJjN2EyZDM2Y2U2
MWYzZjlhZDBjYTJjOTIwZjljZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3+z/grTMzUYnC6FbnkLphjAZL79jzmkNwRwMBBnnDEvyN1atCMR0JD7hG5
SevcMeafZqCNUC2oJfg4I8AUYEQPQJcvB/3s0CDrV9m93GMxWWXGy6dT6VF5IHd+
1NrxMNmIK6NATwJsis9ie0zRYG8CjFbu0b68mqCXaRmRf/g/L8k7z8vmXRIcg71R
KDjjn+w1HRuD2dh3VAAsG5ze2ygq06+s1J8iuxPLOWwyzfDTzlrWIS2/ip9gWQKg
9NfDpkXTxiLTahfnOIqOskoBEHjtpxJn99/zcgX90ma81KsXTzBTalz1dAG78Hyp
ZWiH6p2Y4xIgGD5+DbXwUIJiZM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXzzAY
MPiRZhAkqqa3X+EF2R5C3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBgzKne10sHlMOJkoMk1Y4Lx6oO1nD72rjMNH6b
N4Lnw0xnlWtmiFa4ji6ymkoLjDlqp+T4xV0951zV+ZOwo1sW/ySOxcEuoyeoCLs+
xlO8CiVPEXjXb6dnYz/KBgi9xwiKIcHJsa7LSpCpOABrc82zrfSdKzGhBKa2KCuI
4ZjVHNf6m5wmUZzC2XiJFTVHRxCm5WNml8u6gCXdqexSfcChEv8+6C4FQOrJLvjK
ACqGrAALO0K/gUH1Su2W55a+GTxlklDNe+x5ifXynDno+czmOTjyPlV1ctKfEeU4
6oVBFJbz1e+udLEKYNiGdYcT2kd/vUe4BMzdo8j4Tf03Pea/
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:23 2025 by rpki-client