Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
File: 376be0fe-aebc-4855-80a4-ea95cf413b51.roa (raw, json)
Hash identifier: WOgV76h+jjpzo3EJ5twXnJM5QmoTog4ap54Kr1N/3cQ=
Subject key identifier: 43:BA:B9:F4:CD:8E:7F:94:D3:2C:48:11:CE:3F:81:25:8E:CC:2B:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 297A4929C5D666DFA38A5F99A740E454EF0F22F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
Signing time: Mon 17 Mar 2025 15:40:35 +0000
ROA not before: Mon 17 Mar 2025 15:40:35 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:5000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:7a:49:29:c5:d6:66:df:a3:8a:5f:99:a7:40:e4:54:ef:0f:22:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 17 15:40:35 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:08:c7:40:58:5c:22:06:8b:6a:7b:c1:f9:ca:
5c:c7:36:4a:83:3b:81:32:8f:5a:56:1c:19:bf:b6:
db:72:1d:ce:7c:b6:04:41:22:28:0a:5b:83:d7:47:
18:2f:1b:aa:5c:14:74:24:65:bb:3b:c0:41:7b:50:
79:16:a5:63:23:01:8c:2e:af:92:cd:58:f6:c7:02:
44:1d:06:51:e7:76:03:c1:fc:97:95:eb:48:c6:fe:
41:f7:6b:d6:65:c3:a4:e1:86:e9:97:05:24:15:96:
19:9c:9f:24:b9:63:f5:8c:dd:82:e1:82:7d:32:f6:
ef:5e:b3:31:e1:f6:fc:89:b4:57:a9:ff:c5:24:df:
69:29:08:63:7e:d2:80:73:29:19:4f:bb:eb:00:6b:
be:79:ee:c5:67:b9:fe:95:33:13:0c:b4:ce:01:e4:
ab:b1:aa:d2:c4:b0:29:75:a2:a7:b8:ff:f8:16:2e:
04:d8:e0:3b:db:2a:c5:f7:d3:7c:1a:78:10:d2:ae:
ae:6a:f1:bb:89:aa:6a:ef:dc:5c:37:33:36:ea:77:
64:53:6c:05:02:d6:cc:90:df:21:b9:b4:71:e3:9c:
11:e1:99:49:f3:9f:96:25:3c:0b:d4:d2:d9:93:58:
b6:19:9d:ee:f6:77:0d:a0:21:9e:18:3d:15:33:18:
eb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BA:B9:F4:CD:8E:7F:94:D3:2C:48:11:CE:3F:81:25:8E:CC:2B:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:5000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:fb:0f:15:ad:14:63:98:e2:97:b6:40:a6:e9:d4:6c:cd:54:
81:02:ad:b8:43:91:0f:bb:84:10:f9:30:88:b7:b0:f8:69:82:
a2:cf:91:4f:44:03:35:d2:32:67:f3:70:e7:ce:9c:4b:df:71:
9e:39:2c:56:65:42:29:26:13:de:c0:c7:b1:d9:79:87:73:a1:
bc:63:74:a0:c7:21:90:eb:65:8a:53:5f:c2:68:0f:a3:17:26:
9f:46:56:c4:d6:ae:55:b4:d8:25:fb:0d:a7:93:3d:b8:82:5d:
0f:6b:2f:e6:18:a4:14:f6:44:0d:03:7f:14:8a:5b:7d:8c:9b:
ec:d7:12:a0:4c:9f:bf:15:27:3d:8a:de:54:2b:8c:b6:9f:fd:
87:cb:67:95:9d:be:a9:61:b8:3d:02:7e:b0:e1:10:a7:0e:97:
84:05:ea:f7:f9:49:46:b6:45:12:e0:14:13:99:85:0f:d4:13:
84:be:9e:64:06:ed:85:ac:89:54:7b:d9:08:1a:47:57:11:d4:
0a:2e:a0:6f:34:30:02:47:b2:7d:7d:60:78:3c:21:e3:e6:37:
ce:35:c7:a7:2e:ef:f1:e9:b8:73:9f:ca:a8:b6:3f:55:91:34:
23:3e:fd:3f:9d:a4:87:95:e1:eb:5e:8a:4e:14:6c:ee:51:93:
97:0f:10:62
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKXpJKcXWZt+jil+Zp0DkVO8PIvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTcxNTQwMzVaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjOGY1N2E3MmRmYTc0ZTk4NGE5ODdmNzMxNGU4OTZiMzRhMWJkZjgxOTFl
Y2E0ZGM2YzA4MmY0ZDc4N2UzNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO0Ix0BYXCIGi2p7wfnKXMc2SoM7gTKPWlYcGb+223Idzny2BEEiKApbg9dH
GC8bqlwUdCRluzvAQXtQeRalYyMBjC6vks1Y9scCRB0GUed2A8H8l5XrSMb+Qfdr
1mXDpOGG6ZcFJBWWGZyfJLlj9YzdguGCfTL2716zMeH2/Im0V6n/xSTfaSkIY37S
gHMpGU+76wBrvnnuxWe5/pUzEwy0zgHkq7Gq0sSwKXWip7j/+BYuBNjgO9sqxffT
fBp4ENKurmrxu4mqau/cXDczNup3ZFNsBQLWzJDfIbm0ceOcEeGZSfOfliU8C9TS
2ZNYthmd7vZ3DaAhnhg9FTMY6/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRDurn0
zY5/lNMsSBHOP4EljswrNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc2YmUwZmUtYWViYy00ODU1LTgwYTQtZWE5NWNmNDEzYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCO+w8VrRRjmOKXtkCm6dRszVSBAq24Q5EPu4QQ
+TCIt7D4aYKiz5FPRAM10jJn83DnzpxL33GeOSxWZUIpJhPewMex2XmHc6G8Y3Sg
xyGQ62WKU1/CaA+jFyafRlbE1q5VtNgl+w2nkz24gl0Pay/mGKQU9kQNA38Uilt9
jJvs1xKgTJ+/FSc9it5UK4y2n/2Hy2eVnb6pYbg9An6w4RCnDpeEBer3+UlGtkUS
4BQTmYUP1BOEvp5kBu2FrIlUe9kIGkdXEdQKLqBvNDACR7J9fWB4PCHj5jfONcen
Lu/x6bhzn8qotj9VkTQjPv0/naSHleHrXopOFGzuUZOXDxBi
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:01 2025 by rpki-client