Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: lsgImXYRhYx8+Mo749qXiqxGTozGcwZU+HY0rFgVjVY=
Subject key identifier: F3:0E:B2:C2:5F:5A:87:48:7E:13:AE:5C:9F:6D:FB:98:BE:7F:47:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F2C144132660D3CFB59B380E32D56EE0E41EF67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Wed 05 Mar 2025 15:50:51 +0000
ROA not before: Wed 05 Mar 2025 15:50:51 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:2c:14:41:32:66:0d:3c:fb:59:b3:80:e3:2d:56:ee:0e:41:ef:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:50:51 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:89:1c:62:a8:75:92:21:b1:f0:32:bd:b0:f8:
4c:8f:91:2d:ab:98:40:51:18:76:22:cc:dc:6b:2b:
51:83:75:14:d3:f4:e8:05:82:ec:4c:fe:a7:be:6b:
84:c2:bd:ba:43:ee:78:80:25:a8:3f:fd:0e:a4:5c:
eb:30:19:2a:20:ea:26:e2:41:02:1c:47:76:2a:b3:
5b:60:d7:56:2f:f5:58:c4:52:99:8b:d9:46:b0:46:
db:38:f6:59:ff:9f:e4:a9:e1:21:8f:74:d4:16:39:
a2:37:cd:41:dd:27:bd:4c:7b:8c:97:e9:df:18:91:
92:61:13:31:73:98:a2:86:0d:94:ba:d3:53:5c:ca:
ff:e8:eb:69:d7:9b:f6:d9:b8:cb:0a:17:63:38:2a:
01:e4:40:c5:d5:68:1b:b5:83:3c:e4:1a:35:fe:52:
5a:60:15:7e:2f:74:50:78:09:e1:ed:b1:21:b8:39:
e3:ab:95:d0:e0:d4:49:49:bd:ea:b4:61:2e:48:67:
62:79:bd:87:ad:e9:ba:75:6e:83:56:5c:71:1f:d0:
4b:b5:60:88:f4:35:ab:ef:e4:ff:70:8e:69:fe:f8:
c3:1f:5d:8b:be:4d:64:76:0a:39:e4:1e:45:34:10:
d4:2b:31:9f:32:73:42:e9:4e:08:bd:56:29:58:85:
c0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0E:B2:C2:5F:5A:87:48:7E:13:AE:5C:9F:6D:FB:98:BE:7F:47:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
79:16:4d:c6:df:6d:8d:d6:5a:b1:76:7c:96:96:4a:ad:70:8d:
f9:e2:fe:d3:0c:ed:13:ca:6c:ea:f5:d6:c0:f0:e6:92:ce:9e:
47:2a:11:7c:45:b2:e0:1a:17:59:03:d9:84:b7:72:26:26:50:
dc:b9:e9:e7:14:79:56:f5:3e:6d:f3:10:8a:4f:6c:ad:9b:09:
e5:1e:1c:b8:23:8f:ba:89:2f:33:26:44:a1:6a:e9:c1:f6:ce:
b9:5f:38:6a:49:4d:26:3f:0f:0f:c5:4c:91:18:da:34:ef:c6:
bc:aa:31:b4:8a:86:de:f3:4c:f1:14:11:24:4a:0b:1b:1e:2b:
80:71:47:7d:16:17:f9:75:94:bc:2c:d7:78:f9:17:c3:05:4a:
23:8a:a9:c8:ac:99:8c:73:ed:c8:83:37:e4:df:45:ec:8c:c8:
5d:d3:f7:65:a9:f2:1e:e9:4f:b4:0c:f5:98:e4:72:3b:21:f8:
0c:97:9e:5b:ec:90:fb:d7:5f:be:5f:13:0e:89:72:95:e3:26:
59:b1:cf:53:74:44:3b:8b:c9:ca:2b:6e:5b:5a:d0:39:98:f2:
a0:33:8e:7c:d1:2f:7a:6c:9c:a5:8e:d0:f4:0b:88:a4:03:99:
3b:03:a8:18:9c:d0:5a:b6:dd:49:ec:06:17:25:5d:d3:bf:37:
29:b2:26:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfywUQTJmDTz7WbOA4y1W7g5B72cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTUwNTFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlM2MxNzBjYzQ4MjI4MzlkYTU0YWMyOWVlZmVjMTBkMjgzNmExYTc5NmY4
MzcxODdjZDI1YmZkNTI1NGNhZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmJHGKodZIhsfAyvbD4TI+RLauYQFEYdiLM3GsrUYN1FNP06AWC7Ez+p75r
hMK9ukPueIAlqD/9DqRc6zAZKiDqJuJBAhxHdiqzW2DXVi/1WMRSmYvZRrBG2zj2
Wf+f5KnhIY901BY5ojfNQd0nvUx7jJfp3xiRkmETMXOYooYNlLrTU1zK/+jradeb
9tm4ywoXYzgqAeRAxdVoG7WDPOQaNf5SWmAVfi90UHgJ4e2xIbg546uV0ODUSUm9
6rRhLkhnYnm9h63punVug1ZccR/QS7VgiPQ1q+/k/3COaf74wx9di75NZHYKOeQe
RTQQ1CsxnzJzQulOCL1WKViFwCcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzDrLC
X1qHSH4TrlyfbfuYvn9HmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Fk3G322N1lqxdnyWlkqtcI354v7TDO0Tymzq
9dbA8OaSzp5HKhF8RbLgGhdZA9mEt3ImJlDcuennFHlW9T5t8xCKT2ytmwnlHhy4
I4+6iS8zJkShaunB9s65XzhqSU0mPw8PxUyRGNo078a8qjG0iobe80zxFBEkSgsb
HiuAcUd9Fhf5dZS8LNd4+RfDBUojiqnIrJmMc+3Igzfk30XsjMhd0/dlqfIe6U+0
DPWY5HI7IfgMl55b7JD711++XxMOiXKV4yZZsc9TdEQ7i8nKK25bWtA5mPKgM458
0S96bJyljtD0C4ikA5k7A6gYnNBatt1J7AYXJV3TvzcpsiaW
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:29 2025 by rpki-client