Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json)
Hash identifier: SAYnpMJmlNpGE9OYWY+rOYd6ICs6rHzGE7w0AoiY0R0=
Subject key identifier: 92:56:99:C1:B5:9D:D1:C2:9D:7C:8F:B4:BF:56:8D:C8:35:3C:51:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CDD2A1E3D75A7C4CC5C312F6F8BF22EB989903D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
Signing time: Wed 05 Mar 2025 16:20:52 +0000
ROA not before: Wed 05 Mar 2025 16:20:52 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:dd:2a:1e:3d:75:a7:c4:cc:5c:31:2f:6f:8b:f2:2e:b9:89:90:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:20:52 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:38:7b:ec:84:a3:f6:ce:a9:35:ee:0f:bb:
43:30:60:d8:d5:3b:f0:61:96:47:dc:e6:7c:28:4f:
97:42:2e:92:28:ae:61:52:c6:ee:c5:a7:d9:57:f5:
86:6b:8e:27:cd:cc:48:5f:c4:fa:96:65:58:dc:2b:
5f:6d:d6:ca:30:e3:de:e0:9a:c7:91:e3:5f:ba:1e:
78:60:33:0b:02:42:c7:31:ad:80:65:76:68:1d:83:
27:52:44:77:ac:29:15:38:86:81:78:d3:3c:00:5a:
29:ff:57:2a:d3:da:81:c5:63:00:bd:f1:1b:cc:80:
9c:54:b5:aa:93:80:64:c9:f1:87:6d:0e:6d:03:9c:
e3:f7:09:16:f2:c8:8c:75:d9:f5:9f:e5:e5:39:24:
68:5f:6f:73:9f:2b:3a:03:1f:a1:6f:82:d8:41:9c:
86:30:31:00:9f:d3:67:88:eb:c0:c6:dd:41:14:84:
32:2e:f6:91:30:f6:5a:17:55:f1:16:08:9c:30:2f:
5a:d8:2f:87:61:02:1c:07:fb:32:8e:e0:15:85:6e:
75:78:a8:5f:63:85:79:bb:7d:21:f5:15:60:02:a4:
21:9e:51:d0:88:2b:eb:16:df:71:65:50:83:82:49:
11:0b:04:e1:8f:c1:7d:03:66:2c:11:f4:b6:ec:aa:
f8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:56:99:C1:B5:9D:D1:C2:9D:7C:8F:B4:BF:56:8D:C8:35:3C:51:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:93:7c:ff:97:c2:82:eb:7c:cb:d5:69:a2:a4:d9:c2:7a:7d:
87:4c:b3:4c:7d:1c:09:1a:b5:65:f6:14:48:9a:d2:2e:f9:72:
59:11:b3:28:c6:db:65:60:5f:4c:d8:21:d1:cf:f1:90:74:a1:
76:b6:d4:0c:59:2c:96:89:ba:b4:9d:3d:3a:73:8e:a6:b8:88:
67:e0:61:7b:fc:82:10:79:b3:27:98:d8:91:4e:12:e0:4f:af:
43:51:79:dc:b2:ac:b7:e4:06:0b:bf:bc:9d:f9:14:fd:fb:99:
52:fc:5e:4d:c1:53:7c:aa:fc:fc:f1:52:92:a6:34:73:5d:61:
21:38:b0:44:0d:c9:32:6d:86:32:06:e2:ef:ba:c9:f3:18:19:
a4:59:a2:63:2c:70:2d:73:16:66:fd:57:b1:cd:6c:68:5a:8e:
09:94:4c:2e:24:24:7e:32:4f:63:33:2a:18:15:b1:28:b3:d1:
25:b0:58:ca:57:cb:da:8d:05:31:80:d5:12:e3:20:6d:3c:91:
65:83:99:0b:98:6c:6a:a2:2d:2c:c0:cc:31:b7:a9:ee:7a:3a:
df:92:a5:7a:cb:17:3b:ed:dd:8c:6a:d6:b0:f0:a8:90:a4:14:
10:01:f4:0a:45:eb:f7:96:2f:e7:37:f7:85:ee:f9:1f:c7:5a:
b8:45:9f:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbN0qHj11p8TMXDEvb4vyLrmJkD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjIwNTJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNzA1YWZmMzVmODQ3Yzk4YTc2N2RlMjVhY2IyMDVmZTNhYmNjZGVhMTgy
YjM1ZDY0NGQ5MDZjNjY3NjY4YjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqzOHvshKP2zqk17g+7QzBg2NU78GGWR9zmfChPl0IukiiuYVLG7sWn2Vf1
hmuOJ83MSF/E+pZlWNwrX23WyjDj3uCax5HjX7oeeGAzCwJCxzGtgGV2aB2DJ1JE
d6wpFTiGgXjTPABaKf9XKtPagcVjAL3xG8yAnFS1qpOAZMnxh20ObQOc4/cJFvLI
jHXZ9Z/l5TkkaF9vc58rOgMfoW+C2EGchjAxAJ/TZ4jrwMbdQRSEMi72kTD2WhdV
8RYInDAvWtgvh2ECHAf7Mo7gFYVudXioX2OFebt9IfUVYAKkIZ5R0Igr6xbfcWVQ
g4JJEQsE4Y/BfQNmLBH0tuyq+L0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSVpnB
tZ3Rwp18j7S/Vo3INTxRYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g
MA0GCSqGSIb3DQEBCwUAA4IBAQB6k3z/l8KC63zL1WmipNnCen2HTLNMfRwJGrVl
9hRImtIu+XJZEbMoxttlYF9M2CHRz/GQdKF2ttQMWSyWibq0nT06c46muIhn4GF7
/IIQebMnmNiRThLgT69DUXncsqy35AYLv7yd+RT9+5lS/F5NwVN8qvz88VKSpjRz
XWEhOLBEDckybYYyBuLvusnzGBmkWaJjLHAtcxZm/VexzWxoWo4JlEwuJCR+Mk9j
MyoYFbEos9ElsFjKV8vajQUxgNUS4yBtPJFlg5kLmGxqoi0swMwxt6nuejrfkqV6
yxc77d2Mataw8KiQpBQQAfQKRev3li/nN/eF7vkfx1q4RZ/q
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:23 2025 by rpki-client