Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: phPkEZNNB0MpEh94gro7D1gNxz5ThP2pT1sDyIjd/dw=
Subject key identifier: 2C:F1:5C:DC:F4:B2:5B:13:9A:49:10:87:E7:8B:67:97:A0:32:EE:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2351AD5E45CA4FEA9E650F27DB30CA7AD92F5C1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Wed 05 Mar 2025 17:41:24 +0000
ROA not before: Wed 05 Mar 2025 17:41:24 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:51:ad:5e:45:ca:4f:ea:9e:65:0f:27:db:30:ca:7a:d9:2f:5c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:41:24 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9f:74:ca:22:7b:b8:ab:dd:ab:f2:ef:5e:91:
1d:36:90:34:42:3b:48:9c:77:97:54:38:a8:85:6c:
c8:78:b9:7f:60:f9:f0:74:e2:5d:59:dd:fd:b3:22:
6b:3c:a1:be:1f:26:8d:4c:1d:fb:27:e6:c5:fb:1f:
b6:a3:7a:e7:73:6a:46:c4:42:30:b7:59:e5:fb:a2:
3b:72:2c:ec:ed:1b:58:fb:ca:1a:ae:dd:d3:60:bc:
d4:97:fb:04:a1:d0:30:88:bd:66:a7:91:68:51:4f:
fe:c6:e9:a1:37:24:87:17:40:5b:75:4f:51:d4:e8:
49:bf:ed:26:1a:34:7c:0d:2c:f1:4f:de:f3:95:92:
aa:8f:af:8c:d2:1e:81:d7:a9:2e:59:01:0b:08:46:
2a:7d:2c:4c:d7:f1:a1:34:77:7d:d2:3e:fc:0e:3e:
23:0d:ba:75:1a:2e:43:a6:5b:8b:2f:9a:e7:5b:bb:
8c:cc:fe:71:ec:87:2b:77:0f:bb:2a:0f:c4:42:e3:
74:4d:b6:27:18:08:41:76:ba:1d:d9:1f:73:64:30:
3b:ba:76:67:f0:d1:92:70:44:ae:8b:34:4c:df:a0:
bb:62:ea:44:c0:4e:cd:d0:c1:b9:e9:88:89:48:30:
9c:55:e0:46:86:cb:bc:49:39:5e:11:94:f3:f8:f6:
ac:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F1:5C:DC:F4:B2:5B:13:9A:49:10:87:E7:8B:67:97:A0:32:EE:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
b7:d7:bd:ee:30:d8:a8:40:f2:f6:af:f2:aa:58:91:8e:fb:78:
6e:3d:cd:a1:8b:0d:87:d8:9b:6b:76:40:56:ae:e1:e6:15:a1:
7d:1f:01:69:26:09:77:32:b3:68:3d:72:43:93:aa:33:f8:6f:
ad:3f:a7:36:b5:cf:37:88:57:1a:03:f0:7c:f7:a5:82:f2:a6:
58:16:be:cf:c4:46:20:8f:b0:3f:07:16:e1:03:c9:38:82:5f:
05:9d:43:d8:44:ce:25:1a:49:d4:e6:31:9c:e4:d7:3f:c9:7d:
87:17:bf:ae:f0:40:5c:d3:3a:0d:c5:57:48:e2:08:05:11:7b:
5d:47:a0:7d:cd:d8:1a:71:b2:0e:5f:22:1d:e8:f1:40:d3:d5:
c7:c3:da:fe:ce:05:22:91:e3:36:51:f5:bc:94:65:2c:83:30:
4c:a1:71:3f:55:a8:af:24:bf:e2:14:03:d6:a1:d8:04:38:44:
55:10:ef:66:d6:0b:65:de:eb:b8:49:7d:0d:ff:d5:29:3f:b8:
f0:27:2b:80:47:84:4c:0d:cd:e5:e8:8d:93:72:1b:d3:a6:df:
b4:30:77:2d:94:0d:2f:d4:ee:63:40:c3:1d:47:65:e4:1e:8e:
76:bd:73:64:68:44:75:b8:47:fc:70:50:13:eb:36:7f:f2:f5:
8d:5e:9f:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI1GtXkXKT+qeZQ8n2zDKetkvXB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQxMjRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhY2E2YWVlMjYzN2VjOGNkZWJmYTVhMjA0MjQ2MGQ4OTkwMjMyNDhjNzhl
NzAwNTgwZGM5MTA0OTAxNWMyZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCfdMoie7ir3avy716RHTaQNEI7SJx3l1Q4qIVsyHi5f2D58HTiXVnd/bMi
azyhvh8mjUwd+yfmxfsftqN653NqRsRCMLdZ5fuiO3Is7O0bWPvKGq7d02C81Jf7
BKHQMIi9ZqeRaFFP/sbpoTckhxdAW3VPUdToSb/tJho0fA0s8U/e85WSqo+vjNIe
gdepLlkBCwhGKn0sTNfxoTR3fdI+/A4+Iw26dRouQ6Zbiy+a51u7jMz+ceyHK3cP
uyoPxELjdE22JxgIQXa6Hdkfc2QwO7p2Z/DRknBEros0TN+gu2LqRMBOzdDBuemI
iUgwnFXgRobLvEk5XhGU8/j2rJ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQs8Vzc
9LJbE5pJEIfni2eXoDLunzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3173uMNioQPL2r/KqWJGO+3huPc2hiw2H2Jtr
dkBWruHmFaF9HwFpJgl3MrNoPXJDk6oz+G+tP6c2tc83iFcaA/B896WC8qZYFr7P
xEYgj7A/BxbhA8k4gl8FnUPYRM4lGknU5jGc5Nc/yX2HF7+u8EBc0zoNxVdI4ggF
EXtdR6B9zdgacbIOXyId6PFA09XHw9r+zgUikeM2UfW8lGUsgzBMoXE/VaivJL/i
FAPWodgEOERVEO9m1gtl3uu4SX0N/9UpP7jwJyuAR4RMDc3l6I2TchvTpt+0MHct
lA0v1O5jQMMdR2XkHo52vXNkaER1uEf8cFAT6zZ/8vWNXp91
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:16 2025 by rpki-client