Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: /A4pJZz5ObTckP7z0MisYbmS0MyH3LgmLFExHFeJ1U0=
Subject key identifier: 79:D3:AD:46:36:52:EE:38:B6:0F:D0:B2:AC:15:C8:5D:A6:CB:E4:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71A123D98AFBEA6DF34E417754DEC43E0CE64EB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Wed 05 Mar 2025 17:41:27 +0000
ROA not before: Wed 05 Mar 2025 17:41:27 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:a1:23:d9:8a:fb:ea:6d:f3:4e:41:77:54:de:c4:3e:0c:e6:4e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:41:27 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ce:7c:f7:15:26:a4:89:64:e5:66:83:da:c4:
fb:b7:ec:60:66:06:98:b8:02:ea:a0:ee:51:b3:57:
52:94:a8:80:10:7a:65:2a:de:08:74:73:f7:54:b8:
3d:f1:c2:af:05:e1:66:65:95:24:99:34:02:c2:53:
e5:55:5d:14:cb:c6:1b:29:0e:9b:6d:02:3d:e2:03:
b0:b3:d3:9e:f6:d6:35:0b:e1:cc:a7:ea:6d:02:74:
86:81:ec:59:6a:f7:a4:b3:2d:db:d5:b6:cb:59:dc:
e5:58:59:00:0c:2f:cb:e7:0c:e5:af:a1:e7:ce:eb:
bb:07:f2:77:3a:6f:69:24:a7:0d:7d:bb:ec:1b:5e:
a8:aa:be:2e:33:5a:45:5a:03:8c:51:56:7b:47:2e:
bc:99:d2:50:1c:5e:ef:30:9e:7b:eb:e5:94:8d:04:
d3:09:98:70:5f:2d:e9:be:7e:db:7b:13:96:98:22:
51:0d:3b:47:59:84:f1:94:e1:3b:c0:16:37:80:af:
d5:93:b0:a4:a8:94:8a:21:9f:c3:60:8b:2d:ec:f5:
3b:ee:a3:0a:d8:8a:ef:39:61:21:23:5d:00:d6:82:
c7:b0:6f:eb:91:26:a2:9c:7d:a5:97:04:61:a8:ec:
2a:d6:52:0d:ad:e9:cd:6d:15:55:33:74:b3:25:e9:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D3:AD:46:36:52:EE:38:B6:0F:D0:B2:AC:15:C8:5D:A6:CB:E4:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
b3:ae:03:85:22:83:26:32:f4:47:e2:2a:c5:cf:c3:5f:03:20:
05:1e:2f:b9:ca:e6:c5:c2:9c:a5:26:7a:c9:ec:d9:ed:f4:38:
d9:c6:7c:f9:bc:42:7c:3a:31:9a:56:0e:27:5b:47:2c:96:e3:
29:6f:23:c6:f3:52:69:e4:43:81:75:2a:7f:76:ff:f6:26:9f:
ab:db:dc:bf:21:fd:0a:6d:bb:2b:73:1a:7d:b1:13:e3:e0:95:
fb:8c:07:8a:b6:16:f7:d2:5d:b8:b1:2f:41:e1:64:d9:ff:13:
d3:a3:ec:67:14:d9:ef:e2:16:38:03:49:c2:29:21:8b:37:96:
59:05:79:80:a2:4a:e7:a0:59:c8:c1:d2:7d:1c:ac:d2:03:3e:
98:1f:46:32:c4:6b:3f:20:f1:5b:2e:7b:ac:09:f7:7b:c5:9e:
85:85:df:98:d0:60:18:70:29:97:c5:87:33:01:23:7a:15:15:
73:8e:5a:20:40:e8:5d:41:47:be:a7:b8:d3:fc:71:28:3e:0a:
58:c6:c8:78:a7:e1:da:f2:11:c0:5f:cb:0d:9f:34:09:e0:62:
7a:6e:35:f9:d9:16:f3:66:30:05:c5:1f:f8:68:aa:97:fb:7e:
77:c9:50:6e:1b:d7:c6:93:b1:cb:c4:a8:70:ce:6e:db:57:4d:
b6:00:bc:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcaEj2Yr76m3zTkF3VN7EPgzmTrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQxMjdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwY2ZlOWJiZWY4MDYwYzU0NzJiNmFhZTVjOTIyOWI3OTZkMThhODQ4MWI3
MWZiMGJjNTc4YjczNWI1ODdlMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXOfPcVJqSJZOVmg9rE+7fsYGYGmLgC6qDuUbNXUpSogBB6ZSreCHRz91S4
PfHCrwXhZmWVJJk0AsJT5VVdFMvGGykOm20CPeIDsLPTnvbWNQvhzKfqbQJ0hoHs
WWr3pLMt29W2y1nc5VhZAAwvy+cM5a+h587ruwfydzpvaSSnDX277BteqKq+LjNa
RVoDjFFWe0cuvJnSUBxe7zCee+vllI0E0wmYcF8t6b5+23sTlpgiUQ07R1mE8ZTh
O8AWN4Cv1ZOwpKiUiiGfw2CLLez1O+6jCtiK7zlhISNdANaCx7Bv65Emopx9pZcE
YajsKtZSDa3pzW0VVTN0syXpSyUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5061G
NlLuOLYP0LKsFchdpsvkrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCzrgOFIoMmMvRH4irFz8NfAyAFHi+5yubFwpyl
JnrJ7Nnt9DjZxnz5vEJ8OjGaVg4nW0csluMpbyPG81Jp5EOBdSp/dv/2Jp+r29y/
If0Kbbsrcxp9sRPj4JX7jAeKthb30l24sS9B4WTZ/xPTo+xnFNnv4hY4A0nCKSGL
N5ZZBXmAokrnoFnIwdJ9HKzSAz6YH0YyxGs/IPFbLnusCfd7xZ6Fhd+Y0GAYcCmX
xYczASN6FRVzjlogQOhdQUe+p7jT/HEoPgpYxsh4p+Ha8hHAX8sNnzQJ4GJ6bjX5
2RbzZjAFxR/4aKqX+353yVBuG9fGk7HLxKhwzm7bV022ALxs
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:10 2025 by rpki-client