Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: e2p5sB6g6fbdfJ2B6DmpAO0RBF8hN3lpJ6wYuMtOLoE=
Subject key identifier: C4:E1:93:55:8A:9F:F4:C9:ED:09:74:3A:7B:BC:9C:AF:2B:A8:2B:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D3F4CA0EBC1057296F68533B39329EAB758B6D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Wed 05 Mar 2025 16:51:02 +0000
ROA not before: Wed 05 Mar 2025 16:51:02 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3f:4c:a0:eb:c1:05:72:96:f6:85:33:b3:93:29:ea:b7:58:b6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:51:02 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:a7:8d:23:6a:89:53:ec:64:73:29:81:31:
63:64:ff:c9:1b:9b:c5:d4:47:7d:45:7f:ef:3b:45:
49:53:7e:20:e2:44:43:4c:1d:3f:c8:10:e4:71:df:
ed:fc:89:ee:f5:fd:65:2d:25:e9:ac:90:c4:1d:5d:
31:a6:3b:20:9d:23:87:fb:33:1e:cf:3b:81:1c:16:
d6:47:17:04:c4:63:db:78:89:8d:a5:c9:62:2a:fb:
42:f7:71:af:5d:de:43:d1:5f:5b:f6:2c:36:dd:96:
46:a7:18:8e:85:04:ed:b9:58:2d:d9:03:f7:f3:f8:
32:d7:1b:d3:e4:59:8c:60:e7:ca:b3:90:fc:cd:67:
83:2c:b7:99:bd:e1:e3:83:e1:ee:0d:fd:ca:2e:49:
93:5b:f4:14:55:9a:60:f8:5b:43:2c:48:7c:1f:df:
d1:aa:a6:ca:88:7b:f3:7e:c2:d7:71:49:ce:bc:11:
62:e7:91:0c:cd:2f:10:45:d8:d7:41:aa:50:15:b2:
bf:14:75:41:1c:3f:c9:22:96:14:46:e2:80:5e:c8:
8d:42:01:7d:71:94:9a:48:09:6e:11:97:3f:c1:37:
ce:1f:be:e0:e8:4f:53:d3:c9:62:e7:b2:37:92:49:
a3:6a:c4:47:4c:01:1d:50:f9:d0:65:92:00:91:99:
0f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E1:93:55:8A:9F:F4:C9:ED:09:74:3A:7B:BC:9C:AF:2B:A8:2B:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
84:46:73:ff:cf:de:23:88:31:4f:24:88:0c:cb:73:01:3f:7c:
11:0a:3b:78:4a:13:f1:3f:97:af:62:06:cc:45:73:b1:57:83:
74:d0:ed:b0:4b:8f:d3:d4:f3:74:ee:6a:7a:d8:60:7f:2a:8f:
94:7a:76:93:2d:35:8b:56:0d:98:c6:11:bf:f2:93:4b:87:f9:
2d:79:be:96:15:b3:fd:7f:7b:af:96:27:f1:da:7a:7e:6c:23:
d7:03:f7:f1:78:ac:2e:c1:ed:6b:46:3f:b8:45:af:f5:dc:8f:
05:b6:b4:c3:93:b9:db:b7:d3:68:b1:1f:23:32:c2:f2:18:17:
c2:eb:18:f5:a1:85:27:52:e9:d7:e0:d2:f5:cd:77:5f:da:48:
fb:b3:9f:83:22:24:8f:f1:6b:cb:52:c3:ec:43:ac:ab:8d:02:
a7:82:4f:2a:c6:ec:9d:a7:a2:98:23:16:e3:2f:4c:69:4e:4c:
80:3b:d8:76:ce:27:21:b6:4b:a1:37:c3:25:32:a6:70:0a:ea:
a3:97:fa:2c:04:4b:40:ad:cc:49:bd:a9:7b:91:6b:fd:0d:58:
c2:75:37:6e:22:ff:a1:d9:98:a5:14:d9:c2:63:6e:28:14:6e:
c8:0b:93:c7:1d:27:78:cc:9e:44:06:9a:13:66:e6:08:7b:29:
89:7a:73:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHT9MoOvBBXKW9oUzs5Mp6rdYttQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjUxMDJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2OTAyOGUzMjkwYmQ0MWQ3ZDliMzdmNGNiODhkZTJiMjQ3ZDNlMjMxODZh
ZTI4MjFhZjQxNjhlYjViZjcxYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvgp40jaolT7GRzKYExY2T/yRubxdRHfUV/7ztFSVN+IOJEQ0wdP8gQ5HHf
7fyJ7vX9ZS0l6ayQxB1dMaY7IJ0jh/szHs87gRwW1kcXBMRj23iJjaXJYir7Qvdx
r13eQ9FfW/YsNt2WRqcYjoUE7blYLdkD9/P4Mtcb0+RZjGDnyrOQ/M1ngyy3mb3h
44Ph7g39yi5Jk1v0FFWaYPhbQyxIfB/f0aqmyoh7837C13FJzrwRYueRDM0vEEXY
10GqUBWyvxR1QRw/ySKWFEbigF7IjUIBfXGUmkgJbhGXP8E3zh++4OhPU9PJYuey
N5JJo2rER0wBHVD50GWSAJGZDy8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTE4ZNV
ip/0ye0JdDp7vJyvK6grNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAhEZz/8/eI4gxTySIDMtzAT98EQo7eEoT8T+X
r2IGzEVzsVeDdNDtsEuP09TzdO5qethgfyqPlHp2ky01i1YNmMYRv/KTS4f5LXm+
lhWz/X97r5Yn8dp6fmwj1wP38XisLsHta0Y/uEWv9dyPBba0w5O527fTaLEfIzLC
8hgXwusY9aGFJ1Lp1+DS9c13X9pI+7OfgyIkj/Fry1LD7EOsq40Cp4JPKsbsnaei
mCMW4y9MaU5MgDvYds4nIbZLoTfDJTKmcArqo5f6LARLQK3MSb2pe5Fr/Q1YwnU3
biL/odmYpRTZwmNuKBRuyAuTxx0neMyeRAaaE2bmCHspiXpzaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:54 2025 by rpki-client