Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: DA82kOs0kLhSqb9VUKA2XimpHg6uDtXMCHt8acSFCzQ=
Subject key identifier: 48:97:44:E6:9B:CB:E1:5E:DE:6A:E5:91:D9:61:B2:B2:34:3C:8D:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D70E0547FCA753AB2F90D3C6BBFE87A75DC6B3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Wed 05 Mar 2025 17:21:53 +0000
ROA not before: Wed 05 Mar 2025 17:21:53 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:70:e0:54:7f:ca:75:3a:b2:f9:0d:3c:6b:bf:e8:7a:75:dc:6b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:21:53 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3a:a9:20:18:94:13:6f:42:56:0e:37:5f:aa:
57:b4:23:13:85:f6:d0:7d:f1:66:b9:a8:46:51:51:
90:34:1b:88:97:2b:b0:ae:79:c0:54:23:3d:e7:03:
56:b2:85:df:0d:f5:da:0c:b2:45:3a:48:cf:40:a8:
1d:ef:a9:a9:d7:1e:b6:cf:d2:f3:a2:8c:64:08:18:
9c:5a:a6:3a:80:40:7e:ae:1c:4d:9b:90:56:87:10:
89:89:e5:94:f8:5e:1e:b2:e2:b8:c5:a6:1b:62:ce:
26:e4:55:e5:35:55:87:7a:ff:17:69:b5:d4:ac:c4:
e9:14:12:73:1a:23:6d:01:95:6f:0c:7f:7a:a3:f5:
e9:7f:47:7d:8b:60:24:e5:07:73:d3:c8:20:9b:b4:
aa:ee:83:3d:2a:2a:cc:1d:59:16:df:54:86:44:dd:
5a:a4:4c:6c:b7:87:96:c1:3a:83:66:5e:d3:08:89:
47:88:00:80:a2:32:fa:25:8d:f7:c4:b5:d5:4b:54:
65:87:12:ef:ce:35:f0:d5:b2:14:79:bc:ed:90:3d:
32:e7:77:8e:be:07:10:ec:45:ff:c9:36:c0:be:76:
fb:9c:d8:4e:63:43:df:39:c9:d2:d1:cb:75:57:b8:
47:a0:df:25:a1:92:65:ff:6b:65:a3:0c:27:3a:ec:
67:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:97:44:E6:9B:CB:E1:5E:DE:6A:E5:91:D9:61:B2:B2:34:3C:8D:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:77:79:2d:1c:28:04:d4:a5:5b:3f:b0:b2:d6:da:6e:92:bb:
92:8b:e2:97:1c:21:a0:3d:9d:2c:28:6a:e8:2c:94:64:f9:55:
f8:68:24:af:ac:ba:2f:72:9e:51:66:21:47:18:1d:27:92:1f:
f1:d2:8d:94:e8:0c:66:81:94:1d:a6:0d:0b:71:0f:7e:1e:9a:
b0:2e:43:db:02:8c:1a:8f:51:7b:bb:56:1a:34:5f:5e:9f:bc:
49:0e:a6:16:87:3e:ba:b2:3c:78:95:e0:1f:1a:f1:26:d9:ae:
88:d6:5d:ee:d1:8a:78:71:b5:4b:de:64:65:af:67:0e:96:39:
3c:a1:a1:23:75:0b:5e:fb:94:52:d8:cd:bb:e6:2a:76:b2:a4:
14:fd:70:1b:9d:cf:f8:fb:9e:39:ce:04:67:61:32:e0:3f:c5:
05:66:75:e0:5c:72:9e:0f:f5:45:97:c0:7f:35:82:5d:60:06:
53:fc:5a:03:d7:8b:12:99:23:22:02:24:37:0a:f0:98:07:d3:
13:e3:55:5b:00:4c:0d:b2:5e:00:49:50:d5:e9:a6:52:1e:25:
c5:37:a0:2c:00:44:81:12:7a:35:a1:76:10:23:d9:47:c8:70:
9a:7d:3d:3c:3a:fb:ac:f4:e6:57:11:9f:f3:c4:96:4d:12:56:
c5:38:f3:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXXDgVH/KdTqy+Q08a7/oenXcaz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIxNTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMDViNGY4ZmQ3YTU1OWUzN2YzNjQxZmMzZDc3MDM1OTUxMGVhMmI5MjE5
Njg2NTI1YmJhYjkwOTNhODQzOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOk6qSAYlBNvQlYON1+qV7QjE4X20H3xZrmoRlFRkDQbiJcrsK55wFQjPecD
VrKF3w312gyyRTpIz0CoHe+pqdcets/S86KMZAgYnFqmOoBAfq4cTZuQVocQiYnl
lPheHrLiuMWmG2LOJuRV5TVVh3r/F2m11KzE6RQScxojbQGVbwx/eqP16X9HfYtg
JOUHc9PIIJu0qu6DPSoqzB1ZFt9UhkTdWqRMbLeHlsE6g2Ze0wiJR4gAgKIy+iWN
98S11UtUZYcS78418NWyFHm87ZA9Mud3jr4HEOxF/8k2wL52+5zYTmND3znJ0tHL
dVe4R6DfJaGSZf9rZaMMJzrsZz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIl0Tm
m8vhXt5q5ZHZYbKyNDyN/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQA7d3ktHCgE1KVbP7Cy1tpukruSi+KXHCGgPZ0s
KGroLJRk+VX4aCSvrLovcp5RZiFHGB0nkh/x0o2U6AxmgZQdpg0LcQ9+HpqwLkPb
Aowaj1F7u1YaNF9en7xJDqYWhz66sjx4leAfGvEm2a6I1l3u0Yp4cbVL3mRlr2cO
ljk8oaEjdQte+5RS2M275ip2sqQU/XAbnc/4+545zgRnYTLgP8UFZnXgXHKeD/VF
l8B/NYJdYAZT/FoD14sSmSMiAiQ3CvCYB9MT41VbAEwNsl4ASVDV6aZSHiXFN6As
AESBEno1oXYQI9lHyHCafT08Ovus9OZXEZ/zxJZNElbFOPOx
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:09 2025 by rpki-client