Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json)
Hash identifier: SSxcOWJVMtZSCFu+TTSf4nPvpgXg/0JMBaa0gKVXYTY=
Subject key identifier: A1:BC:14:EB:0F:88:32:90:C4:3F:EB:E4:62:68:F8:7B:B5:B4:FD:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58CE72327E813B08B127C53E4212BF2CD1461D44
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
Signing time: Wed 05 Mar 2025 16:41:17 +0000
ROA not before: Wed 05 Mar 2025 16:41:17 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:ce:72:32:7e:81:3b:08:b1:27:c5:3e:42:12:bf:2c:d1:46:1d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:41:17 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:31:80:e4:c9:e4:37:44:5b:08:70:a2:2b:69:
76:61:df:85:e4:59:fc:64:50:6e:d1:ad:9a:77:01:
df:39:d0:86:eb:1e:fd:67:50:92:2d:fe:af:f0:61:
10:1a:e2:6d:9b:44:27:9a:fd:51:df:6f:56:bc:30:
06:ae:97:8f:b4:12:1d:45:0b:5b:35:31:a7:59:2e:
83:dd:bf:40:a3:e7:12:dc:8b:66:f1:79:b6:04:4a:
de:2c:97:d4:c6:0f:c8:4e:0b:6d:8c:21:d0:f8:24:
68:f9:6c:81:bf:83:11:0d:1a:42:15:93:ca:34:3d:
dd:85:54:e3:6e:e0:d5:42:13:94:3b:8e:e4:9c:fb:
de:05:61:a3:c8:58:ab:1f:0f:ef:fe:47:a6:f7:5c:
a1:fc:be:78:4f:dc:25:d1:22:1e:36:dc:68:3c:29:
d4:8f:d4:95:6a:3d:71:52:dc:27:c5:02:93:e7:db:
51:ed:ec:ad:02:12:48:f1:37:52:b8:a8:09:de:ed:
7f:3f:5a:bc:25:a3:15:58:93:bb:6e:47:7f:16:07:
73:ed:23:0d:ee:ec:a6:33:c1:8a:46:15:40:94:cc:
85:dd:65:e6:fe:17:ee:04:22:d4:5d:77:05:14:b3:
3e:3a:4c:55:2f:56:2d:69:64:19:3d:62:2b:7f:0d:
70:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BC:14:EB:0F:88:32:90:C4:3F:EB:E4:62:68:F8:7B:B5:B4:FD:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
26:e7:3e:09:4e:7e:44:c6:96:9f:60:8a:00:e7:49:87:2b:e9:
7f:fe:cf:64:cc:c1:f8:9a:c4:e0:87:90:10:c0:fd:4e:f8:4d:
27:4f:8b:4f:0e:8b:6d:36:2d:a0:aa:d1:31:ad:bd:83:5f:c0:
ab:f3:7c:e0:37:e0:e4:a3:d1:c3:bf:22:1c:4b:00:00:6a:e5:
35:5a:89:d6:f2:1c:97:37:05:49:5d:72:3a:32:ed:d1:af:c8:
41:a6:53:31:e0:b2:69:61:9d:09:07:a7:98:e3:e5:51:3c:0e:
d4:3b:96:07:29:b4:21:2f:61:7e:45:3d:37:6f:d1:89:31:0c:
39:67:67:3f:7a:0e:e6:10:a2:99:06:f3:58:f8:4f:2d:67:f5:
ec:93:55:ad:d6:a0:12:e0:24:78:31:10:6a:31:48:11:6f:df:
32:dd:9e:5d:c1:45:52:be:b5:f2:14:b5:9d:88:dc:f2:7b:21:
d1:f1:fa:44:7c:2c:40:00:21:a2:a2:01:33:f8:49:e6:56:ed:
89:6c:9b:28:95:a6:b2:7c:85:2e:e1:ec:c9:d4:93:af:79:1e:
0d:48:4a:8c:89:51:b5:67:a8:46:64:a0:32:72:90:80:af:98:
8f:c2:92:9d:8c:7f:85:e4:8b:49:33:f7:01:87:8f:3d:0e:3b:
68:e0:51:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWM5yMn6BOwixJ8U+QhK/LNFGHUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjQxMTdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiOTNiMWQzOWNiOGFjODI3NGIwYTg5MDliYWZmYjM4Y2RlNjM0NTUwODQz
ZTA0NTNhYzQwY2RhYzA5MjJhYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYxgOTJ5DdEWwhwoitpdmHfheRZ/GRQbtGtmncB3znQhuse/WdQki3+r/Bh
EBribZtEJ5r9Ud9vVrwwBq6Xj7QSHUULWzUxp1kug92/QKPnEtyLZvF5tgRK3iyX
1MYPyE4LbYwh0PgkaPlsgb+DEQ0aQhWTyjQ93YVU427g1UITlDuO5Jz73gVho8hY
qx8P7/5Hpvdcofy+eE/cJdEiHjbcaDwp1I/UlWo9cVLcJ8UCk+fbUe3srQISSPE3
UrioCd7tfz9avCWjFViTu25HfxYHc+0jDe7spjPBikYVQJTMhd1l5v4X7gQi1F13
BRSzPjpMVS9WLWlkGT1iK38NcPcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShvBTr
D4gykMQ/6+RiaPh7tbT93zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA
MA0GCSqGSIb3DQEBCwUAA4IBAQAm5z4JTn5ExpafYIoA50mHK+l//s9kzMH4msTg
h5AQwP1O+E0nT4tPDottNi2gqtExrb2DX8Cr83zgN+Dko9HDvyIcSwAAauU1WonW
8hyXNwVJXXI6Mu3Rr8hBplMx4LJpYZ0JB6eY4+VRPA7UO5YHKbQhL2F+RT03b9GJ
MQw5Z2c/eg7mEKKZBvNY+E8tZ/Xsk1Wt1qAS4CR4MRBqMUgRb98y3Z5dwUVSvrXy
FLWdiNzyeyHR8fpEfCxAACGiogEz+EnmVu2JbJsolaayfIUu4ezJ1JOveR4NSEqM
iVG1Z6hGZKAycpCAr5iPwpKdjH+F5ItJM/cBh489Djto4FEQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:58 2025 by rpki-client