Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: DQBzh7n8lTQZi0oP2SMemECm1OJbi2t+tNfz74+WI5A=
Subject key identifier: E4:80:23:DE:65:36:5A:01:89:EC:BB:DF:3B:B2:64:25:F2:4B:BB:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 156776CBC98E716472AABDA79CF8F7D0DDEC244D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Wed 05 Mar 2025 16:30:09 +0000
ROA not before: Wed 05 Mar 2025 16:30:09 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:67:76:cb:c9:8e:71:64:72:aa:bd:a7:9c:f8:f7:d0:dd:ec:24:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:30:09 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:cc:c1:68:b2:b8:56:53:3b:0f:c6:e9:90:
fe:b5:1e:11:73:5c:d1:a1:16:3c:86:d9:5a:8e:b4:
de:2d:19:7f:e2:fe:9a:da:33:c3:1f:ba:49:f7:43:
b6:ab:75:00:8e:79:93:70:3d:5c:6b:6f:9f:8b:e0:
56:19:4c:be:d8:e4:57:61:50:82:85:73:e5:a1:df:
34:42:cc:6d:9d:18:4a:02:61:b7:ea:e9:94:c6:1c:
5d:be:d4:c6:d6:a9:dd:13:49:52:d9:0b:b7:e9:d7:
a9:cf:f5:ac:02:3c:f5:fe:23:f9:4b:6b:0f:6a:84:
7b:8c:9c:6e:22:1f:7f:a3:25:d8:56:75:92:d6:a4:
e8:1d:14:69:ca:1a:bd:3d:8a:80:e2:0e:32:e8:ad:
1b:00:3c:d4:3c:3c:02:60:fb:8f:79:bf:25:5d:ad:
ae:be:df:ee:8f:4c:a5:12:81:83:99:fe:e6:0b:66:
2d:1e:6c:b2:b8:08:0f:5f:2d:af:43:80:70:c2:1d:
16:1a:51:0e:95:09:ff:40:93:2d:b6:d2:8a:cf:2f:
00:c6:20:74:d7:a5:04:b6:ca:83:9e:a7:9c:94:d7:
de:95:9a:13:db:64:8d:ae:d1:ae:33:a4:89:89:20:
66:9d:34:81:08:53:d1:18:f0:77:ad:16:8f:51:3a:
26:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:80:23:DE:65:36:5A:01:89:EC:BB:DF:3B:B2:64:25:F2:4B:BB:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
bd:7c:6e:52:07:04:9d:3f:29:20:95:fb:d2:95:69:b9:ee:73:
01:95:09:dd:51:77:97:d4:49:d2:16:55:57:50:6c:30:13:92:
a0:80:a2:cf:b1:14:55:b4:c6:95:b5:51:b2:7a:58:5e:95:fe:
11:7f:2e:81:7a:88:01:be:cb:b4:a1:d1:6b:57:3d:60:70:b3:
8b:ef:d9:37:39:b7:0f:b0:cb:d3:67:62:60:98:ac:09:d8:e4:
e1:fd:33:d9:ba:c7:00:d5:45:fc:c5:1f:f3:7e:2f:9f:d8:f1:
ed:11:b5:33:f6:de:9f:85:8b:3d:6b:e7:34:11:ba:ce:81:a7:
8c:10:c2:ba:50:f4:b3:30:45:7a:9f:f9:42:05:4d:1e:87:63:
13:22:ce:c6:09:f6:15:66:ce:61:b1:07:a7:e9:e3:c3:ea:ea:
3b:f6:79:07:7c:dc:ac:ec:0a:07:ad:ca:22:1c:94:b7:61:fc:
26:92:e2:19:85:4a:b9:8c:9c:0e:85:e4:54:b3:7e:54:8b:41:
46:9d:bb:12:c9:92:b1:09:85:01:30:13:1e:87:fe:ab:98:ca:
9c:3a:a8:f3:27:34:6d:70:76:53:16:4e:a0:16:9b:d9:85:27:
4b:e1:9b:8a:41:17:da:4c:40:12:c6:86:fb:72:88:77:a6:11:
44:07:bc:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFWd2y8mOcWRyqr2nnPj30N3sJE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjMwMDlaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0YzZkMzc2ZmI3ZWUyOGVkNTRjOTVlN2I2MTM5ZjU0ZjgwYjg0ODlmYjJi
NjhhOGYzZjdlM2NlYzcwMThlYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnrzMFosrhWUzsPxumQ/rUeEXNc0aEWPIbZWo603i0Zf+L+mtozwx+6SfdD
tqt1AI55k3A9XGtvn4vgVhlMvtjkV2FQgoVz5aHfNELMbZ0YSgJht+rplMYcXb7U
xtap3RNJUtkLt+nXqc/1rAI89f4j+UtrD2qEe4ycbiIff6Ml2FZ1ktak6B0Uacoa
vT2KgOIOMuitGwA81Dw8AmD7j3m/JV2trr7f7o9MpRKBg5n+5gtmLR5ssrgID18t
r0OAcMIdFhpRDpUJ/0CTLbbSis8vAMYgdNelBLbKg56nnJTX3pWaE9tkja7RrjOk
iYkgZp00gQhT0Rjwd60Wj1E6JlUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTkgCPe
ZTZaAYnsu987smQl8ku7PzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAvXxuUgcEnT8pIJX70pVpue5zAZUJ3VF3l9RJ
0hZVV1BsMBOSoICiz7EUVbTGlbVRsnpYXpX+EX8ugXqIAb7LtKHRa1c9YHCzi+/Z
Nzm3D7DL02diYJisCdjk4f0z2brHANVF/MUf834vn9jx7RG1M/ben4WLPWvnNBG6
zoGnjBDCulD0szBFep/5QgVNHodjEyLOxgn2FWbOYbEHp+njw+rqO/Z5B3zcrOwK
B63KIhyUt2H8JpLiGYVKuYycDoXkVLN+VItBRp27EsmSsQmFATATHof+q5jKnDqo
8yc0bXB2UxZOoBab2YUnS+GbikEX2kxAEsaG+3KId6YRRAe8fA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:01 2025 by rpki-client