Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json)
Hash identifier: +/c51f5Km7LEk7qpZVQb5+sUHCAuXDixB4PMI+kGPEk=
Subject key identifier: A5:4C:6D:65:52:03:48:ED:03:E5:5D:6A:BF:B8:4B:64:9E:60:60:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51A151CA24D0452C7452362B3F39DE7060B3291D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
Signing time: Mon 24 Mar 2025 19:30:28 +0000
ROA not before: Mon 24 Mar 2025 19:30:28 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:a1:51:ca:24:d0:45:2c:74:52:36:2b:3f:39:de:70:60:b3:29:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 24 19:30:28 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1b:ca:91:aa:38:a9:79:e7:2e:f5:d0:25:11:
29:d5:60:94:a5:fb:03:87:d1:5f:94:86:8e:42:b4:
86:c0:d8:91:2d:20:52:3e:ab:90:77:63:4f:49:f7:
eb:da:d2:cc:e5:c1:7d:42:07:97:7b:4d:e6:af:ce:
ab:09:d2:ef:be:ae:5d:31:44:25:cf:25:5e:4c:9c:
0d:d4:dc:1a:bf:0f:b9:3c:ad:b9:c8:2f:f1:fc:2d:
e2:d5:34:78:2a:b9:2b:32:f3:8e:87:87:0d:81:4b:
bd:ba:ab:02:85:47:9c:24:b5:5a:19:8e:7d:d8:80:
75:7b:c2:dd:e3:a6:20:45:aa:f3:c5:a2:24:51:eb:
03:81:1f:b0:a8:22:3e:ee:73:ae:16:cc:d4:b4:76:
f5:ee:27:d2:26:e3:20:07:51:08:01:44:d6:d8:86:
64:4c:46:c3:5c:58:4f:24:5f:b1:22:ae:0a:2c:09:
eb:75:2b:68:8a:92:28:70:ef:fc:74:3c:75:d7:54:
c5:36:cc:5c:30:3e:aa:2c:e8:05:a3:d7:9c:df:42:
12:fb:b6:57:7c:04:8d:37:c0:3b:4f:6d:f5:ff:60:
6d:7e:55:2f:4f:8c:3c:7f:08:af:ef:60:ae:8d:5f:
ba:41:59:b9:e5:b0:32:fc:d5:f2:36:ea:08:28:31:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4C:6D:65:52:03:48:ED:03:E5:5D:6A:BF:B8:4B:64:9E:60:60:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:b7:6e:6d:b3:1e:e4:c4:82:81:cc:ff:26:93:fe:1c:ee:bd:
af:db:47:d4:8e:1a:1d:91:ba:0d:d1:f8:7f:36:ef:3a:ac:d6:
b1:0e:ad:7d:5d:de:6e:87:74:9d:65:0b:5d:e8:09:35:fa:83:
1e:19:34:de:5b:39:44:38:bc:e5:67:fd:99:5e:3c:f8:be:05:
b8:c1:e2:e7:87:ec:49:31:b5:00:e0:08:67:cd:59:89:25:09:
90:6c:2d:db:41:72:af:b7:6a:a3:50:64:bd:31:aa:05:11:9b:
9e:3b:a4:f9:23:aa:c5:f7:15:7e:ad:00:71:43:16:27:60:d7:
b6:89:1e:df:9d:d7:00:18:9e:85:bc:24:88:e1:01:0a:f6:0b:
35:45:33:f3:d3:e9:19:cc:d9:89:d2:b9:aa:8e:58:f6:f5:f3:
8c:0e:62:a6:42:40:1b:fa:ab:24:62:87:74:11:fb:8d:87:a0:
58:21:54:fb:d2:cb:78:c2:c7:41:bb:d9:23:51:fb:01:1c:82:
f3:b5:c5:ca:53:c5:98:e6:e3:0b:26:fb:1c:de:7c:ba:e6:23:
55:fd:29:81:b8:a4:ab:f8:3e:fb:8d:99:d8:b2:69:9a:dd:31:
61:cf:e6:b7:fa:c3:6d:df:86:1f:e8:64:36:0b:a5:f9:4d:fc:
b3:6d:ce:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUaFRyiTQRSx0UjYrPznecGCzKR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjQxOTMwMjhaFw0yNTA0MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NmFiZjNlNmRiZDQ0YTQ1ZDU0ZjhmMDlmODgxOGU3OThiODg5YjgyNzk2
YTE5Nzc4YmUzZWFmZTAzMzA2MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgbypGqOKl55y710CURKdVglKX7A4fRX5SGjkK0hsDYkS0gUj6rkHdjT0n3
69rSzOXBfUIHl3tN5q/OqwnS776uXTFEJc8lXkycDdTcGr8PuTytucgv8fwt4tU0
eCq5KzLzjoeHDYFLvbqrAoVHnCS1WhmOfdiAdXvC3eOmIEWq88WiJFHrA4EfsKgi
Pu5zrhbM1LR29e4n0ibjIAdRCAFE1tiGZExGw1xYTyRfsSKuCiwJ63UraIqSKHDv
/HQ8dddUxTbMXDA+qizoBaPXnN9CEvu2V3wEjTfAO09t9f9gbX5VL0+MPH8Ir+9g
ro1fukFZueWwMvzV8jbqCCgxLykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlTG1l
UgNI7QPlXWq/uEtknmBgnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPt25tsx7kxIKBzP8mk/4c7r2v20fUjhodkboN
0fh/Nu86rNaxDq19Xd5uh3SdZQtd6Ak1+oMeGTTeWzlEOLzlZ/2ZXjz4vgW4weLn
h+xJMbUA4AhnzVmJJQmQbC3bQXKvt2qjUGS9MaoFEZueO6T5I6rF9xV+rQBxQxYn
YNe2iR7fndcAGJ6FvCSI4QEK9gs1RTPz0+kZzNmJ0rmqjlj29fOMDmKmQkAb+qsk
Yod0EfuNh6BYIVT70st4wsdBu9kjUfsBHILztcXKU8WY5uMLJvsc3ny65iNV/SmB
uKSr+D77jZnYsmma3TFhz+a3+sNt34Yf6GQ2C6X5Tfyzbc5b
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:48 2025 by rpki-client