Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: AFJi8Ic3jVMAlPkDQH1w4xD1jjqJ1ntI/vlXJ50zFAo=
Subject key identifier: F9:2F:03:81:D0:51:88:9F:B9:A4:76:35:B1:57:70:5F:5B:05:A0:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19BBE8361E647AE88B74B24ED29CEB7F530BB636
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Wed 05 Mar 2025 15:01:10 +0000
ROA not before: Wed 05 Mar 2025 15:01:10 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:bb:e8:36:1e:64:7a:e8:8b:74:b2:4e:d2:9c:eb:7f:53:0b:b6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:01:10 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:5f:e6:fb:25:d3:3c:49:d6:7b:f4:bb:bf:
7e:7e:0c:14:33:b0:63:8e:b6:54:7c:64:3b:db:c4:
d3:ce:bf:3c:e1:cc:73:05:fa:20:1c:ae:92:03:ee:
4a:6c:23:45:e4:2f:46:71:78:73:e5:f0:58:8c:f9:
3c:54:e9:ca:1b:3c:24:89:ca:db:f5:83:af:96:19:
1e:45:a5:a1:95:42:24:57:26:81:92:2b:85:2f:46:
68:4a:d6:e7:76:15:db:71:3e:9a:e0:2c:01:fb:cc:
42:c2:9c:d9:a3:cc:65:6e:9d:d5:48:fa:d5:2b:31:
21:50:1b:55:38:1f:58:5b:69:27:21:53:c0:d3:d3:
ea:bb:ee:3c:13:27:b8:1a:df:50:3d:d0:af:fe:41:
58:80:d3:ed:9d:d5:c4:6d:46:ad:81:56:a0:49:7a:
d7:cb:6f:36:ee:10:ec:4d:0c:60:5e:56:a3:08:85:
d9:59:2e:89:e4:0c:23:ab:8b:92:44:98:7c:ee:62:
9f:4c:83:c7:f5:77:f8:8d:10:10:39:94:07:92:ed:
4e:51:bb:e9:d9:0f:e3:8c:23:6a:ff:e2:6a:b3:92:
0a:c7:57:ad:11:0f:25:35:c7:84:4b:bb:03:44:54:
50:5e:12:68:09:95:81:8d:cc:04:3a:dc:db:70:8b:
76:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2F:03:81:D0:51:88:9F:B9:A4:76:35:B1:57:70:5F:5B:05:A0:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
9d:1a:63:e3:a7:bb:05:6f:3c:f0:dd:1e:cd:3b:2a:d0:a0:f9:
82:89:af:08:37:61:d3:14:d2:5a:42:5a:9f:0f:3c:c4:59:ef:
e7:c0:c6:b3:a2:27:12:d0:a3:3c:49:fc:9e:fa:e8:11:05:53:
48:bf:2b:cf:89:56:9d:ba:da:98:82:9e:22:50:61:96:d0:9c:
e2:72:d4:45:c2:2c:f9:bf:bd:0f:fd:d7:96:a2:30:74:ac:a9:
3a:c0:6c:bd:cc:bc:2e:11:de:a7:ce:6d:1d:e6:a7:a1:e5:e2:
c7:ad:58:71:6e:68:0d:77:9f:7f:16:41:01:85:ca:0b:d6:30:
78:10:3c:3e:3e:70:49:30:00:ae:f6:67:8b:c9:86:65:2d:ee:
49:c3:e8:91:a6:64:54:c1:19:d9:2a:75:0f:c8:38:60:80:8a:
c2:92:a8:dd:27:34:ba:26:4c:3b:a0:63:5a:ee:a4:32:43:0f:
96:d8:23:c4:0e:e9:16:8d:b6:8c:81:a8:c4:c9:34:b5:8e:ec:
41:d9:5a:94:0c:37:f4:c5:00:14:ee:ee:26:46:55:83:65:99:
91:f3:d8:f6:ee:d3:88:18:38:6c:e8:d7:5e:50:75:f2:23:83:
d5:04:44:a2:02:1d:b6:72:70:34:e6:9e:98:0d:e7:d7:f2:cb:
68:4b:37:92
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGbvoNh5keuiLdLJO0pzrf1MLtjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTAxMTBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMTk1Zjc5M2YxMjU4YTBhNjNmMmU0ZTk1YTg0Mjk3ODBmMzA1YjcyYjM3
NTI0NWE1ZjhjNGMzZTk2NjZmOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOgX+b7JdM8SdZ79Lu/fn4MFDOwY462VHxkO9vE086/POHMcwX6IByukgPu
SmwjReQvRnF4c+XwWIz5PFTpyhs8JInK2/WDr5YZHkWloZVCJFcmgZIrhS9GaErW
53YV23E+muAsAfvMQsKc2aPMZW6d1Uj61SsxIVAbVTgfWFtpJyFTwNPT6rvuPBMn
uBrfUD3Qr/5BWIDT7Z3VxG1GrYFWoEl618tvNu4Q7E0MYF5WowiF2VkuieQMI6uL
kkSYfO5in0yDx/V3+I0QEDmUB5LtTlG76dkP44wjav/iarOSCsdXrREPJTXHhEu7
A0RUUF4SaAmVgY3MBDrc23CLdiUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5LwOB
0FGIn7mkdjWxV3BfWwWgIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAnRpj46e7BW888N0ezTsq0KD5gomvCDdh0xTS
WkJanw88xFnv58DGs6InEtCjPEn8nvroEQVTSL8rz4lWnbramIKeIlBhltCc4nLU
RcIs+b+9D/3XlqIwdKypOsBsvcy8LhHep85tHeanoeXix61YcW5oDXeffxZBAYXK
C9YweBA8Pj5wSTAArvZni8mGZS3uScPokaZkVMEZ2Sp1D8g4YICKwpKo3Sc0uiZM
O6BjWu6kMkMPltgjxA7pFo22jIGoxMk0tY7sQdlalAw39MUAFO7uJkZVg2WZkfPY
9u7TiBg4bOjXXlB18iOD1QREogIdtnJwNOaemA3n1/LLaEs3kg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:16 2025 by rpki-client