Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: ouKjECH9tA6b6AnaHf2SS/h+texsBJJh4DUtIpkfmDQ=
Subject key identifier: EA:B1:D1:80:BD:EA:B7:D9:9B:DD:62:B2:38:0B:15:01:5F:A0:6D:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4218BFC0E478891C36DD8BCA9A9553EFA49CBBF5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Wed 05 Mar 2025 17:20:54 +0000
ROA not before: Wed 05 Mar 2025 17:20:54 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:18:bf:c0:e4:78:89:1c:36:dd:8b:ca:9a:95:53:ef:a4:9c:bb:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:20:54 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:29:9c:00:3b:b1:76:56:1a:69:75:76:95:a0:
14:51:f6:0f:b5:6e:28:1e:db:f9:1a:87:db:f3:f8:
d8:79:e8:12:c3:c9:9a:12:18:81:7d:75:e3:3a:63:
bc:1d:6b:59:2c:78:aa:70:9b:69:30:73:9f:c6:e0:
19:66:07:0b:75:e4:db:2f:72:2f:db:b7:62:f6:45:
8f:43:2c:80:6d:52:5e:23:23:81:e4:b3:52:d5:e1:
a3:1d:7f:ec:b2:c9:91:74:6a:e5:86:dc:81:7e:d3:
0b:1f:a2:ac:45:e7:2d:b3:a0:01:c1:84:31:63:aa:
08:48:60:04:5e:a6:c3:f9:44:40:26:ed:95:3c:c6:
20:cb:88:92:16:07:b4:5c:fa:42:ac:96:e6:e5:64:
45:81:d0:a1:44:f9:31:04:7a:6c:1f:68:ac:85:12:
f7:94:ad:93:98:a4:fd:0f:26:90:12:fc:9c:a6:79:
c7:d0:92:07:e1:cb:a0:af:c2:85:27:65:45:db:bb:
af:99:73:5d:8a:e1:d9:56:b4:5b:8e:d5:25:53:10:
8f:7e:f3:35:e0:40:ac:28:59:c1:a8:f4:cd:de:e6:
1b:13:cf:71:9e:2d:08:a3:df:31:81:fd:8e:47:d2:
a6:1c:b2:2f:57:57:e4:67:a8:a0:f8:50:0d:90:65:
14:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B1:D1:80:BD:EA:B7:D9:9B:DD:62:B2:38:0B:15:01:5F:A0:6D:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:c4:50:1d:85:19:3e:4a:52:57:3d:8f:80:1c:5b:c2:80:37:
06:a2:0d:80:7b:d6:eb:a0:b0:46:d1:76:5b:36:69:15:48:3a:
97:e2:2f:6f:14:9c:69:1a:65:57:ce:b0:22:84:a0:4b:ca:9f:
6c:3d:10:40:da:51:8b:81:b3:97:da:26:42:3b:63:c8:25:03:
f3:c3:0d:74:67:ea:c9:e2:97:45:f5:d6:be:e7:c9:cb:6e:e9:
e1:80:e2:af:82:b7:00:1e:17:30:52:3c:cb:d2:b5:40:c6:c1:
27:c0:9a:87:d9:5b:2f:88:37:45:e4:e7:15:6e:33:83:16:83:
f5:a1:0b:51:fe:16:2d:f7:3a:1d:f3:04:99:0c:93:a7:80:da:
a8:b3:91:83:40:94:8b:06:d9:7c:be:3f:d5:fd:36:b2:89:79:
e4:9b:dd:90:b7:e3:bc:a8:eb:8c:68:11:fa:ea:8e:d2:5c:54:
68:65:8a:46:77:25:9c:0e:ac:c0:9a:89:49:a1:43:c2:b1:c8:
98:46:44:72:a9:4f:4f:0a:e9:04:56:7f:5e:47:4b:b3:c0:51:
76:b2:f2:4c:0f:db:a4:7d:95:a2:ec:f7:f2:83:c7:3a:0e:37:
b6:09:7d:c7:92:89:3a:2e:0b:74:72:3f:c6:c2:a5:69:2b:f5:
44:a8:02:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQhi/wOR4iRw23YvKmpVT76Scu/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIwNTRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MDRkM2Q1ZjllMDQ2YWJlN2UxNjZlNzU5MDZhYWNmNjc1N2U1NGFiNWVm
YTMwZjFlMDA5MWQ4MjhkYWU1YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMApnAA7sXZWGml1dpWgFFH2D7VuKB7b+RqH2/P42HnoEsPJmhIYgX114zpj
vB1rWSx4qnCbaTBzn8bgGWYHC3Xk2y9yL9u3YvZFj0MsgG1SXiMjgeSzUtXhox1/
7LLJkXRq5YbcgX7TCx+irEXnLbOgAcGEMWOqCEhgBF6mw/lEQCbtlTzGIMuIkhYH
tFz6QqyW5uVkRYHQoUT5MQR6bB9orIUS95Stk5ik/Q8mkBL8nKZ5x9CSB+HLoK/C
hSdlRdu7r5lzXYrh2Va0W47VJVMQj37zNeBArChZwaj0zd7mGxPPcZ4tCKPfMYH9
jkfSphyyL1dX5GeooPhQDZBlFH8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqsdGA
veq32ZvdYrI4CxUBX6BtZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQAaxFAdhRk+SlJXPY+AHFvCgDcGog2Ae9broLBG
0XZbNmkVSDqX4i9vFJxpGmVXzrAihKBLyp9sPRBA2lGLgbOX2iZCO2PIJQPzww10
Z+rJ4pdF9da+58nLbunhgOKvgrcAHhcwUjzL0rVAxsEnwJqH2VsviDdF5OcVbjOD
FoP1oQtR/hYt9zod8wSZDJOngNqos5GDQJSLBtl8vj/V/TayiXnkm92Qt+O8qOuM
aBH66o7SXFRoZYpGdyWcDqzAmolJoUPCsciYRkRyqU9PCukEVn9eR0uzwFF2svJM
D9ukfZWi7Pfyg8c6Dje2CX3Hkok6Lgt0cj/GwqVpK/VEqAKr
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:50 2025 by rpki-client