Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
File: 452f19af-8187-465e-9ab8-4e678c11315e.roa (raw, json)
Hash identifier: 4eAGblMypjyYzovBSGYMMe08dWEJiPktcqTOZl565mM=
Subject key identifier: D6:EF:BC:A9:42:50:45:49:6B:C0:FC:74:FD:AE:58:7D:EA:DB:51:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3393DBAA624188C0FFEAE2032A576D01589B18CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
Signing time: Wed 05 Mar 2025 17:50:13 +0000
ROA not before: Wed 05 Mar 2025 17:50:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:93:db:aa:62:41:88:c0:ff:ea:e2:03:2a:57:6d:01:58:9b:18:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:50:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:02:96:4f:c4:00:3d:7a:55:a7:17:5c:33:30:
44:c5:f5:06:54:5d:a9:cb:d1:df:56:3f:99:9e:fe:
45:ff:05:b9:14:b7:83:e4:d0:73:bc:ea:06:59:f0:
92:05:6e:8d:04:56:4b:72:77:b8:35:f1:1b:c0:5d:
66:9f:05:72:1c:ad:1b:2a:a8:b5:b7:3d:64:e7:88:
05:d0:ef:8c:c3:08:7e:de:d0:56:6d:47:8b:68:24:
48:36:a2:c0:09:55:75:6f:29:9c:e8:6e:b4:53:74:
14:df:81:c0:99:cb:f2:93:84:aa:8d:68:77:9a:99:
4a:76:4d:b4:b0:3f:79:bf:48:ef:9a:2a:87:cc:3e:
82:00:43:3b:c7:34:a3:48:53:5a:42:51:61:f4:bd:
07:af:ec:09:77:4d:7f:16:a3:14:bd:f6:38:97:dd:
01:ad:59:78:b2:d3:7d:82:78:ce:e9:34:45:3a:92:
a3:0b:17:c8:35:f3:a9:48:c1:df:02:99:c9:c6:e1:
75:d9:05:e0:31:ea:9e:7c:8c:f3:a4:8d:b8:3e:f1:
88:18:b3:be:65:3e:94:8f:b1:d7:64:fb:f6:63:b7:
82:e7:29:2f:4a:35:a0:9e:64:74:44:c9:23:a1:fe:
47:13:88:3d:02:3c:91:b0:48:5d:7e:52:a0:e9:58:
6e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EF:BC:A9:42:50:45:49:6B:C0:FC:74:FD:AE:58:7D:EA:DB:51:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/37
Signature Algorithm: sha256WithRSAEncryption
9d:6c:17:d2:87:48:e1:43:c4:e0:3f:06:4f:8f:14:47:f7:e7:
3a:0d:83:98:90:e0:c5:fa:f3:58:3d:2b:ba:07:b7:13:b1:00:
b8:9b:2b:ba:d4:46:b7:9f:1f:b9:4f:6a:23:b0:c9:cf:f7:7a:
ea:b1:2f:c2:94:81:d0:53:04:89:96:a0:9d:21:87:e6:63:01:
6d:1b:8a:60:6c:e8:60:37:df:6b:2b:36:f6:a8:ce:d7:66:6f:
91:a3:d4:ec:e3:14:81:41:c5:da:61:35:f0:62:34:3e:37:75:
39:20:cb:10:70:2c:f9:01:1d:2f:78:cf:82:36:9e:5d:ae:98:
4e:58:d4:ca:91:7e:3e:c2:e2:66:2a:66:a6:91:a2:e7:39:e8:
8c:98:9c:50:ba:b8:86:f1:d5:40:73:6f:3c:32:0e:96:d0:62:
67:ff:76:e6:f2:b4:74:13:75:fd:7b:76:22:71:ab:e1:2d:79:
ac:34:52:ac:f5:5a:00:0b:04:45:12:56:8b:5c:c3:f5:84:41:
d8:aa:4a:01:7a:6e:44:42:bf:c1:44:1f:fa:a6:50:bf:9d:20:
f4:5d:11:7f:ef:d8:ec:04:39:86:ef:df:65:f6:59:e5:25:fd:
98:70:3f:5a:56:82:61:51:b4:a8:a3:a9:06:55:10:8a:6c:31:
2f:2c:0a:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM5PbqmJBiMD/6uIDKldtAVibGMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzUwMTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjOGM1NTVkMjEwNzhkYmUzNjEyN2EwNjZkN2Q5OWI3MjQyNjc0YjY4ZTE0
MjZmNzM5MWYxODQyOTQyMmM5NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgClk/EAD16VacXXDMwRMX1BlRdqcvR31Y/mZ7+Rf8FuRS3g+TQc7zqBlnw
kgVujQRWS3J3uDXxG8BdZp8FchytGyqotbc9ZOeIBdDvjMMIft7QVm1Hi2gkSDai
wAlVdW8pnOhutFN0FN+BwJnL8pOEqo1od5qZSnZNtLA/eb9I75oqh8w+ggBDO8c0
o0hTWkJRYfS9B6/sCXdNfxajFL32OJfdAa1ZeLLTfYJ4zuk0RTqSowsXyDXzqUjB
3wKZycbhddkF4DHqnnyM86SNuD7xiBizvmU+lI+x12T79mO3gucpL0o1oJ5kdETJ
I6H+RxOIPQI8kbBIXX5SoOlYbt0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTW77yp
QlBFSWvA/HT9rlh96ttRQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDUyZjE5YWYtODE4Ny00NjVlLTlhYjgtNGU2NzhjMTEzMTVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCdbBfSh0jhQ8TgPwZPjxRH9+c6DYOYkODF+vNY
PSu6B7cTsQC4myu61Ea3nx+5T2ojsMnP93rqsS/ClIHQUwSJlqCdIYfmYwFtG4pg
bOhgN99rKzb2qM7XZm+Ro9Ts4xSBQcXaYTXwYjQ+N3U5IMsQcCz5AR0veM+CNp5d
rphOWNTKkX4+wuJmKmamkaLnOeiMmJxQuriG8dVAc288Mg6W0GJn/3bm8rR0E3X9
e3YicavhLXmsNFKs9VoACwRFElaLXMP1hEHYqkoBem5EQr/BRB/6plC/nSD0XRF/
79jsBDmG799l9lnlJf2YcD9aVoJhUbSoo6kGVRCKbDEvLApc
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:02 2025 by rpki-client