Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
File: 470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa (raw, json)
Hash identifier: SEBOBPiqdGvW4omZ9KmjIDZGgt6rzwYjyGOsQe7OhHs=
Subject key identifier: A5:AD:DF:45:D1:B3:0E:17:D6:14:AC:61:42:56:1B:11:0B:84:E7:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DF0344C44FB0C51ACA04517E0C447A3B114488F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
Signing time: Wed 05 Mar 2025 17:00:28 +0000
ROA not before: Wed 05 Mar 2025 17:00:28 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:f0:34:4c:44:fb:0c:51:ac:a0:45:17:e0:c4:47:a3:b1:14:48:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:28 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bb:35:5b:b6:d1:99:73:ea:86:ae:c5:a6:6a:
62:a7:fe:a5:77:2b:58:55:36:5b:08:16:6c:f8:1a:
60:64:87:a7:b1:67:d0:e0:a6:10:42:c8:89:37:e7:
3e:77:a4:7a:70:a7:47:c2:bf:ed:b9:e8:1f:dc:f2:
a9:02:84:48:9b:17:39:4e:9b:63:5b:45:94:20:a3:
c3:b6:6a:dc:07:d1:0c:63:55:4e:88:6f:34:eb:04:
21:c1:8c:9b:b8:06:90:92:6d:18:cd:d6:13:2b:1a:
ff:28:dc:6f:37:37:f2:6c:08:fc:1d:d2:4a:a4:70:
28:5f:cc:47:7c:af:14:a6:3e:89:a2:88:14:bc:7b:
53:fd:b5:36:33:70:36:2e:0a:43:8c:0b:53:04:e2:
f6:55:45:cc:99:28:76:26:53:74:47:ba:bb:13:89:
75:30:99:55:be:0c:67:e1:a9:be:97:ac:c8:0f:55:
58:3b:7a:36:2e:8c:ff:44:e4:83:bf:51:35:81:c8:
f6:fa:4c:ed:af:41:48:b2:76:af:74:ff:38:21:11:
04:2a:29:eb:7c:4a:35:3e:56:2f:cc:6c:a9:43:52:
a0:55:57:38:8a:b3:1c:71:38:a3:64:99:47:c1:fc:
34:84:65:0b:8f:98:a0:30:1e:aa:66:fe:25:a8:82:
c1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:DF:45:D1:B3:0E:17:D6:14:AC:61:42:56:1B:11:0B:84:E7:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1000::/40
Signature Algorithm: sha256WithRSAEncryption
84:4f:5a:78:13:8f:11:21:7a:f7:95:1d:3c:7b:75:02:cb:17:
04:94:ff:95:b0:06:09:db:13:f3:a9:51:5f:10:78:90:fe:74:
99:6f:fe:df:01:ae:a2:94:33:10:15:92:88:f2:ee:ca:41:26:
ff:4d:04:61:86:be:78:a2:17:b8:88:6b:b9:d7:d3:bf:fc:a0:
4d:fa:29:23:49:5c:ea:cc:fc:12:33:d0:36:4b:0d:56:ac:c3:
83:a2:f9:74:e9:9d:1f:4b:1c:ac:70:12:56:61:1f:e3:d1:75:
16:7c:3b:2c:da:45:06:cf:e9:e0:5b:30:fe:51:68:88:31:2c:
cc:75:d7:76:f8:ea:a4:d0:cb:d6:50:e8:8b:cf:a9:89:62:a1:
a5:35:8a:d3:32:d4:85:80:c6:d9:1f:68:bf:fa:59:56:b4:28:
b3:23:51:67:89:3c:ec:d0:86:03:a3:45:b1:e6:52:86:34:f8:
08:f5:7e:cd:e4:fe:11:02:62:b1:6d:a2:d8:ff:58:d1:a1:4a:
d5:61:26:81:1c:5a:24:5d:84:d7:5f:61:1d:9c:22:c4:5d:77:
43:96:e8:f2:6a:1b:65:92:00:31:f4:c0:55:68:00:50:e0:21:
63:d3:4b:04:75:a0:b4:5f:5c:fa:36:3d:d6:91:e3:1c:3e:64:
fc:de:45:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHfA0TET7DFGsoEUX4MRHo7EUSI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMjhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MmI1ZDI3YTc3ZmVlN2ZhY2NmMmUxMjkzNzQwZDgwNTk2Y2M0MDYxYmM0
MzAwY2E2YzA0ZDE2MDBlM2JjYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIq7NVu20Zlz6oauxaZqYqf+pXcrWFU2WwgWbPgaYGSHp7Fn0OCmEELIiTfn
PnekenCnR8K/7bnoH9zyqQKESJsXOU6bY1tFlCCjw7Zq3AfRDGNVTohvNOsEIcGM
m7gGkJJtGM3WEysa/yjcbzc38mwI/B3SSqRwKF/MR3yvFKY+iaKIFLx7U/21NjNw
Ni4KQ4wLUwTi9lVFzJkodiZTdEe6uxOJdTCZVb4MZ+GpvpesyA9VWDt6Ni6M/0Tk
g79RNYHI9vpM7a9BSLJ2r3T/OCERBCop63xKNT5WL8xsqUNSoFVXOIqzHHE4o2SZ
R8H8NIRlC4+YoDAeqmb+JaiCwaUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlrd9F
0bMOF9YUrGFCVhsRC4Tn2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwYjZjNzYtY2QxYS00ZGI0LWJhZjUtMWM2ZDg2NTRhNTJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCET1p4E48RIXr3lR08e3UCyxcElP+VsAYJ2xPz
qVFfEHiQ/nSZb/7fAa6ilDMQFZKI8u7KQSb/TQRhhr54ohe4iGu519O//KBN+ikj
SVzqzPwSM9A2Sw1WrMODovl06Z0fSxyscBJWYR/j0XUWfDss2kUGz+ngWzD+UWiI
MSzMddd2+Oqk0MvWUOiLz6mJYqGlNYrTMtSFgMbZH2i/+llWtCizI1FniTzs0IYD
o0Wx5lKGNPgI9X7N5P4RAmKxbaLY/1jRoUrVYSaBHFokXYTXX2EdnCLEXXdDlujy
ahtlkgAx9MBVaABQ4CFj00sEdaC0X1z6Nj3WkeMcPmT83kXM
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:23 2025 by rpki-client