Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
File: 48202432-610c-42b2-9763-e895c6cbe70d.roa (raw, json)
Hash identifier: GsfScKOKfJIEdg91SGPvQSr7FoiBroaVNPO3NMhXdCU=
Subject key identifier: 61:27:3C:D3:EF:EF:5C:E4:95:6D:B6:DC:05:3A:30:A1:AA:B4:9C:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63751B85B602D3547C3EE60FC511F69A0762FD4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
Signing time: Mon 24 Mar 2025 19:30:29 +0000
ROA not before: Mon 24 Mar 2025 19:30:29 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:75:1b:85:b6:02:d3:54:7c:3e:e6:0f:c5:11:f6:9a:07:62:fd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 24 19:30:29 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7d:18:b6:5f:54:3c:f6:e9:d6:52:a1:29:f3:
7d:22:ec:04:49:45:c5:6d:fd:37:4c:40:58:76:42:
dc:3c:d4:d6:21:15:72:48:cb:d0:23:ab:ba:42:0d:
5d:20:62:81:80:e2:eb:16:30:b1:72:7b:8a:2c:07:
ae:c5:59:56:7f:6e:e6:4f:a0:c7:46:39:17:ea:d2:
4b:2e:68:e7:57:fa:b4:31:56:b8:e6:8c:ff:05:bb:
93:95:67:77:7e:a9:fc:0c:e2:8d:be:dc:4c:59:81:
ac:f2:72:df:28:68:75:bf:7b:b2:a6:db:ec:51:6f:
9b:bc:73:e6:f9:db:de:dc:07:2f:de:5e:b9:c7:bd:
84:3e:69:d2:ee:1d:cc:30:d1:bf:ba:41:7c:ae:08:
43:11:06:b5:fd:c0:50:b6:b4:cc:eb:24:5d:c3:37:
99:60:00:ee:e9:2f:69:a0:8a:8e:97:67:fa:d5:cb:
a1:f1:62:3b:1a:93:cd:ec:93:bf:7b:63:b9:11:9d:
99:e1:77:06:cc:e5:3f:fa:b7:bf:21:b9:c8:84:10:
e6:82:d6:40:c7:27:7b:4c:80:17:7b:c5:e1:b4:6b:
d0:04:06:c3:33:b8:16:50:a4:b7:69:7c:58:fb:3f:
83:d4:ce:27:03:a8:c0:22:64:0e:9a:1b:ad:10:e7:
4f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:27:3C:D3:EF:EF:5C:E4:95:6D:B6:DC:05:3A:30:A1:AA:B4:9C:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/48
Signature Algorithm: sha256WithRSAEncryption
b9:2e:81:dc:d5:8f:e7:a8:37:c8:77:9a:f9:cc:a9:bf:f6:ed:
86:c2:d7:88:2e:79:81:ae:79:5a:92:cd:40:f4:fa:d6:4f:89:
38:9d:ff:4e:69:f6:c6:d7:ec:52:e2:dc:bb:00:9c:68:c5:95:
f7:5f:24:5c:39:7b:74:82:1e:a0:19:f2:30:06:b1:c9:2d:cf:
ef:fe:bb:00:2f:e7:bb:e4:44:af:80:2c:7e:ce:71:d7:e3:1e:
97:02:72:37:6b:c4:a9:b5:73:de:d1:54:ec:33:3e:35:74:47:
49:b4:db:7b:3f:ee:6f:d2:cc:9c:b2:0b:32:65:79:0c:55:2f:
6d:9f:43:61:ee:74:6b:bc:40:8a:3d:1e:69:65:d4:8a:1e:9c:
fa:e1:16:29:a5:29:30:bb:b9:1a:61:66:b0:ca:55:a4:7b:b1:
0a:f7:43:80:97:91:6e:68:d4:63:45:b5:bf:aa:c8:67:cc:fe:
04:d3:c9:1b:03:f0:ac:ad:46:42:f0:45:2b:22:43:6e:2a:16:
c6:3c:88:18:3b:ab:88:a8:ac:fa:76:f8:62:96:09:cc:84:0f:
a2:92:c5:36:6d:6c:65:82:08:ea:68:da:10:c0:53:46:47:1f:
05:13:21:3b:a4:db:7f:8a:83:c3:d8:3d:5d:60:59:da:e2:fc:
b5:1e:72:49
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY3UbhbYC01R8PuYPxRH2mgdi/U4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjQxOTMwMjlaFw0yNTA0MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkOWJmYmMxZTM3YWQ1YjliYWNjNWRiOTdkZGExMDg5ZTQ5OGE1MWUwYmQz
ZmFhYjE2MTVmZGNkMjI0OTM0NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK59GLZfVDz26dZSoSnzfSLsBElFxW39N0xAWHZC3DzU1iEVckjL0COrukIN
XSBigYDi6xYwsXJ7iiwHrsVZVn9u5k+gx0Y5F+rSSy5o51f6tDFWuOaM/wW7k5Vn
d36p/Azijb7cTFmBrPJy3yhodb97sqbb7FFvm7xz5vnb3twHL95euce9hD5p0u4d
zDDRv7pBfK4IQxEGtf3AULa0zOskXcM3mWAA7ukvaaCKjpdn+tXLofFiOxqTzeyT
v3tjuRGdmeF3BszlP/q3vyG5yIQQ5oLWQMcne0yAF3vF4bRr0AQGwzO4FlCkt2l8
WPs/g9TOJwOowCJkDpobrRDnTxUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRhJzzT
7+9c5JVtttwFOjChqrSckDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDgyMDI0MzItNjEwYy00MmIyLTk3NjMtZTg5NWM2Y2JlNzBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAuS6B3NWP56g3yHea+cypv/bthsLXiC55ga55
WpLNQPT61k+JOJ3/Tmn2xtfsUuLcuwCcaMWV918kXDl7dIIeoBnyMAaxyS3P7/67
AC/nu+REr4Asfs5x1+MelwJyN2vEqbVz3tFU7DM+NXRHSbTbez/ub9LMnLILMmV5
DFUvbZ9DYe50a7xAij0eaWXUih6c+uEWKaUpMLu5GmFmsMpVpHuxCvdDgJeRbmjU
Y0W1v6rIZ8z+BNPJGwPwrK1GQvBFKyJDbioWxjyIGDuriKis+nb4YpYJzIQPopLF
Nm1sZYII6mjaEMBTRkcfBRMhO6Tbf4qDw9g9XWBZ2uL8tR5ySQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:20 2025 by rpki-client