Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
File: 4875c926-8b00-4b21-bffa-08659e5c223d.roa (raw, json)
Hash identifier: NVMpCauerPcGyH+FgoYulEVZeaTRf+oCBVbSyNzwHhg=
Subject key identifier: 74:9F:6E:8D:12:4A:42:43:DD:FD:24:D7:25:93:59:98:20:C2:22:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25146263F49D2DFFC0F61EABAFA0A1E4D8DC4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
Signing time: Mon 24 Mar 2025 19:30:30 +0000
ROA not before: Mon 24 Mar 2025 19:30:30 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:14:62:63:f4:9d:2d:ff:c0:f6:1e:ab:af:a0:a1:e4:d8:dc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 24 19:30:30 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a7:a5:cd:4d:9a:f4:f2:47:c2:a1:18:14:a1:
2a:6c:45:53:36:4d:63:b4:55:c9:91:78:bd:4a:11:
8e:14:4e:2b:8e:e2:e5:04:ae:99:27:d5:28:dd:92:
e3:99:1b:79:8f:8a:06:2b:a6:45:bc:30:1f:6f:5b:
b0:05:e6:d3:a2:32:3e:14:25:24:0c:29:ce:91:d2:
6f:23:ab:7f:eb:f5:0d:94:37:1f:cf:3d:b3:7d:92:
ab:f7:2d:aa:04:30:9d:43:8f:4f:17:98:30:6a:84:
d9:94:d5:0d:60:52:c9:1e:13:6e:e3:e3:6b:49:cb:
dd:c4:96:25:7f:c6:ac:cd:13:24:db:0b:dd:ca:d9:
49:9a:c9:49:3a:44:66:76:55:69:4a:91:33:42:67:
88:66:d0:cc:5e:8c:d9:8c:1d:8f:01:fd:00:00:15:
26:6a:75:2d:cf:6d:f8:ad:8a:12:5c:58:9d:4e:52:
ed:58:77:b8:4d:35:17:04:b5:ee:3e:46:76:c6:af:
0d:1f:ca:e2:37:96:f8:91:11:fa:76:db:d0:ab:35:
f4:20:14:64:58:6a:8d:10:c1:05:19:73:7a:61:36:
f9:4b:b6:68:4c:ce:26:f6:50:91:60:c4:fd:df:79:
2e:2f:cc:da:09:cd:bd:2f:68:41:b6:3c:ac:cf:74:
7f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9F:6E:8D:12:4A:42:43:DD:FD:24:D7:25:93:59:98:20:C2:22:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
be:ed:39:a9:c7:4a:d6:49:16:90:6f:40:6a:54:b8:d6:aa:b3:
2d:af:c2:35:2f:43:92:94:95:7b:f2:23:c1:19:c8:ef:67:b5:
d7:75:d6:49:c3:3a:24:d7:d6:4f:a3:1e:4c:20:74:1d:73:20:
f7:f9:ca:b3:73:c2:95:72:f7:bc:88:cd:8d:59:7b:db:72:54:
d6:37:ad:ff:88:85:97:64:79:9c:e4:71:c9:09:c4:15:4f:57:
d1:a6:5c:c6:83:04:35:3e:a5:55:b2:9a:8f:33:2c:bb:12:f1:
8b:f4:41:22:69:f1:c9:5b:d2:ad:a3:3e:18:05:4c:11:31:0f:
c9:d4:56:3a:2f:98:1a:e7:06:1e:ce:29:06:ad:4f:96:64:ab:
55:21:e1:86:89:05:2a:f7:d3:92:19:13:94:0c:41:b7:0d:16:
74:ec:ee:3f:58:fc:40:38:4b:85:0f:e7:af:8c:b7:e5:e1:96:
f8:c4:be:22:70:5d:bc:cc:d0:4f:22:78:89:0e:06:4c:50:ed:
a8:5e:65:4a:ee:4a:56:c3:d0:f8:0e:51:53:e8:48:3f:7c:68:
74:95:96:c0:71:f1:ce:0b:ea:11:0d:69:9a:66:52:53:3a:c7:
79:d2:b9:8b:e7:ad:56:c7:a3:8e:7d:e3:3e:fe:3d:fe:0b:12:
52:1a:f1:29
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITJRRiY/SdLf/A9h6rr6Ch5NjcTDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDMyNDE5MzAzMFoXDTI1MDQyODIzNTk1OVowejFJMEcGA1UE
BRNAN2EyODMxYzdjOGNiOWEwODJlNTE3ZmY0YTZhYjliNzg4OWM2YWYxYzk5YWYw
YWEyMzhhZDdkNTc0MDY5ZWFhNjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6elzU2a9PJHwqEYFKEqbEVTNk1jtFXJkXi9ShGOFE4rjuLlBK6ZJ9Uo3ZLj
mRt5j4oGK6ZFvDAfb1uwBebTojI+FCUkDCnOkdJvI6t/6/UNlDcfzz2zfZKr9y2q
BDCdQ49PF5gwaoTZlNUNYFLJHhNu4+NrScvdxJYlf8aszRMk2wvdytlJmslJOkRm
dlVpSpEzQmeIZtDMXozZjB2PAf0AABUmanUtz234rYoSXFidTlLtWHe4TTUXBLXu
PkZ2xq8NH8riN5b4kRH6dtvQqzX0IBRkWGqNEMEFGXN6YTb5S7ZoTM4m9lCRYMT9
33kuL8zaCc29L2hBtjysz3R/YQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFHSfbo0S
SkJD3f0k1yWTWZggwiJ2MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC80
ODc1YzkyNi04YjAwLTRiMjEtYmZmYS0wODY1OWU1YzIyM2Qucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQdhAw
DQYJKoZIhvcNAQELBQADggEBAL7tOanHStZJFpBvQGpUuNaqsy2vwjUvQ5KUlXvy
I8EZyO9ntdd11knDOiTX1k+jHkwgdB1zIPf5yrNzwpVy97yIzY1Ze9tyVNY3rf+I
hZdkeZzkcckJxBVPV9GmXMaDBDU+pVWymo8zLLsS8Yv0QSJp8clb0q2jPhgFTBEx
D8nUVjovmBrnBh7OKQatT5Zkq1Uh4YaJBSr305IZE5QMQbcNFnTs7j9Y/EA4S4UP
56+Mt+XhlvjEviJwXbzM0E8ieIkOBkxQ7aheZUruSlbD0PgOUVPoSD98aHSVlsBx
8c4L6hENaZpmUlM6x3nSuYvnrVbHo4594z7+Pf4LElIa8Sk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:21 2025 by rpki-client