Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
File: 48ce7dfe-434d-4b57-b520-9001ae26be85.roa (raw, json)
Hash identifier: 5wL6pEzeeyKH/8eqRoKEPSth8QI/XbOAlqYPe/cOyIA=
Subject key identifier: BF:CC:C0:83:67:B5:44:AB:BE:C0:86:DE:3C:47:D4:0F:83:7F:92:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07FEAB50834A0393ACB8CF3F2C1A888042189833
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
Signing time: Wed 05 Mar 2025 15:30:13 +0000
ROA not before: Wed 05 Mar 2025 15:30:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8010::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fe:ab:50:83:4a:03:93:ac:b8:cf:3f:2c:1a:88:80:42:18:98:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:30:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:e0:aa:db:90:5a:dd:3f:37:27:cc:d1:f5:
d6:5f:0a:fa:24:33:21:28:54:1b:51:db:6b:77:ce:
1f:9b:f8:fc:13:d2:17:25:44:1e:8e:95:a3:5d:16:
ed:45:6c:3d:d7:08:1e:e7:b6:35:ec:c3:05:a2:5c:
fb:2e:cb:20:67:7a:2f:a9:5b:c1:8e:10:42:42:8c:
2f:40:b6:3c:05:f1:ee:27:18:51:1d:58:c9:05:1b:
45:c5:7c:99:32:d8:9d:7c:4d:a2:5a:4c:60:11:5b:
22:d3:43:0a:c4:74:7a:9f:2b:20:7e:ec:26:56:76:
72:52:4d:9d:d8:f7:fc:2d:41:85:bc:7d:32:2f:75:
6d:a8:91:53:8e:2b:e7:6b:9a:cb:dc:6b:3f:79:f1:
33:05:64:bd:1d:0a:2b:28:de:9e:db:63:f1:ea:56:
c3:06:42:c4:af:00:f9:10:e7:b8:95:03:41:2c:d4:
9e:0d:4d:42:3a:78:ec:7e:21:95:0a:8a:0e:77:3a:
ef:53:a1:81:0d:98:c2:a8:e4:8e:30:6c:ff:d4:cc:
4a:c2:52:23:f6:9e:14:f8:d8:a6:70:33:41:a7:53:
78:c8:9b:bf:f8:e7:5f:ff:23:45:08:c3:83:38:f0:
bf:45:ce:25:f0:75:6f:37:a4:03:d6:6d:c0:88:1e:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CC:C0:83:67:B5:44:AB:BE:C0:86:DE:3C:47:D4:0F:83:7F:92:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8010::/48
Signature Algorithm: sha256WithRSAEncryption
c0:4b:5e:0d:39:df:30:c9:b7:3e:04:ac:e9:df:7b:54:a8:8d:
c0:a1:d2:62:89:2a:8e:5d:4e:e1:86:8c:b4:37:c4:96:98:13:
ae:47:72:f6:21:31:f7:84:20:98:1c:61:dc:ad:a2:6e:a9:91:
08:46:dc:4a:f6:d8:94:c2:f4:f5:eb:ad:74:8b:72:6f:25:37:
8d:b5:28:01:70:89:b8:dc:99:6f:71:8e:64:57:ad:7c:e4:27:
10:ec:fe:78:c6:a7:3b:d9:7f:d1:63:e2:e7:fc:e0:27:ee:57:
ca:d1:1f:09:a7:67:ef:60:e4:4a:bb:eb:8b:18:a3:98:68:26:
cf:3a:df:a0:2b:8d:91:84:75:34:19:b5:3a:62:35:8d:a3:0a:
5c:54:20:bd:d8:6c:30:c8:7d:f4:83:10:74:b0:75:6a:7f:64:
07:92:a7:24:9e:5b:1c:3c:36:54:a7:cf:3f:20:b8:72:d9:29:
fd:2e:d0:eb:27:2a:0d:9e:eb:46:e5:11:71:24:24:0e:14:49:
f6:29:bf:9e:58:09:7f:d9:1d:9d:98:d8:16:bb:9b:4f:11:2a:
9c:19:69:a0:8e:39:28:84:aa:19:9f:f6:30:57:44:01:be:0d:
d5:6c:97:f3:d1:2a:8d:6d:65:b6:ea:dc:79:4c:0e:c7:7e:19:
27:00:4c:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB/6rUINKA5OsuM8/LBqIgEIYmDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTMwMTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MGE0NDQ4NzBiNTE2YjVmMWExOWE0MTJlZTRhN2I1NTE3ODMzMWM3MTE2
MTNjMzRiYmZhYTJjZDk5YWMwNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMo4KrbkFrdPzcnzNH11l8K+iQzIShUG1Hba3fOH5v4/BPSFyVEHo6Vo10W
7UVsPdcIHue2NezDBaJc+y7LIGd6L6lbwY4QQkKML0C2PAXx7icYUR1YyQUbRcV8
mTLYnXxNolpMYBFbItNDCsR0ep8rIH7sJlZ2clJNndj3/C1Bhbx9Mi91baiRU44r
52uay9xrP3nxMwVkvR0KKyjenttj8epWwwZCxK8A+RDnuJUDQSzUng1NQjp47H4h
lQqKDnc671OhgQ2YwqjkjjBs/9TMSsJSI/aeFPjYpnAzQadTeMibv/jnX/8jRQjD
gzjwv0XOJfB1bzekA9ZtwIgeWc8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/zMCD
Z7VEq77Aht48R9QPg3+SgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhjZTdkZmUtNDM0ZC00YjU3LWI1MjAtOTAwMWFlMjZiZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
EDANBgkqhkiG9w0BAQsFAAOCAQEAwEteDTnfMMm3PgSs6d97VKiNwKHSYokqjl1O
4YaMtDfElpgTrkdy9iEx94QgmBxh3K2ibqmRCEbcSvbYlML09eutdItybyU3jbUo
AXCJuNyZb3GOZFetfOQnEOz+eManO9l/0WPi5/zgJ+5XytEfCadn72DkSrvrixij
mGgmzzrfoCuNkYR1NBm1OmI1jaMKXFQgvdhsMMh99IMQdLB1an9kB5KnJJ5bHDw2
VKfPPyC4ctkp/S7Q6ycqDZ7rRuURcSQkDhRJ9im/nlgJf9kdnZjYFrubTxEqnBlp
oI45KISqGZ/2MFdEAb4N1WyX89EqjW1lturceUwOx34ZJwBMjw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:57 2025 by rpki-client