Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json)
Hash identifier: EjoTNQ6atPRawMbX9XfB835liMp99XVlsIWcuMIiqTY=
Subject key identifier: DF:B3:B9:0F:4F:1A:DB:9E:CC:3B:1A:94:DF:D7:18:77:C5:0E:6A:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C13A8C3458E1A3A291C7E5DAD571A6A57A8C7A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
Signing time: Wed 05 Mar 2025 17:41:21 +0000
ROA not before: Wed 05 Mar 2025 17:41:21 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:13:a8:c3:45:8e:1a:3a:29:1c:7e:5d:ad:57:1a:6a:57:a8:c7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:41:21 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b0:52:8f:39:6c:1a:6c:8d:6e:03:2f:88:73:
aa:91:0b:68:b9:8e:4a:74:6c:89:35:ee:a0:2e:54:
13:0c:da:8c:5e:5f:ac:20:ba:e9:c7:39:8c:69:e6:
90:68:db:62:28:cc:54:5f:fa:a1:37:86:41:5c:67:
1f:7d:19:14:f2:35:f2:fe:20:c4:d0:b2:9f:f8:2c:
f1:e5:95:bf:c5:74:24:a0:7d:af:00:73:68:cf:52:
81:ab:6e:19:dd:9b:02:b9:bf:22:28:b0:65:ad:b3:
a2:15:ad:20:31:9c:d3:84:b5:b5:e1:e0:45:e3:ba:
01:d8:ef:52:07:1a:ec:ff:17:ff:03:20:0e:0b:ad:
95:e1:cc:24:97:88:2e:8d:3b:ac:ac:cf:9d:7e:5c:
45:dd:dc:60:e5:c1:07:03:cc:11:08:33:eb:03:2a:
fa:d8:8a:c0:7f:bf:69:4d:ec:42:cc:3e:0d:88:22:
f0:d9:e4:0f:89:77:90:b4:6f:f7:71:5f:81:bd:d3:
41:50:93:f9:86:4d:c8:00:ec:cd:0b:b8:1a:45:31:
5d:b1:3a:2f:e8:af:83:05:7d:50:f5:f3:9c:61:5d:
83:62:39:27:76:1a:41:b9:3c:73:20:a3:56:07:3d:
da:f9:ae:79:41:41:e9:eb:2f:84:2f:20:61:76:96:
d3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B3:B9:0F:4F:1A:DB:9E:CC:3B:1A:94:DF:D7:18:77:C5:0E:6A:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:400::/38
Signature Algorithm: sha256WithRSAEncryption
93:0a:8a:54:20:a3:47:e6:f4:95:e1:a3:9a:e8:08:d5:b3:1a:
9f:fd:50:49:74:14:42:4b:db:ab:88:84:a5:30:bd:79:c3:33:
74:2e:fb:03:71:b9:f6:36:fe:46:14:c3:42:ae:3f:a6:bf:c6:
f5:80:d5:c7:4f:ff:2d:60:11:66:02:81:1f:f3:f9:45:6d:3f:
17:d2:05:65:0f:f1:e0:00:28:51:27:82:3a:2a:36:b4:da:0b:
00:c3:71:0d:4b:7b:f2:7c:dc:fa:91:5c:e4:2f:a8:98:34:2c:
e1:79:5f:fe:0b:ac:03:f5:e0:d4:dd:56:a8:05:35:f2:98:eb:
6d:85:42:74:6a:32:63:63:e5:67:9d:62:17:f8:3c:3c:6a:2a:
43:d1:3f:d5:3a:53:b7:25:92:3b:e4:51:ca:16:30:0d:d6:73:
76:1b:c5:42:05:a8:1a:31:1e:b4:1a:2d:cd:77:be:f7:a5:79:
38:5b:1d:49:ff:f2:4b:23:2e:c1:6a:52:d6:e0:73:a5:00:37:
54:97:6b:e0:a9:55:32:8f:68:18:ea:79:2f:ce:cc:b2:ea:2e:
7e:1e:44:6c:57:80:cd:46:1d:19:73:f6:a1:19:24:5f:bc:e7:
a2:83:e6:f2:94:e2:53:35:53:db:36:6f:51:26:80:ac:72:29:
41:01:ed:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXBOow0WOGjopHH5drVcaaleox6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQxMjFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyN2YyYjNjNjcyMDE4NzY2YTg4MmNjMzM2ZGZhNGZiOTBjMDk2OTRhMTg1
ZTUwY2U4MzAzMzBiN2NhZDMzMjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+wUo85bBpsjW4DL4hzqpELaLmOSnRsiTXuoC5UEwzajF5frCC66cc5jGnm
kGjbYijMVF/6oTeGQVxnH30ZFPI18v4gxNCyn/gs8eWVv8V0JKB9rwBzaM9Sgatu
Gd2bArm/IiiwZa2zohWtIDGc04S1teHgReO6AdjvUgca7P8X/wMgDgutleHMJJeI
Lo07rKzPnX5cRd3cYOXBBwPMEQgz6wMq+tiKwH+/aU3sQsw+DYgi8NnkD4l3kLRv
93Ffgb3TQVCT+YZNyADszQu4GkUxXbE6L+ivgwV9UPXznGFdg2I5J3YaQbk8cyCj
Vgc92vmueUFB6esvhC8gYXaW0y8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfs7kP
Txrbnsw7GpTf1xh3xQ5qizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE
MA0GCSqGSIb3DQEBCwUAA4IBAQCTCopUIKNH5vSV4aOa6AjVsxqf/VBJdBRCS9ur
iISlML15wzN0LvsDcbn2Nv5GFMNCrj+mv8b1gNXHT/8tYBFmAoEf8/lFbT8X0gVl
D/HgAChRJ4I6Kja02gsAw3ENS3vyfNz6kVzkL6iYNCzheV/+C6wD9eDU3VaoBTXy
mOtthUJ0ajJjY+VnnWIX+Dw8aipD0T/VOlO3JZI75FHKFjAN1nN2G8VCBagaMR60
Gi3Nd773pXk4Wx1J//JLIy7BalLW4HOlADdUl2vgqVUyj2gY6nkvzsyy6i5+HkRs
V4DNRh0Zc/ahGSRfvOeig+bylOJTNVPbNm9RJoCscilBAe2G
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:17:53 2025 by rpki-client