Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: CW2dZLHo676AXlP5KJNwohqHD04noWh5SCNQqiCXbD0=
Subject key identifier: F9:41:D1:DF:9E:A0:46:BF:85:DF:69:B6:D7:CC:FA:3B:DD:8C:3A:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79843EEBE345DA3ACEA2ECFC328D793A2856B7A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Wed 05 Mar 2025 17:21:43 +0000
ROA not before: Wed 05 Mar 2025 17:21:43 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:84:3e:eb:e3:45:da:3a:ce:a2:ec:fc:32:8d:79:3a:28:56:b7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:21:43 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:58:69:7b:2e:fc:9c:a1:15:fd:2e:e9:82:52:
96:99:42:43:2b:6f:02:26:12:d7:ff:8c:b4:0f:67:
1e:c6:b9:2c:93:a0:a8:8d:64:06:b4:5a:7b:01:67:
ac:ef:70:b1:83:4b:64:07:5f:ed:67:19:a7:cd:9f:
1d:71:a8:27:34:94:e9:05:cb:99:2b:e5:27:c7:99:
19:2c:27:44:7f:29:5b:cf:02:7b:16:c8:85:a0:91:
3a:2a:ae:12:ea:ff:d0:aa:d5:17:57:ae:b3:c5:5b:
de:36:92:bf:26:13:42:63:c4:d0:e9:27:37:bd:c8:
a8:b3:a6:f8:1e:5d:09:45:7a:d1:a9:41:7f:49:e3:
66:ba:14:7c:1d:14:9c:65:46:8a:e4:87:3a:43:1f:
5c:e6:4f:01:e3:5b:e6:31:ab:7a:17:45:1a:24:f3:
7d:54:5a:75:95:1b:17:c4:eb:2f:ce:eb:7b:33:95:
5f:20:19:fb:5c:c2:8b:fb:f5:45:37:9e:d0:19:91:
c2:22:40:ea:65:c4:30:d6:ac:04:e5:ef:e0:b3:9b:
d0:82:d3:49:c5:74:a4:86:40:c7:ed:ed:fc:49:e5:
14:d2:e0:04:2a:fc:41:05:9e:ac:3a:6a:6a:b1:ca:
8a:6e:2e:7e:f6:e6:75:66:a8:cf:37:41:47:50:f2:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:41:D1:DF:9E:A0:46:BF:85:DF:69:B6:D7:CC:FA:3B:DD:8C:3A:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
70:48:20:1c:e5:73:4d:dc:33:f9:8e:be:00:0a:85:de:af:c5:
8a:a5:01:6e:10:10:3a:df:7f:36:2a:ac:f4:46:e2:1f:d4:24:
12:d9:c3:a0:4d:04:6a:9e:da:8b:d3:a7:f6:9a:6e:b5:36:f6:
dd:d9:59:d6:b3:85:01:9a:9e:a2:05:8b:9d:1c:f4:d6:e8:4d:
8c:c3:99:27:ba:d9:8c:b0:b8:e5:53:64:e3:1f:bb:ca:1b:17:
de:e8:ac:e8:1c:0c:f3:00:91:82:80:a8:c0:47:f0:63:7b:36:
80:d9:7d:a6:c5:71:ae:94:a9:55:1a:30:7c:16:6a:ca:0b:fd:
26:cd:36:27:89:d5:ff:d5:f5:bd:4c:a8:75:8f:3f:9b:80:95:
7e:89:0a:39:54:f4:22:7a:0e:3b:ef:1f:b4:00:dc:c9:7d:83:
3a:25:e2:12:fe:f1:70:53:98:7c:21:40:89:54:d4:0c:88:89:
42:b9:1a:e1:a4:3b:df:bf:47:be:1a:fc:80:6b:1e:e5:4d:da:
99:7c:02:d7:0c:56:2c:b9:42:9d:e4:3c:9d:07:f0:46:28:e5:
49:2a:a6:cb:ab:06:43:84:c9:22:4a:4a:c2:7d:38:14:14:19:
4a:b4:50:71:67:69:0f:7a:65:9b:3f:8e:d2:89:7b:5e:2f:e3:
85:8d:ef:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeYQ+6+NF2jrOouz8Mo15OihWt6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIxNDNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4OWMwNTJjODJiNWYzMmU0ODQ4MzNkNTgxMDJkMzc5MzUxZjhmZDNmOWRl
ZWE1YTEzMmFhMTM4YzYyZDliNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBYaXsu/JyhFf0u6YJSlplCQytvAiYS1/+MtA9nHsa5LJOgqI1kBrRaewFn
rO9wsYNLZAdf7WcZp82fHXGoJzSU6QXLmSvlJ8eZGSwnRH8pW88CexbIhaCROiqu
Eur/0KrVF1eus8Vb3jaSvyYTQmPE0OknN73IqLOm+B5dCUV60alBf0njZroUfB0U
nGVGiuSHOkMfXOZPAeNb5jGrehdFGiTzfVRadZUbF8TrL87rezOVXyAZ+1zCi/v1
RTee0BmRwiJA6mXEMNasBOXv4LOb0ILTScV0pIZAx+3t/EnlFNLgBCr8QQWerDpq
arHKim4ufvbmdWaozzdBR1DyvaECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5QdHf
nqBGv4XfabbXzPo73Yw6jTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBwSCAc5XNN3DP5jr4ACoXer8WKpQFuEBA63382
Kqz0RuIf1CQS2cOgTQRqntqL06f2mm61Nvbd2VnWs4UBmp6iBYudHPTW6E2Mw5kn
utmMsLjlU2TjH7vKGxfe6KzoHAzzAJGCgKjAR/BjezaA2X2mxXGulKlVGjB8FmrK
C/0mzTYnidX/1fW9TKh1jz+bgJV+iQo5VPQieg477x+0ANzJfYM6JeIS/vFwU5h8
IUCJVNQMiIlCuRrhpDvfv0e+GvyAax7lTdqZfALXDFYsuUKd5DydB/BGKOVJKqbL
qwZDhMkiSkrCfTgUFBlKtFBxZ2kPemWbP47SiXteL+OFje8H
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:35 2025 by rpki-client