Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
File: 4c78114f-4347-44fe-aef1-32fc688c69b9.roa (raw, json)
Hash identifier: caYPe5JITCDfc6S1WOwG/OIZql+rM+wJ8vi1UthPNv8=
Subject key identifier: E2:88:1C:DD:B0:26:F0:0B:CA:E0:33:7F:1A:73:08:25:41:7E:D3:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D0066ADFE8BB79745F37BEE78971D9547C1F9F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
Signing time: Wed 05 Mar 2025 16:21:07 +0000
ROA not before: Wed 05 Mar 2025 16:21:07 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:00:66:ad:fe:8b:b7:97:45:f3:7b:ee:78:97:1d:95:47:c1:f9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:21:07 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5c:45:83:98:c0:c7:09:29:b9:2b:04:17:87:
5c:4e:64:3c:8e:b3:cc:62:7d:8c:0d:0c:85:3d:f1:
f8:8c:1c:cb:5c:cb:73:61:ca:47:17:2d:b3:19:cb:
24:26:0b:93:0e:d2:ee:72:b0:ff:29:8e:32:e5:78:
6d:22:52:eb:17:eb:5a:6a:86:70:d5:16:29:91:dc:
9b:80:d5:7e:02:fb:60:3c:9b:7c:ab:53:b2:b6:57:
aa:bc:70:5e:35:21:3c:77:dd:2c:92:13:3a:04:4b:
86:cf:d8:8e:03:13:ba:9f:44:2b:80:04:10:78:90:
51:f6:77:53:ac:27:f1:4b:93:12:41:6f:c7:9d:40:
07:55:f8:e0:08:92:3a:3b:89:cf:ed:09:03:63:6b:
84:1c:b5:34:77:f9:ef:f6:0b:a5:70:31:9f:19:57:
05:b8:0a:ec:a5:e6:af:98:20:16:3c:de:73:6b:13:
c7:cd:0a:69:51:08:d7:2f:8c:5e:3b:23:1d:ef:a2:
1d:59:f0:d6:05:13:34:e2:d6:c8:dc:86:fc:85:d8:
f5:1f:f3:c5:e2:e9:1e:b7:b4:a1:49:71:41:e1:f6:
16:20:73:f9:6f:7d:9b:ed:51:59:b1:1c:34:56:f0:
a1:d1:f2:95:4d:a8:c9:e5:42:80:ca:b5:e9:45:a7:
04:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:88:1C:DD:B0:26:F0:0B:CA:E0:33:7F:1A:73:08:25:41:7E:D3:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8020::/48
Signature Algorithm: sha256WithRSAEncryption
65:59:bb:0f:64:c7:28:d9:f4:7f:2f:c1:e0:57:f4:a4:6d:87:
5c:a3:c9:4f:83:c6:9d:e6:32:82:c4:6d:4c:66:1c:61:c1:81:
8a:91:1b:88:71:b0:22:d2:e0:21:c0:6c:65:39:c3:ba:99:a4:
0f:fd:33:0c:28:33:aa:a7:8f:69:23:60:ba:be:6d:69:03:51:
b3:13:80:af:bb:a6:0d:79:33:24:ed:0e:3e:a5:b6:54:ac:2e:
47:70:af:4d:5b:85:4f:34:8d:7a:b8:8b:2f:83:83:51:da:fe:
09:20:5f:8b:38:1b:51:6f:65:cd:64:7d:38:94:70:a9:52:1c:
fe:fa:e1:da:de:17:75:f6:d8:c6:0f:e6:18:1c:72:79:89:eb:
28:af:c9:5a:22:52:3e:cc:2f:1a:ca:95:35:24:85:3d:9e:84:
fd:5f:1b:03:37:b3:07:cc:ae:45:13:c8:11:50:e3:e9:2f:91:
bc:9a:cc:72:61:b6:45:59:95:92:ce:e8:df:e7:fa:eb:36:b3:
f9:67:1c:f2:e2:c2:47:41:26:4a:3a:0e:07:c0:8e:4a:df:e7:
f5:d6:8a:60:6d:73:7e:9b:ad:8c:1d:67:eb:0f:8e:01:b1:2e:
71:1f:c4:66:fb:f8:07:3e:11:77:b5:6b:6a:43:26:3f:f2:ec:
56:4b:b7:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXQBmrf6Lt5dF83vueJcdlUfB+fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjIxMDdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZDc5YzhhYWYwNTRmNWRmYWM3MmU4MjhlOTgwZjY3NjEyZjNmMmI4OWM2
NWFjMDFiN2U3NmM2NGU2YTI3NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZcRYOYwMcJKbkrBBeHXE5kPI6zzGJ9jA0MhT3x+Iwcy1zLc2HKRxctsxnL
JCYLkw7S7nKw/ymOMuV4bSJS6xfrWmqGcNUWKZHcm4DVfgL7YDybfKtTsrZXqrxw
XjUhPHfdLJITOgRLhs/YjgMTup9EK4AEEHiQUfZ3U6wn8UuTEkFvx51AB1X44AiS
OjuJz+0JA2NrhBy1NHf57/YLpXAxnxlXBbgK7KXmr5ggFjzec2sTx80KaVEI1y+M
XjsjHe+iHVnw1gUTNOLWyNyG/IXY9R/zxeLpHre0oUlxQeH2FiBz+W99m+1RWbEc
NFbwodHylU2oyeVCgMq16UWnBN8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTiiBzd
sCbwC8rgM38acwglQX7T4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM3ODExNGYtNDM0Ny00NGZlLWFlZjEtMzJmYzY4OGM2OWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
IDANBgkqhkiG9w0BAQsFAAOCAQEAZVm7D2THKNn0fy/B4Ff0pG2HXKPJT4PGneYy
gsRtTGYcYcGBipEbiHGwItLgIcBsZTnDupmkD/0zDCgzqqePaSNgur5taQNRsxOA
r7umDXkzJO0OPqW2VKwuR3CvTVuFTzSNeriLL4ODUdr+CSBfizgbUW9lzWR9OJRw
qVIc/vrh2t4XdfbYxg/mGBxyeYnrKK/JWiJSPswvGsqVNSSFPZ6E/V8bAzezB8yu
RRPIEVDj6S+RvJrMcmG2RVmVks7o3+f66zaz+Wcc8uLCR0EmSjoOB8COSt/n9daK
YG1zfputjB1n6w+OAbEucR/EZvv4Bz4Rd7VrakMmP/LsVku3+g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:35 2025 by rpki-client