Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: pzSNoD0SWO2jCvW3YCzN9vPtF76yByTVbtoBEkjPRdE=
Subject key identifier: A3:6F:D2:7E:6C:C1:D3:12:2D:B7:39:E6:38:C5:15:C1:18:55:C3:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 280F63AF158C9F2FB277020FB9AC81A1A6F29B2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Fri 07 Mar 2025 15:10:15 +0000
ROA not before: Fri 07 Mar 2025 15:10:15 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:0f:63:af:15:8c:9f:2f:b2:77:02:0f:b9:ac:81:a1:a6:f2:9b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:10:15 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:33:79:a6:14:cb:9d:6e:20:31:cf:f5:8f:
3f:07:b9:c4:ca:f0:9f:92:f9:c2:46:ca:ae:2f:78:
7f:2d:2d:f1:18:ea:bb:8f:21:56:67:7b:f7:d0:44:
9c:f8:0b:b6:b5:67:50:9c:61:42:08:91:83:73:4a:
e7:cf:55:4d:28:d2:b6:65:79:31:38:ab:5f:fb:c9:
07:41:45:50:56:5f:35:86:29:97:2e:e7:92:9b:bb:
b7:d1:49:a2:1c:c1:6e:f0:8f:31:d9:96:44:ad:70:
d3:4c:60:8c:7b:60:f4:d3:61:41:a7:3a:0f:ce:e0:
61:50:f5:ce:52:40:e9:26:ba:a7:b3:a7:d7:d8:44:
3b:8e:f0:61:9a:c2:27:82:a5:13:7c:39:45:86:2c:
92:5f:93:a9:6c:aa:66:26:c9:4a:f5:bb:5b:c3:87:
6d:ee:7a:54:69:82:67:4d:82:53:5d:76:3d:1b:1b:
04:9a:30:44:43:8d:1d:91:b2:b5:e6:21:ce:4d:bc:
93:cb:e0:21:cc:37:f8:a0:95:5a:b9:58:e0:60:f4:
9d:26:11:2d:a4:ea:80:32:46:47:d8:3a:22:96:36:
c7:44:de:6f:5f:12:0a:8b:91:5a:11:dc:b7:81:f4:
ea:06:6c:e1:14:84:44:58:6f:a9:b3:a6:8b:6e:96:
db:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6F:D2:7E:6C:C1:D3:12:2D:B7:39:E6:38:C5:15:C1:18:55:C3:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
93:45:d8:e1:96:c0:15:9e:e4:0e:4d:15:0e:37:a6:7b:e9:59:
17:fd:f0:56:74:f5:ff:1a:3a:5c:00:0a:6e:18:68:f1:5e:41:
4b:d9:50:e4:02:46:6b:1f:a5:d8:07:8c:fe:4f:a4:9b:ba:03:
02:67:a9:09:17:cc:e6:0c:63:2c:0b:02:08:f3:b5:e6:fd:b6:
52:7e:cd:8c:bc:e9:0c:a4:7d:48:c1:1d:e8:bd:16:3c:5a:a1:
55:08:0c:12:e6:d9:2e:bb:02:42:f2:94:1f:96:60:db:54:25:
9d:ca:85:6f:41:e6:ab:16:87:e1:55:ea:f3:1e:22:da:07:31:
96:c6:91:9b:28:dd:fb:f8:b0:95:88:3c:50:2e:09:f5:60:27:
aa:3d:e8:d1:d7:37:a5:93:23:a6:2f:bb:48:bf:a3:82:8d:94:
d9:c8:f0:f0:e0:d9:5d:4f:70:58:f8:da:4b:15:b5:b6:fc:f7:
93:54:19:8f:59:8a:2e:97:55:44:42:2f:ed:7b:40:c2:97:13:
c5:7a:fe:68:e8:b4:5b:12:d8:e5:16:bf:cc:da:3f:f4:3c:e7:
a5:8a:2a:2c:cf:ab:df:df:61:ac:fd:a2:04:c7:f4:c6:cd:0a:
24:35:40:e4:93:66:d0:23:d3:b8:86:75:05:c5:c3:32:8b:1b:
5a:b3:c4:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKA9jrxWMny+ydwIPuayBoabymy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTEwMTVaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4NjQwMTk5NTNlN2U4OGYyYzAzYmE4M2JkMzVhMDQzNTViNTBkYjliYzVh
ODBlMDA5OTQyMTE2ZGU3ZTZmZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/KM3mmFMudbiAxz/WPPwe5xMrwn5L5wkbKri94fy0t8Rjqu48hVmd799BE
nPgLtrVnUJxhQgiRg3NK589VTSjStmV5MTirX/vJB0FFUFZfNYYply7nkpu7t9FJ
ohzBbvCPMdmWRK1w00xgjHtg9NNhQac6D87gYVD1zlJA6Sa6p7On19hEO47wYZrC
J4KlE3w5RYYskl+TqWyqZibJSvW7W8OHbe56VGmCZ02CU112PRsbBJowREONHZGy
teYhzk28k8vgIcw3+KCVWrlY4GD0nSYRLaTqgDJGR9g6IpY2x0Teb18SCouRWhHc
t4H06gZs4RSERFhvqbOmi26W27UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSjb9J+
bMHTEi23OeY4xRXBGFXDajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEAk0XY4ZbAFZ7kDk0VDjeme+lZF/3wVnT1/xo6XAAK
bhho8V5BS9lQ5AJGax+l2AeM/k+km7oDAmepCRfM5gxjLAsCCPO15v22Un7NjLzp
DKR9SMEd6L0WPFqhVQgMEubZLrsCQvKUH5Zg21QlncqFb0HmqxaH4VXq8x4i2gcx
lsaRmyjd+/iwlYg8UC4J9WAnqj3o0dc3pZMjpi+7SL+jgo2U2cjw8ODZXU9wWPja
SxW1tvz3k1QZj1mKLpdVREIv7XtAwpcTxXr+aOi0WxLY5Ra/zNo/9DznpYoqLM+r
399hrP2iBMf0xs0KJDVA5JNm0CPTuIZ1BcXDMosbWrPEgA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:51 2025 by rpki-client