Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: 4TmQ8sM6GdJUzTTPVR5LQM01ty+/3nVkGKt4ByC4p+U=
Subject key identifier: D0:1D:7B:2B:86:9B:02:B6:62:61:17:50:0E:FB:B9:00:A3:C5:D7:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 585CA7079BEF224F271796F360A96714ADA9DB50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Wed 05 Mar 2025 15:20:48 +0000
ROA not before: Wed 05 Mar 2025 15:20:48 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:5c:a7:07:9b:ef:22:4f:27:17:96:f3:60:a9:67:14:ad:a9:db:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:20:48 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:52:01:fe:de:86:f4:da:45:5e:93:33:f2:ac:
e6:0c:cf:53:0d:b3:fd:d8:13:2e:15:fa:ce:c7:f4:
95:23:23:5c:e6:3e:5c:97:ee:65:c3:56:1d:a1:f5:
88:56:2f:5f:da:78:2b:a7:4d:98:81:ce:26:27:72:
01:8a:26:47:86:1f:5b:c2:3d:a3:be:ec:19:01:90:
c2:ce:52:f3:12:6f:7d:d6:72:a6:f5:c5:66:76:53:
12:ea:68:5e:8d:ec:e3:ff:d0:43:4f:13:d8:01:05:
b1:6c:72:47:c7:d3:0e:cd:cb:85:d1:25:e3:29:4f:
c1:c1:88:c1:de:fe:64:10:da:50:1e:61:10:c6:b2:
c0:5f:a0:f1:98:f5:5b:15:6c:0f:54:18:d1:db:cb:
8f:fd:e1:14:ec:c8:49:7c:f3:19:21:2f:8e:80:23:
42:9e:18:44:83:c6:6e:9c:5e:4a:85:14:59:6a:25:
89:f4:e2:fc:cc:cc:87:f6:31:b5:39:b4:6f:bd:d7:
72:a1:18:d6:33:22:2c:dd:9d:79:48:1e:b1:33:98:
f6:56:45:a8:84:10:ab:f1:1e:f5:e7:57:0e:7a:01:
06:4c:16:11:7f:2a:38:40:b0:99:ee:a8:3c:ca:50:
5e:6c:46:f0:34:06:f4:dc:bb:bd:74:65:50:5f:e5:
5d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1D:7B:2B:86:9B:02:B6:62:61:17:50:0E:FB:B9:00:A3:C5:D7:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
37:b6:30:49:a7:2c:33:40:a8:c7:eb:95:6c:5d:b0:cf:2c:23:
64:f5:f2:81:3d:25:d0:f6:1b:31:a0:04:de:9e:75:16:82:9d:
40:14:6b:72:f9:95:e4:3f:21:6a:2f:c1:d2:52:c0:ba:36:59:
4b:9d:f8:37:67:5d:6c:57:b2:c5:c4:b7:b7:eb:39:d1:7b:81:
6f:51:ca:51:54:77:fb:1b:59:9d:13:85:ce:7b:90:b9:d6:e8:
dc:51:2a:2f:09:d0:97:6a:bc:87:97:58:7c:01:ba:09:4a:64:
f8:43:56:f2:a4:4d:06:39:0c:b8:7b:d2:14:04:01:09:10:4e:
8b:10:b0:04:73:5f:85:69:e6:fa:ef:fe:0a:b0:bc:07:75:1e:
fb:b6:d6:ba:50:35:f0:2d:df:85:7b:c6:a9:80:5f:0b:ae:a5:
d3:04:ed:32:3f:c1:b7:99:65:91:56:bd:50:1a:3f:07:3d:d5:
fd:60:f6:3b:a3:8b:d8:bd:0c:25:29:8d:a5:2d:0b:b1:c4:5d:
a5:c6:22:26:7c:36:b9:6f:6e:eb:e6:5d:cd:1c:7a:15:c1:a5:
5b:23:e9:51:69:d9:ff:4d:bb:64:61:e7:76:a5:54:0f:9d:d8:
65:f2:5a:9f:72:71:a0:c3:83:28:69:55:32:8d:ef:ce:69:18:
e2:e7:4f:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWFynB5vvIk8nF5bzYKlnFK2p21AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTIwNDhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwODk2NDlkMmY5ZmNhMDk5NzI3ZGMwZTBkN2Y1YTg1N2FmOThmMDg0MWY2
NDdmYTY4MGE1OWM1ZTRlZTY5YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFSAf7ehvTaRV6TM/Ks5gzPUw2z/dgTLhX6zsf0lSMjXOY+XJfuZcNWHaH1
iFYvX9p4K6dNmIHOJidyAYomR4YfW8I9o77sGQGQws5S8xJvfdZypvXFZnZTEupo
Xo3s4//QQ08T2AEFsWxyR8fTDs3LhdEl4ylPwcGIwd7+ZBDaUB5hEMaywF+g8Zj1
WxVsD1QY0dvLj/3hFOzISXzzGSEvjoAjQp4YRIPGbpxeSoUUWWolifTi/MzMh/Yx
tTm0b73XcqEY1jMiLN2deUgesTOY9lZFqIQQq/Ee9edXDnoBBkwWEX8qOECwme6o
PMpQXmxG8DQG9Ny7vXRlUF/lXQ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTQHXsr
hpsCtmJhF1AO+7kAo8XXQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEAN7YwSacsM0Cox+uVbF2wzywjZPXygT0l0PYb
MaAE3p51FoKdQBRrcvmV5D8hai/B0lLAujZZS534N2ddbFeyxcS3t+s50XuBb1HK
UVR3+xtZnROFznuQudbo3FEqLwnQl2q8h5dYfAG6CUpk+ENW8qRNBjkMuHvSFAQB
CRBOixCwBHNfhWnm+u/+CrC8B3Ue+7bWulA18C3fhXvGqYBfC66l0wTtMj/Bt5ll
kVa9UBo/Bz3V/WD2O6OL2L0MJSmNpS0LscRdpcYiJnw2uW9u6+ZdzRx6FcGlWyPp
UWnZ/027ZGHndqVUD53YZfJan3JxoMODKGlVMo3vzmkY4udPmg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:23 2025 by rpki-client