Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: OWscIl+BeJIsgQZ6Jmu9RNG9Djd4WR5cnLU8HNVPl/U=
Subject key identifier: 59:D9:23:C6:31:11:32:1F:A0:1A:85:47:43:E2:EB:C1:88:04:C1:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07F29C159CA630BBC2D854F6D45503186229A1EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Wed 05 Mar 2025 17:42:06 +0000
ROA not before: Wed 05 Mar 2025 17:42:06 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:f2:9c:15:9c:a6:30:bb:c2:d8:54:f6:d4:55:03:18:62:29:a1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:42:06 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:66:fe:07:6e:b9:e7:96:bc:1a:0e:24:a7:0c:
bf:5c:fe:6f:43:26:cb:7c:59:e0:ea:04:2c:e5:95:
04:ff:d7:b9:68:d6:72:23:16:64:98:f9:97:bb:d1:
36:7e:4a:25:ee:ee:90:88:6f:09:48:a1:6c:9e:da:
a7:e9:88:f5:e7:94:b6:40:13:81:77:fb:3a:b8:8e:
66:b9:85:c7:a9:9e:25:41:76:35:38:68:15:ed:cd:
7b:7f:e7:ac:dc:c4:83:be:9e:81:a3:c1:51:c4:0b:
80:fd:b3:68:4a:1a:1c:d5:b6:b1:31:79:d1:5c:d3:
ba:ce:d9:9f:ff:09:7c:df:58:47:d9:25:f5:80:61:
40:ae:44:09:42:1d:a4:23:a7:42:6b:92:fe:89:61:
47:59:8b:6b:c9:a9:ab:a3:4a:80:c7:f7:e8:d4:89:
89:c6:a1:ef:0e:89:77:d5:99:8b:78:d5:56:d3:c9:
fc:f6:77:a2:ae:ee:41:e2:44:e1:f3:fa:21:3f:64:
a5:d0:c3:6d:2b:05:a8:5e:72:47:12:97:62:10:10:
93:98:11:d0:e4:4a:65:8f:d9:a3:88:70:e4:50:9e:
b0:7d:ce:d1:67:06:20:a5:96:c6:7b:df:9a:ff:8e:
2f:de:22:60:80:4b:40:f8:9e:79:10:77:0e:0b:65:
ad:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D9:23:C6:31:11:32:1F:A0:1A:85:47:43:E2:EB:C1:88:04:C1:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
5b:11:dc:91:81:15:54:2b:44:67:38:32:36:b0:87:f7:2d:96:
73:79:4d:de:db:8f:5d:22:1b:ef:59:6d:7a:cf:45:d1:24:0e:
d9:ac:89:fd:bb:61:53:ec:d7:98:03:4d:d0:78:3e:d7:be:89:
a9:27:c8:77:f1:be:e7:05:f5:d2:62:3b:ec:7e:fb:68:23:dd:
14:22:a2:d9:5d:79:1e:e9:ff:87:d4:ed:b0:85:34:8e:3a:e3:
ae:35:23:33:f6:b8:4d:36:1e:c9:8f:34:91:85:49:e9:d1:f4:
71:dd:af:7e:1f:58:45:fb:81:ed:0b:2a:ab:90:00:64:7f:30:
f2:0e:5d:65:25:5b:cd:8a:a0:71:d9:db:16:e8:7e:e6:d4:09:
87:44:90:9a:88:57:80:ca:e8:d5:96:64:85:43:70:dd:34:d0:
ad:ee:96:59:d8:b2:ad:20:30:89:1b:48:c9:46:3f:d0:01:e5:
42:e6:a5:74:d7:71:e9:77:90:e7:76:d3:8d:77:20:53:49:66:
18:02:93:7f:a9:8f:b0:16:ef:15:39:1d:52:9e:b0:47:90:0c:
bd:d3:d3:1c:df:fa:00:52:14:50:78:7b:77:d1:56:fb:c7:1f:
ff:54:b7:65:5c:40:50:d7:71:17:c2:22:05:32:d1:9d:59:be:
13:f6:ac:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB/KcFZymMLvC2FT21FUDGGIpoe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQyMDZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4Mzc4MjFiMjlmODg5N2UwNDc4NGIxMDMwNDdiZDMyNTI4ZmVjYWE4MTY2
MzA5NGRiNzBhY2QyYzNmY2QwZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlm/gduueeWvBoOJKcMv1z+b0Mmy3xZ4OoELOWVBP/XuWjWciMWZJj5l7vR
Nn5KJe7ukIhvCUihbJ7ap+mI9eeUtkATgXf7OriOZrmFx6meJUF2NThoFe3Ne3/n
rNzEg76egaPBUcQLgP2zaEoaHNW2sTF50VzTus7Zn/8JfN9YR9kl9YBhQK5ECUId
pCOnQmuS/olhR1mLa8mpq6NKgMf36NSJicah7w6Jd9WZi3jVVtPJ/PZ3oq7uQeJE
4fP6IT9kpdDDbSsFqF5yRxKXYhAQk5gR0ORKZY/Zo4hw5FCesH3O0WcGIKWWxnvf
mv+OL94iYIBLQPieeRB3DgtlrUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZ2SPG
MREyH6AahUdD4uvBiATBEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbEdyRgRVUK0RnODI2sIf3LZZzeU3e249dIhvv
WW16z0XRJA7ZrIn9u2FT7NeYA03QeD7XvompJ8h38b7nBfXSYjvsfvtoI90UIqLZ
XXke6f+H1O2whTSOOuOuNSMz9rhNNh7JjzSRhUnp0fRx3a9+H1hF+4HtCyqrkABk
fzDyDl1lJVvNiqBx2dsW6H7m1AmHRJCaiFeAyujVlmSFQ3DdNNCt7pZZ2LKtIDCJ
G0jJRj/QAeVC5qV013Hpd5DndtONdyBTSWYYApN/qY+wFu8VOR1SnrBHkAy909Mc
3/oAUhRQeHt30Vb7xx//VLdlXEBQ13EXwiIFMtGdWb4T9qxI
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:49 2025 by rpki-client