Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
File: 5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa (raw, json)
Hash identifier: Go3Y2iCiq/NSiEutHJM2OReqf7hzRJ4RAkiMXRqb8x0=
Subject key identifier: C5:23:37:25:EB:3A:94:DF:0E:27:C3:8F:57:C7:E0:90:64:D4:97:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57791B2CCA2242DC43BC6EEE71CEE98328BD4AFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
Signing time: Tue 11 Mar 2025 00:10:30 +0000
ROA not before: Tue 11 Mar 2025 00:10:30 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f:800::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:79:1b:2c:ca:22:42:dc:43:bc:6e:ee:71:ce:e9:83:28:bd:4a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 11 00:10:30 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e6:50:26:8d:e7:e2:05:71:61:de:ac:30:ff:
d8:fc:bb:9b:fe:b5:c8:6f:f1:13:bf:f7:ab:5f:4b:
ee:bf:46:1b:60:35:cd:32:91:d3:20:30:03:87:b2:
b7:9a:e3:e8:df:b8:31:78:2e:96:c6:4d:5a:13:63:
31:8c:1b:e2:29:41:3f:10:a1:76:31:a6:55:03:9c:
38:ba:3e:c2:f9:24:c8:59:89:17:63:dc:a7:3a:69:
47:a8:2f:b9:d3:5c:8f:60:d0:28:60:99:08:df:09:
69:37:a0:f1:33:bb:0d:4e:07:0f:1d:b4:76:09:25:
06:2a:44:3a:c4:98:9f:f1:7d:98:5a:f2:ce:94:07:
c8:fc:41:ec:33:b5:cd:bc:2d:64:56:56:44:ca:7e:
8e:a0:8b:56:09:cc:f4:03:18:71:5e:10:f1:5e:b5:
a1:f3:5c:4d:f6:98:6a:c8:c1:2d:d9:0e:cb:a3:7e:
31:57:80:68:b7:b9:70:e5:e0:62:5d:ab:e2:cd:3d:
ec:03:54:64:6c:bb:a1:12:d0:e1:04:b9:6a:82:5e:
7c:bb:fb:27:b0:8f:6e:8b:e1:f7:52:0b:e4:83:b6:
51:dc:c6:97:ff:f5:15:03:8c:5b:5d:1c:04:ed:c9:
49:77:4f:67:87:79:dd:a1:91:86:4c:b2:19:18:ae:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:23:37:25:EB:3A:94:DF:0E:27:C3:8F:57:C7:E0:90:64:D4:97:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f:800::/37
Signature Algorithm: sha256WithRSAEncryption
4d:d7:49:02:e2:19:bf:65:9e:73:9e:a4:6a:d2:ef:e5:ba:92:
38:a9:fc:c4:8b:89:2e:0c:d5:f4:3f:d1:41:2f:5d:63:52:d9:
34:37:a0:57:74:66:68:64:5b:fc:ba:79:08:54:33:83:83:44:
78:3a:fd:85:d8:03:6a:66:a9:81:7a:8e:10:71:07:0b:9e:66:
31:fb:77:00:3a:35:ca:15:d9:ba:cc:0b:ba:36:3f:5c:1d:58:
ee:b3:45:76:dd:3e:4e:fc:48:b0:ea:f1:f3:2e:21:16:42:23:
c4:2e:06:66:57:90:71:a9:05:9c:dc:3e:3b:68:4c:ce:ca:92:
71:5d:40:82:b9:53:24:40:fd:7e:42:f7:a9:3e:7c:28:89:97:
3a:b7:cf:92:78:33:e5:4c:72:e4:01:9c:bd:46:79:70:2c:89:
20:04:bc:bd:ea:85:7f:8b:7c:1e:05:02:d9:3f:e1:79:86:da:
04:bd:8c:87:28:70:7b:fd:b5:37:e5:04:76:14:52:ff:c5:6c:
28:4f:62:df:2d:50:50:bf:f1:7b:86:74:9f:ed:b2:e5:c2:42:
e3:f3:74:dc:6b:58:b6:87:0c:fb:e7:31:3c:1b:4e:2e:d2:32:
7b:13:67:1f:a2:ae:d5:e3:00:f4:2b:ec:48:05:91:85:b6:ef:
80:2e:36:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV3kbLMoiQtxDvG7ucc7pgyi9Sv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTEwMDEwMzBaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwNTU3ODBiODZkYzY0NTA1MDZjYzRlZTAyMmQ2MzJjNTQ2OTZhYjdlNzhj
ZjExYmRkNzBkMDAzYTg3YTA2Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjmUCaN5+IFcWHerDD/2Py7m/61yG/xE7/3q19L7r9GG2A1zTKR0yAwA4ey
t5rj6N+4MXgulsZNWhNjMYwb4ilBPxChdjGmVQOcOLo+wvkkyFmJF2PcpzppR6gv
udNcj2DQKGCZCN8JaTeg8TO7DU4HDx20dgklBipEOsSYn/F9mFryzpQHyPxB7DO1
zbwtZFZWRMp+jqCLVgnM9AMYcV4Q8V61ofNcTfaYasjBLdkOy6N+MVeAaLe5cOXg
Yl2r4s097ANUZGy7oRLQ4QS5aoJefLv7J7CPbovh91IL5IO2UdzGl//1FQOMW10c
BO3JSXdPZ4d53aGRhkyyGRiuG2ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFIzcl
6zqU3w4nw49Xx+CQZNSXsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTIzOGMxM2YtYjJhNS00M2Q5LTk2MjQtZDJlNzE0YTliZjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8I
MA0GCSqGSIb3DQEBCwUAA4IBAQBN10kC4hm/ZZ5znqRq0u/lupI4qfzEi4kuDNX0
P9FBL11jUtk0N6BXdGZoZFv8unkIVDODg0R4Ov2F2ANqZqmBeo4QcQcLnmYx+3cA
OjXKFdm6zAu6Nj9cHVjus0V23T5O/Eiw6vHzLiEWQiPELgZmV5BxqQWc3D47aEzO
ypJxXUCCuVMkQP1+QvepPnwoiZc6t8+SeDPlTHLkAZy9RnlwLIkgBLy96oV/i3we
BQLZP+F5htoEvYyHKHB7/bU35QR2FFL/xWwoT2LfLVBQv/F7hnSf7bLlwkLj83Tc
a1i2hwz75zE8G04u0jJ7E2cfoq7V4wD0K+xIBZGFtu+ALja8
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:23 2025 by rpki-client