Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: lIbOSeIqkL9NBWpaMCKyqLohWFy86aVq3yGfYwBlkvs=
Subject key identifier: 9F:21:48:4B:F3:E1:21:17:F2:4C:7A:1B:17:77:6B:09:C8:50:D4:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19E98799498AAFC2B9B4F426D86A841400A8531F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Wed 05 Mar 2025 15:40:03 +0000
ROA not before: Wed 05 Mar 2025 15:40:03 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:e9:87:99:49:8a:af:c2:b9:b4:f4:26:d8:6a:84:14:00:a8:53:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:40:03 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:7d:b1:05:29:4c:ea:2a:a8:71:d8:a8:81:25:
1f:34:c9:58:de:46:dd:c6:1d:e9:6b:6b:fd:f7:f5:
90:2a:64:b0:a7:c6:33:d8:7f:51:bc:8e:c5:4d:7e:
06:1c:ff:52:a1:e5:02:c4:8a:f2:10:d3:f5:31:07:
eb:ac:65:89:a0:48:d1:8e:91:29:1d:4c:4b:24:3a:
3c:d8:a3:77:45:2e:26:85:70:cd:17:2e:04:af:6e:
24:a9:a0:26:77:81:6a:8f:49:c4:13:0b:bd:9c:55:
b6:22:44:50:25:da:bb:f0:23:0c:ec:6d:a0:0e:de:
c5:73:1d:e9:a5:ce:49:1f:de:60:45:a4:04:b2:ba:
e1:8d:2d:48:bf:68:97:df:8a:e0:5a:28:07:5c:a7:
69:92:fd:41:54:22:e5:85:7e:dd:d0:39:51:46:be:
96:d2:b3:81:c2:ea:87:4f:1b:43:7b:ca:9a:68:ea:
97:87:1b:fd:92:56:d6:b8:22:5f:ed:f3:64:ee:eb:
b9:4f:d1:7d:4d:d1:50:9a:dc:05:f4:3a:32:c7:77:
cf:fe:e3:1f:eb:32:4a:cf:c6:04:b6:db:4e:2f:65:
0e:f9:ee:a2:fc:37:2f:cf:bf:2b:58:31:8c:ca:81:
5d:86:f2:64:b6:ef:88:d2:7f:7c:ee:13:b4:c5:e9:
df:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:21:48:4B:F3:E1:21:17:F2:4C:7A:1B:17:77:6B:09:C8:50:D4:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
0b:db:b3:5b:fa:5c:9b:d0:9e:0b:ae:ca:72:9c:61:e2:0f:c5:
3e:a5:84:cf:80:e7:34:87:aa:42:07:d9:47:ef:6f:89:31:c3:
24:78:98:69:b2:21:23:89:54:46:1d:08:4f:b6:a6:51:d3:07:
b0:75:ee:dd:b8:8c:c3:7e:21:0d:b0:f8:e2:19:d1:dd:6f:66:
d1:ad:a0:0d:bb:2c:a3:b5:e4:01:51:c9:8d:8a:69:a2:fb:2b:
04:b5:c8:66:ee:fc:d7:13:e4:a9:68:69:bf:01:1c:b5:72:f1:
82:59:ed:7a:99:67:8e:84:cf:b7:2c:5d:d3:f9:54:a1:10:9b:
99:86:a6:c8:84:12:19:ad:dc:10:e5:ee:ad:1b:d2:ce:27:2f:
fd:10:2a:f7:2f:96:7d:8b:b3:84:9b:88:1c:c4:d3:bf:b9:23:
16:dc:9f:91:07:bb:67:5a:ef:a7:b3:f5:78:97:27:8c:e1:28:
75:a7:5a:be:52:8b:1c:e9:38:0e:aa:95:b5:cc:b6:43:c9:16:
ee:bc:3c:91:64:8a:4e:aa:31:4f:e0:e2:f7:53:3d:3d:3e:2b:
9e:c2:73:5b:44:5b:b5:91:00:55:36:b0:5f:e9:0e:98:17:d4:
2b:d7:06:26:47:19:77:a0:75:1c:d8:1a:be:71:61:ce:ff:3f:
43:12:e0:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGemHmUmKr8K5tPQm2GqEFACoUx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTQwMDNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2MTgzOTg2NjU4YmQ1MzQyYjdkNmQzZDM0OTQ3NTQzZDcyMzE2MWViYTYx
YWRmOTE1OTA5YzM0MDRkNjIzMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOp9sQUpTOoqqHHYqIElHzTJWN5G3cYd6Wtr/ff1kCpksKfGM9h/UbyOxU1+
Bhz/UqHlAsSK8hDT9TEH66xliaBI0Y6RKR1MSyQ6PNijd0UuJoVwzRcuBK9uJKmg
JneBao9JxBMLvZxVtiJEUCXau/AjDOxtoA7exXMd6aXOSR/eYEWkBLK64Y0tSL9o
l9+K4FooB1ynaZL9QVQi5YV+3dA5UUa+ltKzgcLqh08bQ3vKmmjql4cb/ZJW1rgi
X+3zZO7ruU/RfU3RUJrcBfQ6Msd3z/7jH+sySs/GBLbbTi9lDvnuovw3L8+/K1gx
jMqBXYbyZLbviNJ/fO4TtMXp32ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSfIUhL
8+EhF/JMehsXd2sJyFDUiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAC9uzW/pcm9CeC67Kcpxh4g/FPqWEz4DnNIeq
QgfZR+9viTHDJHiYabIhI4lURh0IT7amUdMHsHXu3biMw34hDbD44hnR3W9m0a2g
Dbsso7XkAVHJjYppovsrBLXIZu781xPkqWhpvwEctXLxglnteplnjoTPtyxd0/lU
oRCbmYamyIQSGa3cEOXurRvSzicv/RAq9y+WfYuzhJuIHMTTv7kjFtyfkQe7Z1rv
p7P1eJcnjOEodadavlKLHOk4DqqVtcy2Q8kW7rw8kWSKTqoxT+Di91M9PT4rnsJz
W0RbtZEAVTawX+kOmBfUK9cGJkcZd6B1HNgavnFhzv8/QxLgZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:20 2025 by rpki-client