Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json)
Hash identifier: aSSKPCdDUsngww0qjp4jnSC4ojwe3/QIKOwT+eH5W3s=
Subject key identifier: 0E:13:9D:9A:72:86:D1:88:27:A9:C3:82:A6:A3:3A:31:30:6B:EC:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DF6842FD0D094E86030CEBDCA905B94E4EA7E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
Signing time: Wed 05 Mar 2025 16:21:10 +0000
ROA not before: Wed 05 Mar 2025 16:21:10 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:f6:84:2f:d0:d0:94:e8:60:30:ce:bd:ca:90:5b:94:e4:ea:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:21:10 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:62:38:07:bd:c9:2c:b0:1e:ed:93:cd:0f:d1:
41:be:45:66:78:ad:fa:30:93:59:3d:ac:85:a5:68:
e2:d0:ca:f3:09:27:5f:cf:52:7c:7b:0e:ec:fc:b4:
44:1e:d9:6b:46:27:49:5a:fc:72:65:19:3e:ba:c2:
72:ef:90:a6:13:ac:ed:03:e0:76:9d:70:bf:27:72:
c0:19:69:ad:d0:b9:5e:82:27:25:d3:dd:bf:8b:f5:
98:d8:f2:12:b2:5c:70:6c:f5:ca:fa:dc:fd:79:5b:
7e:a3:8f:3a:c2:89:51:45:f1:45:42:56:ce:19:80:
e8:32:c7:74:77:ea:ad:9a:67:ad:66:fc:b6:69:e7:
e3:2a:72:8f:2f:ff:04:fd:38:97:ca:aa:4d:09:63:
ec:3b:26:1a:3c:ab:ed:3d:85:91:d3:c4:2c:f5:6f:
6d:27:73:47:ff:fe:af:b9:06:2d:53:16:2a:65:1e:
b3:ec:e4:7a:51:11:86:a3:1a:ac:e6:b2:3e:89:bf:
de:61:4b:15:22:68:5d:ad:17:24:f9:a4:0d:ba:20:
b9:83:9c:e8:4a:34:e5:32:c8:fc:9a:ab:3c:98:36:
55:78:9d:54:21:c6:be:25:fe:65:fa:c0:6d:ad:49:
23:d9:78:09:0a:ce:ac:fc:1e:2d:52:33:3c:96:3d:
54:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:13:9D:9A:72:86:D1:88:27:A9:C3:82:A6:A3:3A:31:30:6B:EC:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4080::/48
Signature Algorithm: sha256WithRSAEncryption
9f:25:da:9a:33:cd:d7:f7:ea:85:14:86:5a:00:f4:2d:ac:55:
b9:4c:6d:f2:7b:85:79:35:d0:cb:94:cd:18:c6:0c:b7:82:09:
10:9a:3f:2c:0d:46:d3:a5:de:a7:70:f4:2c:a2:77:43:b2:d4:
45:b6:8e:cf:ca:4a:a4:e8:a8:1a:81:57:fd:75:72:00:7b:b9:
2a:25:1d:d2:46:de:cd:92:ab:0c:13:d2:81:28:5d:19:f0:27:
1e:37:bd:0e:eb:ea:95:80:51:5c:33:2a:98:78:83:12:16:5f:
6f:83:25:48:27:b6:81:74:6e:c4:85:6d:54:89:19:a6:f8:2a:
36:be:09:da:12:61:5f:69:df:9e:04:e3:a9:71:64:55:f4:ed:
ed:01:c9:d2:54:ca:88:96:da:1f:59:9b:b6:d6:e2:5d:18:f4:
28:2c:f1:08:4b:46:71:76:32:a3:88:62:db:3d:8c:72:17:c1:
38:b0:4c:55:1a:46:c1:b1:f8:1e:d0:c4:b8:0a:43:ad:97:1e:
18:51:5c:b4:02:fb:be:b6:07:d1:bf:db:64:e8:74:e3:f4:33:
73:fc:cb:4e:bb:20:e1:5d:12:5e:92:2e:9b:d8:5a:e1:1f:0c:
3e:32:81:ce:e5:e1:89:b6:7a:e1:dc:6a:d8:6e:2a:7d:04:04:
99:23:66:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITXfaEL9DQlOhgMM69ypBblOTqfjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDMwNTE2MjExMFoXDTI1MDQwOTIzNTk1OVowejFJMEcGA1UE
BRNAYzkzZWJjY2EwODM4NjhjMTE0ZWMyNTNjZmQ5Y2YyZjAyNTA2MGZjZWQ3NzJm
NzFhNTI0YzA4ZjUyZjkwMjc5MjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArWI4B73JLLAe7ZPND9FBvkVmeK36MJNZPayFpWji0MrzCSdfz1J8ew7s/LRE
HtlrRidJWvxyZRk+usJy75CmE6ztA+B2nXC/J3LAGWmt0Llegicl092/i/WY2PIS
slxwbPXK+tz9eVt+o486wolRRfFFQlbOGYDoMsd0d+qtmmetZvy2aefjKnKPL/8E
/TiXyqpNCWPsOyYaPKvtPYWR08Qs9W9tJ3NH//6vuQYtUxYqZR6z7OR6URGGoxqs
5rI+ib/eYUsVImhdrRck+aQNuiC5g5zoSjTlMsj8mqs8mDZVeJ1UIca+Jf5l+sBt
rUkj2XgJCs6s/B4tUjM8lj1USQIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFA4TnZpy
htGIJ6nDgqajOjEwa+xrMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC81
NDNiYzY3ZC0wOGY5LTRhOTktYmY1ZS02ODEwMGUwMzQzOTUucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXQckCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfJdqaM83X9+qFFIZaAPQtrFW5TG3ye4V5NdDL
lM0Yxgy3ggkQmj8sDUbTpd6ncPQsondDstRFto7Pykqk6KgagVf9dXIAe7kqJR3S
Rt7NkqsME9KBKF0Z8CceN70O6+qVgFFcMyqYeIMSFl9vgyVIJ7aBdG7EhW1UiRmm
+Co2vgnaEmFfad+eBOOpcWRV9O3tAcnSVMqIltofWZu21uJdGPQoLPEIS0ZxdjKj
iGLbPYxyF8E4sExVGkbBsfge0MS4CkOtlx4YUVy0Avu+tgfRv9tk6HTj9DNz/MtO
uyDhXRJeki6b2FrhHww+MoHO5eGJtnrh3GrYbip9BASZI2Y+
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:41 2025 by rpki-client