Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
File: 581266ac-af97-4864-a566-36693b593269.roa (raw, json)
Hash identifier: zDqmtOw3nk2GFqo7Yg7Ti+Np/rzGjYlXOxAZqYUwkSA=
Subject key identifier: 36:C7:49:2A:F9:31:36:CF:3F:D7:3B:CA:0A:04:2D:5C:47:8E:74:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76C0E1FBCFE01453A5E54F503D28FA8F49CCC453
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
Signing time: Wed 05 Mar 2025 17:00:27 +0000
ROA not before: Wed 05 Mar 2025 17:00:27 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c0:e1:fb:cf:e0:14:53:a5:e5:4f:50:3d:28:fa:8f:49:cc:c4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:27 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:8b:f2:95:c1:04:3a:27:64:a4:bb:41:09:
3b:e6:8a:7e:eb:38:ed:c5:be:e6:dd:6c:2c:2f:ed:
6d:98:89:bd:19:2c:f0:a6:11:99:db:fb:95:75:d5:
a8:5d:38:6f:68:28:26:5c:f0:1f:1e:07:27:2b:47:
9f:32:27:f5:73:28:1d:b3:2e:c8:68:2b:68:33:14:
f0:58:30:00:14:39:0b:28:72:3a:a3:8e:72:3c:7a:
7a:9c:bc:e7:59:0c:9a:94:5d:41:16:3c:a5:b8:5c:
fb:e1:6d:1e:8c:92:65:9a:7d:29:1a:df:ea:15:27:
de:5f:c6:1e:b9:68:fd:2a:87:ea:ce:89:24:bc:ce:
c2:81:34:8a:d1:d2:4c:92:b4:83:9a:73:94:ea:ce:
67:ac:39:f7:91:29:e7:a7:93:44:43:7f:3c:5d:e1:
2e:52:84:b2:51:92:db:32:8e:35:89:bd:a2:3a:a1:
10:28:e4:8f:a0:5f:5b:c1:20:cd:a3:16:94:2c:35:
6e:03:b7:68:a4:87:f9:26:1a:32:a9:46:a2:b3:58:
76:81:08:42:3e:43:e8:72:36:82:42:cd:bb:93:1a:
e3:11:1f:a3:fe:3f:1c:d0:ae:c5:87:53:89:64:c4:
41:a5:f0:7a:9c:ff:6d:9d:81:30:2d:0e:9c:75:81:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C7:49:2A:F9:31:36:CF:3F:D7:3B:CA:0A:04:2D:5C:47:8E:74:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:2a:b6:8d:16:81:1c:1c:63:62:ec:c9:40:05:15:f5:cc:3d:
6b:15:7c:af:af:4d:aa:13:07:b6:a6:f1:dc:64:01:c8:9c:8e:
41:38:c1:a3:14:38:4d:de:49:ff:d9:4e:d7:2f:48:01:3b:8f:
94:c9:20:95:41:07:3a:3a:72:fb:cd:ff:4f:71:79:e6:4b:66:
a4:a1:94:0e:b4:bd:9e:13:9f:76:b5:7b:61:a3:e6:66:e6:ae:
3a:d4:22:e3:2b:6c:a1:a2:26:e3:26:c0:09:e1:8d:5e:c4:6f:
69:7d:b1:37:ce:8c:90:21:9b:29:e9:6a:62:47:77:27:94:92:
d8:13:9a:d3:40:4e:88:3c:f5:ed:2c:88:87:6f:12:e0:5b:32:
74:e8:47:1f:b5:b7:82:c3:cb:bc:ce:06:26:bc:43:65:e9:ce:
c4:f9:e0:3b:54:4d:ac:85:4f:d7:14:f0:24:99:f0:b1:cf:60:
01:68:05:61:be:37:8a:a6:13:91:d5:09:8b:48:4a:0d:cb:77:
db:75:88:52:9e:a2:7a:aa:6a:e5:d6:8c:4a:82:03:5e:6e:28:
2b:b7:6a:18:19:12:dd:6f:77:cb:f9:2a:5e:bd:5c:93:94:9c:
32:2c:67:87:cf:2a:17:37:d7:60:e9:0a:6c:e0:f7:e1:6e:94:
e9:9d:ce:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdsDh+8/gFFOl5U9QPSj6j0nMxFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMjdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzZjVlNmViMDZlOWMwZGVkMDkxMTA1MmU1NWM5NWUxYmFlM2Y0MDhkOTE0
ZTZlNzRiMWZjMDA0NGY1MDQwMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRmi/KVwQQ6J2Sku0EJO+aKfus47cW+5t1sLC/tbZiJvRks8KYRmdv7lXXV
qF04b2goJlzwHx4HJytHnzIn9XMoHbMuyGgraDMU8FgwABQ5CyhyOqOOcjx6epy8
51kMmpRdQRY8pbhc++FtHoySZZp9KRrf6hUn3l/GHrlo/SqH6s6JJLzOwoE0itHS
TJK0g5pzlOrOZ6w595Ep56eTREN/PF3hLlKEslGS2zKONYm9ojqhECjkj6BfW8Eg
zaMWlCw1bgO3aKSH+SYaMqlGorNYdoEIQj5D6HI2gkLNu5Ma4xEfo/4/HNCuxYdT
iWTEQaXwepz/bZ2BMC0OnHWB+5MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2x0kq
+TE2zz/XO8oKBC1cR450GTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgxMjY2YWMtYWY5Ny00ODY0LWE1NjYtMzY2OTNiNTkzMjY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQB+KraNFoEcHGNi7MlABRX1zD1rFXyvr02qEwe2
pvHcZAHInI5BOMGjFDhN3kn/2U7XL0gBO4+UySCVQQc6OnL7zf9PcXnmS2akoZQO
tL2eE592tXtho+Zm5q461CLjK2yhoibjJsAJ4Y1exG9pfbE3zoyQIZsp6WpiR3cn
lJLYE5rTQE6IPPXtLIiHbxLgWzJ06EcftbeCw8u8zgYmvENl6c7E+eA7VE2shU/X
FPAkmfCxz2ABaAVhvjeKphOR1QmLSEoNy3fbdYhSnqJ6qmrl1oxKggNebigrt2oY
GRLdb3fL+SpevVyTlJwyLGeHzyoXN9dg6Qps4PfhbpTpnc6w
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:51 2025 by rpki-client