Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa
File: 5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa (raw, json)
Hash identifier: TXGGYIJMYlhJom0+G3nJ89af2fHg8DDpwongiPBRiLw=
Subject key identifier: E2:41:33:94:E5:63:1A:EF:D6:0A:DA:13:06:3C:FB:6B:76:89:47:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C011BADFF2E5918E9C027EE99684C5A0575C352
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa
Signing time: Wed 05 Mar 2025 17:11:58 +0000
ROA not before: Wed 05 Mar 2025 17:11:58 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:01:1b:ad:ff:2e:59:18:e9:c0:27:ee:99:68:4c:5a:05:75:c3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:11:58 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d8:fe:fd:79:79:db:24:ab:e8:47:48:35:8e:
0d:6b:83:ae:db:a5:fe:d0:15:5d:20:c2:ba:f2:95:
ec:b2:cf:8f:78:23:6b:4c:fd:18:98:7c:c7:91:fc:
14:44:b0:9f:ba:dd:c8:c9:cf:f1:4c:f3:f4:0a:9d:
35:24:ba:02:7d:a1:67:fc:46:53:4c:61:11:62:77:
7c:b5:83:65:c6:34:22:68:30:ff:3a:44:ce:a1:e2:
c4:82:e1:96:d0:7b:b2:72:77:37:09:1c:7a:83:b7:
7a:f1:6a:d7:89:31:5b:f5:2a:9e:45:12:9c:35:52:
32:ab:57:b5:8c:60:57:14:f7:0a:90:c7:d3:09:74:
60:2e:ab:d9:23:6c:9e:60:2f:45:b8:4c:65:60:e8:
0c:14:7d:b6:74:02:b9:c7:20:29:5e:13:b8:5c:df:
0f:72:2e:6d:0e:da:16:56:1e:c4:e0:8e:32:3c:af:
c6:d7:36:41:d9:67:e4:59:ab:f2:b5:f9:ab:f7:e0:
4c:95:dc:8c:ba:4e:ed:dc:a1:59:ae:6d:34:a2:d5:
46:43:5e:cd:29:35:93:dd:66:03:45:a6:91:23:20:
ed:c2:6f:25:ab:8d:dc:a9:e1:1c:3c:24:00:7d:a7:
6a:1d:36:22:4f:69:0d:96:30:62:d8:5a:a3:e5:79:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:41:33:94:E5:63:1A:EF:D6:0A:DA:13:06:3C:FB:6B:76:89:47:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a56b250-ea3b-4b36-bc05-9e25e6cabb2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:9b:ab:c3:d9:6a:1a:1d:ec:0e:3b:d3:0b:5e:71:1d:3c:e5:
e6:a6:ee:f9:39:c4:03:b6:a7:19:30:52:e8:55:f1:3a:32:9b:
3f:68:0b:fb:86:74:b5:7f:bb:52:c5:88:e9:05:8c:82:d9:c0:
b2:24:eb:91:33:d4:69:f1:d4:ad:50:5c:bd:1b:19:95:3c:c9:
77:e9:08:e1:88:1b:4f:63:74:b3:d5:cf:7a:8c:df:98:ae:f8:
6f:3a:61:07:2a:29:02:b6:53:a1:ef:44:26:12:cd:38:b9:e0:
83:5d:a0:b4:4d:0e:0f:44:35:b0:4c:a6:c3:a0:83:b9:a0:22:
8f:78:f9:fc:e4:b6:8e:f8:b0:9b:ff:b1:6a:28:24:28:91:19:
77:09:6a:f7:b0:04:74:af:b5:d4:01:ed:39:16:ed:f7:2f:36:
d7:72:ad:c5:13:58:ac:ab:18:ad:64:4e:ee:0f:27:df:66:9d:
61:be:44:52:39:62:a6:9b:94:3b:9e:57:ad:4b:f4:af:e4:b9:
e7:5b:f6:61:56:ca:a5:e7:5d:b6:fe:05:ea:1e:fc:cc:4a:1d:
45:83:98:f3:41:d2:d6:d7:45:c0:6d:61:15:30:39:8c:50:3b:
ab:83:f9:5a:99:64:0f:dd:9d:57:1f:07:ef:fe:65:72:e3:58:
98:4c:bc:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDAEbrf8uWRjpwCfumWhMWgV1w1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzExNThaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyYzA0MjE1ZmFmY2E5NmMxYjlkM2I0ODNkZTliZmFlN2Q5YjhmOGFhNDFm
YmI0ZjEwMDk0MWIxMzRmY2I0MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnY/v15edskq+hHSDWODWuDrtul/tAVXSDCuvKV7LLPj3gja0z9GJh8x5H8
FESwn7rdyMnP8Uzz9AqdNSS6An2hZ/xGU0xhEWJ3fLWDZcY0Imgw/zpEzqHixILh
ltB7snJ3NwkceoO3evFq14kxW/UqnkUSnDVSMqtXtYxgVxT3CpDH0wl0YC6r2SNs
nmAvRbhMZWDoDBR9tnQCuccgKV4TuFzfD3IubQ7aFlYexOCOMjyvxtc2Qdln5Fmr
8rX5q/fgTJXcjLpO7dyhWa5tNKLVRkNezSk1k91mA0WmkSMg7cJvJauN3KnhHDwk
AH2nah02Ik9pDZYwYthao+V5yRECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiQTOU
5WMa79YK2hMGPPtrdolHmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1NmIyNTAtZWEzYi00YjM2LWJjMDUtOWUyNWU2Y2FiYjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQChm6vD2WoaHewOO9MLXnEdPOXmpu75OcQDtqcZ
MFLoVfE6Mps/aAv7hnS1f7tSxYjpBYyC2cCyJOuRM9Rp8dStUFy9GxmVPMl36Qjh
iBtPY3Sz1c96jN+YrvhvOmEHKikCtlOh70QmEs04ueCDXaC0TQ4PRDWwTKbDoIO5
oCKPePn85LaO+LCb/7FqKCQokRl3CWr3sAR0r7XUAe05Fu33LzbXcq3FE1isqxit
ZE7uDyffZp1hvkRSOWKmm5Q7nletS/Sv5LnnW/ZhVsql5122/gXqHvzMSh1Fg5jz
QdLW10XAbWEVMDmMUDurg/lamWQP3Z1XHwfv/mVy41iYTLwb
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:44 2025 by rpki-client