Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
File: 5c57a644-0d1c-4126-9684-e345f93c1560.roa (raw, json)
Hash identifier: 7eKFCuSWQCmbcz4ozD553/BNIEc0gblA7/gmFLnSaWc=
Subject key identifier: 5C:7B:93:1A:46:03:6B:72:36:97:CE:E3:D7:04:A6:06:C4:F1:6D:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4961E91FE53FE6444506F634DD68190356B03528
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
Signing time: Wed 05 Mar 2025 16:40:49 +0000
ROA not before: Wed 05 Mar 2025 16:40:49 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:61:e9:1f:e5:3f:e6:44:45:06:f6:34:dd:68:19:03:56:b0:35:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:40:49 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:23:24:aa:45:82:33:5e:84:01:a3:a4:b2:51:
ca:a3:f8:3c:1a:36:6f:ee:67:fa:97:42:9f:6b:cc:
fb:ed:1e:5f:e7:68:5f:a8:07:5c:14:1e:89:c1:a9:
cd:30:7c:93:ee:42:42:cb:85:59:9b:61:5c:8a:43:
07:a9:51:55:41:a0:13:c4:0e:81:4e:09:ec:81:1c:
8f:86:10:df:69:5d:ae:fb:8e:3c:16:7c:9f:33:c8:
01:7a:ca:7b:80:4d:7c:7d:6b:de:79:84:86:3e:14:
a6:67:4e:db:9c:eb:b2:47:c0:98:1c:f5:30:3e:38:
e5:42:3e:66:6f:4b:53:8d:6a:ed:c6:36:be:89:1b:
e2:d0:dd:98:e6:a2:28:80:dd:c9:5f:9e:16:d0:7c:
1f:ff:2f:ef:c0:e2:32:d8:45:7f:6d:4a:3e:2c:29:
8a:a4:aa:fe:13:cf:2a:7f:ef:0b:66:8b:09:78:f2:
26:8a:79:6d:fb:4d:15:f9:04:41:4a:89:6b:18:2a:
f8:75:4c:45:13:55:b5:90:7c:b6:1d:28:e5:01:64:
dc:b3:5a:1b:0d:69:93:1b:40:93:de:24:10:62:32:
5e:72:ea:1a:e6:8d:a4:39:11:6e:2f:87:60:8f:5f:
c4:74:44:a4:e5:3e:61:75:05:98:9a:11:7a:1d:e7:
cb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7B:93:1A:46:03:6B:72:36:97:CE:E3:D7:04:A6:06:C4:F1:6D:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9040::/48
Signature Algorithm: sha256WithRSAEncryption
08:01:0d:a1:ea:7b:6c:77:60:66:5f:a2:83:1b:db:3e:ea:fb:
5c:67:2f:76:22:80:50:77:89:e0:3e:07:36:ec:5f:91:37:6a:
69:4d:e8:3e:3e:5b:b5:8c:e8:d2:bd:36:ae:b0:c8:4b:e9:1b:
e0:14:57:9d:bc:69:fa:1f:a2:df:41:3f:ac:2d:52:ea:8c:69:
ef:10:63:5c:6b:aa:cb:9e:cc:b5:70:98:4a:75:89:ec:3d:9b:
49:a8:af:7b:11:88:31:a2:7b:d6:f8:ad:c8:12:89:d7:d1:bb:
c3:c4:fd:e8:e6:f9:4a:02:b1:69:0d:57:35:64:f4:1c:b8:98:
c5:5d:bf:c0:52:f8:12:b8:88:d3:26:ec:ae:70:18:f5:6a:50:
48:66:8f:0b:1b:ef:d5:9d:f0:43:8f:d4:2e:6a:ab:ad:4c:29:
40:33:82:6e:8a:56:1a:bb:f3:b5:62:07:f2:99:32:1e:ac:e1:
ca:b5:6a:c4:e4:c6:eb:07:5d:8c:f8:ac:75:e8:c9:66:47:37:
b2:f2:9f:50:79:c0:bb:d8:11:34:a4:86:83:aa:78:9e:61:66:
cf:d0:b1:0f:84:06:24:aa:e6:a5:cc:ca:04:1f:f5:52:e6:59:
3b:c5:d4:80:b5:80:45:58:06:83:49:44:42:fc:9e:a2:17:c8:
44:5b:d3:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSWHpH+U/5kRFBvY03WgZA1awNSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjQwNDlaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMGU0ZDdiODk2YTQ4YzY1MmIzODdkZGExZGY1NzRkMDgyMTM2ZGNlM2Jj
N2E1ZmNiMzNiYzk4YTkxOTI2NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQjJKpFgjNehAGjpLJRyqP4PBo2b+5n+pdCn2vM++0eX+doX6gHXBQeicGp
zTB8k+5CQsuFWZthXIpDB6lRVUGgE8QOgU4J7IEcj4YQ32ldrvuOPBZ8nzPIAXrK
e4BNfH1r3nmEhj4UpmdO25zrskfAmBz1MD445UI+Zm9LU41q7cY2vokb4tDdmOai
KIDdyV+eFtB8H/8v78DiMthFf21KPiwpiqSq/hPPKn/vC2aLCXjyJop5bftNFfkE
QUqJaxgq+HVMRRNVtZB8th0o5QFk3LNaGw1pkxtAk94kEGIyXnLqGuaNpDkRbi+H
YI9fxHREpOU+YXUFmJoReh3ny90CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRce5Ma
RgNrcjaXzuPXBKYGxPFtGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM1N2E2NDQtMGQxYy00MTI2LTk2ODQtZTM0NWY5M2MxNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
QDANBgkqhkiG9w0BAQsFAAOCAQEACAENoep7bHdgZl+igxvbPur7XGcvdiKAUHeJ
4D4HNuxfkTdqaU3oPj5btYzo0r02rrDIS+kb4BRXnbxp+h+i30E/rC1S6oxp7xBj
XGuqy57MtXCYSnWJ7D2bSaivexGIMaJ71vityBKJ19G7w8T96Ob5SgKxaQ1XNWT0
HLiYxV2/wFL4EriI0ybsrnAY9WpQSGaPCxvv1Z3wQ4/ULmqrrUwpQDOCbopWGrvz
tWIH8pkyHqzhyrVqxOTG6wddjPisdejJZkc3svKfUHnAu9gRNKSGg6p4nmFmz9Cx
D4QGJKrmpczKBB/1UuZZO8XUgLWARVgGg0lEQvyeohfIRFvTkQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:26 2025 by rpki-client