Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: pd7B0WTvxNm6DDnePcBbXNGnb4nxLE5agk8RubKjGyE=
Subject key identifier: 0A:9D:82:FB:A3:25:77:38:6E:A4:BB:71:38:3B:A5:8C:3E:9F:C3:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 412DEE5AB2745056BBC779C5B142F9181B4396D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Wed 26 Mar 2025 19:23:26 +0000
ROA not before: Wed 26 Mar 2025 19:23:26 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:2d:ee:5a:b2:74:50:56:bb:c7:79:c5:b1:42:f9:18:1b:43:96:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 26 19:23:26 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8b:5e:70:40:1e:9b:4d:85:d2:32:1a:83:77:
98:52:4a:be:ca:75:a9:96:2d:e0:47:ad:20:14:d6:
30:ef:85:8f:b3:00:ac:1f:96:f8:a2:6b:e3:bf:5d:
c2:95:4e:47:2d:19:0e:28:4f:14:8a:d6:e0:43:ca:
a5:67:a8:a2:8a:37:d9:ae:69:0f:af:01:e5:3a:cc:
83:26:10:59:24:e6:8e:85:70:81:f6:2e:bf:16:27:
12:77:6f:79:32:86:d8:08:ab:d5:cb:a8:f8:da:7d:
bd:aa:c1:2f:d8:af:30:98:7f:3e:ff:b4:92:e8:f3:
17:e2:e2:7c:3e:22:91:36:b7:a9:54:a1:53:7f:09:
be:bd:ea:8c:4e:bc:95:57:da:d1:19:bb:10:a6:f5:
54:13:79:d7:5e:ca:3f:f0:49:1d:12:1f:df:22:55:
15:6d:b2:a7:41:fa:53:83:ff:00:0d:bb:e1:f2:c4:
f9:b3:ab:dc:91:c9:5e:33:6f:0d:20:c4:44:cc:a1:
f7:81:5f:31:03:a3:d9:19:2e:fd:0e:ac:aa:f2:ff:
d4:bd:52:27:8d:b5:6b:6c:9a:ad:7a:65:df:db:b8:
b8:2f:07:89:26:53:42:f4:2b:f9:9c:4b:28:e9:6b:
63:fb:a0:0d:18:32:49:50:f5:3c:73:7b:88:12:4e:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:9D:82:FB:A3:25:77:38:6E:A4:BB:71:38:3B:A5:8C:3E:9F:C3:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
b3:ae:f1:1d:bd:61:da:07:24:a2:ac:6b:ba:ea:e1:34:3f:fd:
c4:3c:16:85:95:29:b1:b4:3f:d5:a2:73:82:1c:07:c0:5f:34:
0f:c7:b0:a3:7b:f0:87:91:49:3b:a5:61:82:5e:21:0a:1c:0c:
8f:24:16:4e:bd:8d:25:bd:f5:43:2c:5d:97:33:c9:5e:fc:a1:
b0:57:8c:15:30:ed:a6:ac:ad:27:a1:68:8e:61:b6:b5:24:1b:
09:ab:45:ba:36:30:8f:cc:61:2d:8a:e6:45:8a:da:fa:d6:17:
9f:6d:0f:fe:63:a4:6e:02:46:65:20:c1:cd:cd:53:e9:16:16:
5d:cf:f1:31:98:5b:0b:7c:e7:db:f6:06:db:fe:eb:4b:be:f8:
c1:a5:13:e5:48:20:52:51:c5:30:10:cd:01:3a:3d:fa:b5:ca:
18:61:87:be:95:08:5d:8b:f0:5d:49:7c:61:de:ae:19:9b:93:
a6:55:92:ca:13:22:13:a6:56:e5:fd:1b:8b:9d:3b:53:c8:f5:
bd:09:c9:0c:7a:76:96:db:20:07:21:7c:95:b3:bb:f9:77:ee:
41:7f:f3:8e:2c:bd:88:f1:c4:51:a9:ea:f7:75:2f:33:73:13:
ae:c2:37:25:3c:c3:0c:41:7d:c7:0c:66:3a:79:6a:50:5f:01:
1b:ce:de:5f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQS3uWrJ0UFa7x3nFsUL5GBtDltcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjYxOTIzMjZaFw0yNTA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZmMwYTg4ZjZiOGU5ZmI3YzZlNTYyODcyMTAxMjBlZjRmMjlmYjY1MzFk
ZTU2ZGUyMDlhY2IxNDI4NzdhNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaLXnBAHptNhdIyGoN3mFJKvsp1qZYt4EetIBTWMO+Fj7MArB+W+KJr479d
wpVORy0ZDihPFIrW4EPKpWeoooo32a5pD68B5TrMgyYQWSTmjoVwgfYuvxYnEndv
eTKG2Air1cuo+Np9varBL9ivMJh/Pv+0kujzF+LifD4ikTa3qVShU38Jvr3qjE68
lVfa0Rm7EKb1VBN5117KP/BJHRIf3yJVFW2yp0H6U4P/AA274fLE+bOr3JHJXjNv
DSDERMyh94FfMQOj2Rku/Q6sqvL/1L1SJ421a2yarXpl39u4uC8HiSZTQvQr+ZxL
KOlrY/ugDRgySVD1PHN7iBJOwxECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKnYL7
oyV3OG6ku3E4O6WMPp/DwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEAs67xHb1h2gckoqxruurhND/9xDwWhZUpsbQ/
1aJzghwHwF80D8ewo3vwh5FJO6Vhgl4hChwMjyQWTr2NJb31QyxdlzPJXvyhsFeM
FTDtpqytJ6FojmG2tSQbCatFujYwj8xhLYrmRYra+tYXn20P/mOkbgJGZSDBzc1T
6RYWXc/xMZhbC3zn2/YG2/7rS774waUT5UggUlHFMBDNATo9+rXKGGGHvpUIXYvw
XUl8Yd6uGZuTplWSyhMiE6ZW5f0bi507U8j1vQnJDHp2ltsgByF8lbO7+XfuQX/z
jiy9iPHEUanq93UvM3MTrsI3JTzDDEF9xwxmOnlqUF8BG87eXw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:25 2025 by rpki-client