Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
File: 67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa (raw, json)
Hash identifier: 9hg403snGsAggJ0BjZIpIakbJkT4+jkIOJ0JgI8Ifps=
Subject key identifier: 32:EB:E0:15:C1:DB:40:C8:75:74:7C:96:DE:E0:5F:B3:7C:39:E3:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C978D07AD3FCC96C10165E5192A5EEE2340EE2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
Signing time: Fri 21 Mar 2025 15:00:11 +0000
ROA not before: Fri 21 Mar 2025 15:00:11 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:97:8d:07:ad:3f:cc:96:c1:01:65:e5:19:2a:5e:ee:23:40:ee:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:11 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:db:bc:4a:8c:57:33:0b:58:d6:cb:e8:00:98:
08:a2:1f:9e:3f:1d:30:d8:90:48:fa:0f:40:e4:6c:
63:6c:3e:69:2c:e7:3a:66:97:9d:96:d2:88:94:92:
e9:0e:e7:02:7e:44:3d:83:27:5f:cf:f6:6b:81:de:
90:e2:a5:ca:5a:e1:29:bd:94:7d:a0:3e:04:68:97:
a3:1b:4e:db:2b:79:28:75:28:d6:bd:cb:5e:f9:8a:
14:e7:df:12:d0:a2:25:d7:14:13:be:05:a3:00:98:
f9:cd:5f:9b:60:48:95:88:c2:00:61:16:7d:84:a8:
0e:1a:62:90:ef:9b:ab:42:a0:60:96:5c:27:3e:7a:
45:3b:0d:0c:e2:3e:5b:89:ca:f5:6e:e3:05:f5:96:
11:e4:b2:22:41:26:66:d4:cd:b6:9a:13:2c:9b:3e:
68:11:07:7e:67:6f:47:cb:3a:04:b1:b2:fa:aa:e6:
44:df:21:53:61:1f:ff:f7:8d:56:e2:9a:10:98:43:
a7:1d:07:1e:7b:70:cb:97:32:21:cd:17:f0:08:6e:
33:82:72:57:af:9a:e9:a9:80:85:78:6f:f9:d5:e9:
09:be:fc:5c:8b:a5:61:fe:20:4e:0e:5b:02:9d:fc:
a3:e0:55:e5:8f:2d:a9:0a:bc:59:3e:f2:9b:c8:1e:
ce:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EB:E0:15:C1:DB:40:C8:75:74:7C:96:DE:E0:5F:B3:7C:39:E3:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
56:0c:48:51:f0:1b:67:e0:87:f6:29:d8:c6:8b:01:55:f8:c0:
69:ae:2c:60:e1:c9:79:d8:88:b6:c3:9a:0e:73:02:ce:17:ef:
84:82:04:1e:72:37:8f:8e:78:89:22:b6:8e:60:dc:19:0e:57:
89:6a:71:33:da:88:e3:90:ea:6e:2e:3a:a5:c2:ed:6e:e5:a7:
df:29:31:04:24:42:67:18:4d:e8:19:6e:56:c9:f7:a6:a4:50:
92:6d:0b:1b:f3:7c:10:84:0c:98:c7:c8:bc:53:b0:68:9f:81:
72:00:da:72:82:fd:4d:f8:20:b6:e8:93:72:06:92:72:b4:54:
78:b2:4e:4c:81:35:b4:41:ea:18:aa:12:ad:5b:9a:54:2d:a7:
51:9a:21:3b:e8:5e:c4:b1:bb:b0:cc:e3:27:83:58:f3:09:fb:
28:02:4b:66:ae:1d:c6:0a:9a:de:d5:ac:f7:04:e2:c9:22:f2:
fb:8d:d3:43:aa:66:00:9c:80:e5:77:92:d7:7f:46:38:11:86:
61:c1:e9:c5:a4:d7:60:c3:a2:f5:cc:02:2c:9d:85:e4:d1:bd:
0f:99:b7:fd:a2:30:7a:df:4b:92:b5:05:2e:21:33:71:9b:bf:
4e:95:44:07:98:aa:3a:ae:5b:42:43:83:8e:d4:c8:2e:2f:1f:
50:41:7c:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXJeNB60/zJbBAWXlGSpe7iNA7i4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwMTFaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMGMzZDA2Y2UxYjkzMWVmZDk5NTE4YTIxYTkyNWY4N2RjZWM4ZTBjMDAw
OGQ1OWUwZjJhMDg3MmNhYjUwOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvbvEqMVzMLWNbL6ACYCKIfnj8dMNiQSPoPQORsY2w+aSznOmaXnZbSiJSS
6Q7nAn5EPYMnX8/2a4HekOKlylrhKb2UfaA+BGiXoxtO2yt5KHUo1r3LXvmKFOff
EtCiJdcUE74FowCY+c1fm2BIlYjCAGEWfYSoDhpikO+bq0KgYJZcJz56RTsNDOI+
W4nK9W7jBfWWEeSyIkEmZtTNtpoTLJs+aBEHfmdvR8s6BLGy+qrmRN8hU2Ef//eN
VuKaEJhDpx0HHntwy5cyIc0X8AhuM4JyV6+a6amAhXhv+dXpCb78XIulYf4gTg5b
Ap38o+BV5Y8tqQq8WT7ym8geziECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQy6+AV
wdtAyHV0fJbe4F+zfDnjWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjdhOTE5MTAtYTU3Yy00YTA0LThkN2ItNDA0YmNkNWZlY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQBWDEhR8Btn4If2KdjGiwFV+MBprixg4cl52Ii2
w5oOcwLOF++EggQecjePjniJIraOYNwZDleJanEz2ojjkOpuLjqlwu1u5affKTEE
JEJnGE3oGW5WyfempFCSbQsb83wQhAyYx8i8U7Bon4FyANpygv1N+CC26JNyBpJy
tFR4sk5MgTW0QeoYqhKtW5pULadRmiE76F7EsbuwzOMng1jzCfsoAktmrh3GCpre
1az3BOLJIvL7jdNDqmYAnIDld5LXf0Y4EYZhwenFpNdgw6L1zAIsnYXk0b0Pmbf9
ojB630uStQUuITNxm79OlUQHmKo6rltCQ4OO1MguLx9QQXwg
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:59 2025 by rpki-client