Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: gyoChaVa2LQeIqNK1NBb/xXlBvQuAT7l74zomFFhyWA=
Subject key identifier: 16:61:90:AF:D6:72:15:65:68:4D:A5:DC:78:71:A8:6D:68:16:CF:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 106F0DB571939733866DB8549284B4119C1B291D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Wed 05 Mar 2025 15:00:10 +0000
ROA not before: Wed 05 Mar 2025 15:00:10 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:6f:0d:b5:71:93:97:33:86:6d:b8:54:92:84:b4:11:9c:1b:29:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:00:10 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:37:0e:1d:18:57:a9:6e:f6:17:93:96:0d:
28:65:ce:31:40:d4:32:41:b0:04:63:fa:fa:09:8e:
85:e5:80:cf:ac:06:b4:01:62:1a:b8:92:f1:9e:cb:
a6:fb:f0:38:03:e3:c2:f5:5e:83:35:ea:69:1a:f5:
03:19:24:fe:34:0a:80:67:4a:5c:28:3f:44:05:b2:
ec:6b:be:3c:2d:a2:4f:fe:51:86:77:2e:73:8c:bc:
e1:5f:86:68:8c:28:08:44:ec:a3:fc:64:cd:62:57:
a5:ee:94:cb:33:f8:d8:f6:61:e2:cb:ca:b8:35:0b:
e3:e8:93:5f:c5:42:ec:36:ae:36:f0:8e:78:bb:43:
a5:5b:36:4c:a2:69:8e:6d:31:72:25:ff:03:f0:88:
65:0b:ff:4a:d5:e6:23:27:ee:ee:66:6e:36:ba:6a:
ae:e0:27:19:2d:d8:b5:38:b3:5a:cc:30:f9:86:16:
17:38:fd:e5:7b:61:7e:ca:88:28:40:46:6b:41:d1:
ba:66:e8:51:c9:58:0a:6f:46:7c:79:f4:7a:d4:10:
f4:64:b1:87:1b:42:77:9c:8c:9b:ec:a4:32:d5:19:
44:25:25:72:0f:8d:4c:af:22:fb:0e:28:e2:6c:5c:
fc:35:c6:24:59:ba:22:c9:b5:d8:ed:74:45:d0:f8:
43:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:61:90:AF:D6:72:15:65:68:4D:A5:DC:78:71:A8:6D:68:16:CF:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
48:10:bf:af:63:0d:7e:10:1f:d6:32:5f:d7:ec:dc:84:4e:9f:
dc:eb:88:93:52:4c:0b:1f:82:0c:44:66:0b:36:0b:3f:a9:61:
31:e6:57:a3:4b:ae:55:3b:e1:66:27:86:61:36:d7:94:63:aa:
3c:90:4b:51:d1:43:68:2e:5b:84:a1:4b:7c:cd:42:c5:04:15:
e7:9b:e5:ce:90:60:19:c2:57:53:14:02:fe:46:d4:7b:d8:df:
c7:07:d8:16:40:0e:0a:7c:e2:c7:28:c7:a6:06:db:99:7e:b4:
9d:03:29:85:18:5b:52:6d:c2:8b:fc:d2:a2:06:55:7c:45:64:
fd:0c:4a:1e:23:ea:06:a7:40:d2:5d:57:28:a6:49:ed:8b:2e:
a7:92:1d:39:75:7c:dc:6e:1a:0f:05:19:d6:99:17:b4:01:ea:
d0:d7:10:02:39:51:da:93:e0:45:e8:6c:44:0c:00:77:82:13:
8e:1a:e6:69:00:a1:70:80:d4:9d:3e:5e:59:5a:0f:53:3e:23:
e3:9c:89:64:2d:3d:7d:19:2b:82:04:47:e5:df:5f:ad:7e:61:
89:2a:17:06:b3:3d:e6:bd:85:f4:f0:af:c1:05:2d:99:64:bd:
91:a9:e2:0a:20:b7:95:2b:15:d7:8b:59:0d:95:b1:42:9b:7b:
85:7f:04:1b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEG8NtXGTlzOGbbhUkoS0EZwbKR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTAwMTBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNWU1OWNhZWViYjYyMTJjZTliYTk0YmZmNGZlMzdiYjM1YmEwYTU2MDAy
Y2Q2ZWQ4OGUwMGE0YzM2Y2M4MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzFNw4dGFepbvYXk5YNKGXOMUDUMkGwBGP6+gmOheWAz6wGtAFiGriS8Z7L
pvvwOAPjwvVegzXqaRr1Axkk/jQKgGdKXCg/RAWy7Gu+PC2iT/5Rhncuc4y84V+G
aIwoCETso/xkzWJXpe6UyzP42PZh4svKuDUL4+iTX8VC7DauNvCOeLtDpVs2TKJp
jm0xciX/A/CIZQv/StXmIyfu7mZuNrpqruAnGS3YtTizWsww+YYWFzj95XthfsqI
KEBGa0HRumboUclYCm9GfHn0etQQ9GSxhxtCd5yMm+ykMtUZRCUlcg+NTK8i+w4o
4mxc/DXGJFm6Ism12O10RdD4Q4sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWYZCv
1nIVZWhNpdx4cahtaBbPWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEASBC/r2MNfhAf1jJf1+zchE6f3OuIk1JMCx+C
DERmCzYLP6lhMeZXo0uuVTvhZieGYTbXlGOqPJBLUdFDaC5bhKFLfM1CxQQV55vl
zpBgGcJXUxQC/kbUe9jfxwfYFkAOCnzixyjHpgbbmX60nQMphRhbUm3Ci/zSogZV
fEVk/QxKHiPqBqdA0l1XKKZJ7Ysup5IdOXV83G4aDwUZ1pkXtAHq0NcQAjlR2pPg
RehsRAwAd4ITjhrmaQChcIDUnT5eWVoPUz4j45yJZC09fRkrggRH5d9frX5hiSoX
BrM95r2F9PCvwQUtmWS9kaniCiC3lSsV14tZDZWxQpt7hX8EGw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:28:59 2025 by rpki-client