Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
File: 6cba8379-da94-4697-867f-03730e03e9ac.roa (raw, json)
Hash identifier: 4CUuRZYi0e1PGnoc+iZXrdIT5JJb0zRpjyeb/FXHBVI=
Subject key identifier: BB:33:89:45:46:05:BA:02:ED:EF:5B:13:93:EA:23:E3:9E:BC:C9:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67F81B2C02F4B4BC944476EEBB90B9ABFDA625CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
Signing time: Wed 05 Mar 2025 17:11:33 +0000
ROA not before: Wed 05 Mar 2025 17:11:33 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f8:1b:2c:02:f4:b4:bc:94:44:76:ee:bb:90:b9:ab:fd:a6:25:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:11:33 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:54:1f:ff:2b:3f:f0:7b:2d:93:96:27:79:89:
32:3b:3c:8b:60:ec:13:da:56:88:ad:90:4b:f0:61:
96:20:ec:43:97:00:73:be:8d:69:c0:03:d0:00:2a:
cf:6e:79:fa:56:e2:fb:fd:b4:1b:b7:b1:f5:66:1a:
ad:f7:5c:d1:f3:3d:1c:ed:e4:b7:b7:1f:4a:53:2b:
20:b8:1c:a4:83:d7:f0:ca:2c:28:79:f5:63:d3:8e:
60:e3:04:49:57:97:f9:7c:72:16:5f:a9:b3:5f:db:
12:d3:26:33:4e:00:67:9c:d6:ac:6e:9a:a6:cf:9d:
b5:aa:c2:7e:fa:27:b5:b2:20:40:8c:47:7c:20:b9:
5d:44:9b:40:5d:30:b1:3a:f4:fa:46:25:10:2f:c7:
d3:50:51:9e:d2:3a:2a:39:29:7f:96:9a:88:ce:e1:
28:ac:dd:fb:a7:33:3e:21:3f:9d:f5:80:ec:12:37:
99:a1:82:b6:e1:a7:38:8a:a1:11:cc:b5:14:15:88:
0d:f9:1c:a8:df:36:4b:07:b7:47:8f:20:f1:4e:64:
68:03:6c:14:e1:d7:b5:96:8f:7e:2b:c6:e6:ea:d7:
e2:c4:85:24:65:d1:0c:4e:d6:29:89:56:81:12:74:
5b:a1:b8:d3:db:cd:7a:6e:90:3a:50:cf:b0:0a:bc:
10:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:33:89:45:46:05:BA:02:ED:EF:5B:13:93:EA:23:E3:9E:BC:C9:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
98:34:95:2a:2e:64:b5:88:8f:d9:fe:c9:3e:dd:d1:0b:80:56:
a9:90:72:97:f9:d4:c1:5f:93:91:25:99:90:fd:b1:d4:35:c0:
99:2a:6d:9d:c7:c1:90:ea:2f:d5:c9:94:08:ec:49:06:c1:e9:
9b:5d:7c:22:77:ac:75:02:14:5b:2c:8b:53:4b:8b:7e:9f:e0:
6b:5c:aa:c5:32:f1:52:31:28:35:c0:f5:83:55:82:07:ac:85:
c5:05:fb:67:7e:49:c9:bb:51:56:ae:62:27:97:a6:2f:7e:5f:
f4:ea:08:96:a4:63:26:1a:24:ae:75:db:9a:ce:6f:3f:9a:eb:
72:56:1a:61:cb:98:1b:2f:2b:dc:9b:b5:63:09:4e:f0:a2:21:
ce:a2:ae:a6:b2:09:90:03:be:f5:4e:ca:07:88:f6:0d:c9:0a:
97:c7:3e:42:35:ef:48:92:83:81:a1:1b:61:6a:4f:6f:43:10:
27:79:ad:24:2b:21:bb:c1:77:4d:c7:6d:6a:c1:2c:15:aa:79:
ce:ee:a5:68:80:b5:a1:c2:7c:e5:8c:df:bf:fe:f6:29:b0:d8:
a3:28:a6:c7:58:9c:96:5c:7d:28:6b:36:2e:dc:e7:fa:60:50:
b7:05:6d:60:83:d0:87:65:a1:f5:18:ef:80:61:56:23:82:fa:
2f:28:57:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ/gbLAL0tLyURHbuu5C5q/2mJc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzExMzNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5ODUwNzAwMGJhOTc4N2U4ZWUxYzgwODk4MTIyZWE5NGMwMWIwM2M1N2Y0
ZDc1ZDMzZjgwYjNkYzhlNTk3ODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhUH/8rP/B7LZOWJ3mJMjs8i2DsE9pWiK2QS/BhliDsQ5cAc76NacAD0AAq
z255+lbi+/20G7ex9WYarfdc0fM9HO3kt7cfSlMrILgcpIPX8MosKHn1Y9OOYOME
SVeX+XxyFl+ps1/bEtMmM04AZ5zWrG6aps+dtarCfvontbIgQIxHfCC5XUSbQF0w
sTr0+kYlEC/H01BRntI6Kjkpf5aaiM7hKKzd+6czPiE/nfWA7BI3maGCtuGnOIqh
Ecy1FBWIDfkcqN82Swe3R48g8U5kaANsFOHXtZaPfivG5urX4sSFJGXRDE7WKYlW
gRJ0W6G409vNem6QOlDPsAq8EIUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7M4lF
RgW6Au3vWxOT6iPjnrzJTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmNiYTgzNzktZGE5NC00Njk3LTg2N2YtMDM3MzBlMDNlOWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCYNJUqLmS1iI/Z/sk+3dELgFapkHKX+dTBX5OR
JZmQ/bHUNcCZKm2dx8GQ6i/VyZQI7EkGwembXXwid6x1AhRbLItTS4t+n+BrXKrF
MvFSMSg1wPWDVYIHrIXFBftnfknJu1FWrmInl6Yvfl/06giWpGMmGiSudduazm8/
mutyVhphy5gbLyvcm7VjCU7woiHOoq6msgmQA771TsoHiPYNyQqXxz5CNe9IkoOB
oRthak9vQxAnea0kKyG7wXdNx21qwSwVqnnO7qVogLWhwnzljN+//vYpsNijKKbH
WJyWXH0oazYu3Of6YFC3BW1gg9CHZaH1GO+AYVYjgvovKFfJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:26 2025 by rpki-client