Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: 36A36McTdszoGfpr59pe4FHSBuqnje8VbZdfH59w+pA=
Subject key identifier: 52:D0:F8:A5:65:86:F6:9C:97:BD:32:95:F2:EA:32:F8:00:E8:50:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CB7D9ACE1503FD22EFA547CDF0B73E6868A12F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Wed 05 Mar 2025 17:00:26 +0000
ROA not before: Wed 05 Mar 2025 17:00:26 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b7:d9:ac:e1:50:3f:d2:2e:fa:54:7c:df:0b:73:e6:86:8a:12:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:26 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c1:ae:71:52:6f:ba:46:03:21:6d:46:85:60:
b3:ce:34:9b:fc:e1:49:3b:22:55:9a:7b:4c:2b:cb:
ec:a5:3c:02:f4:36:07:64:05:64:b0:93:cd:c8:50:
52:92:74:13:09:1d:a5:66:71:23:fb:97:e9:c1:af:
42:0c:06:79:37:d1:d1:8f:62:fa:96:ef:4a:fa:bf:
bc:82:c7:27:ff:dc:a0:84:a7:46:9a:56:c7:31:34:
b3:86:0d:3b:37:b7:ba:8a:5d:94:05:59:04:21:8d:
ea:95:e7:53:bd:fe:2a:01:ed:dc:01:6a:c3:85:b6:
7c:dd:5e:ae:85:18:4b:43:63:2b:de:12:15:d2:e3:
91:99:77:9a:37:0e:d6:87:b9:c4:95:ae:3f:ce:02:
18:75:84:eb:8a:87:2c:9f:aa:7d:73:62:51:36:2a:
9f:bf:3e:5e:1a:55:2f:91:e6:78:d3:f9:d3:e2:77:
34:e1:c5:5b:76:a9:5f:4f:6f:67:33:8e:fa:a7:67:
a6:79:c4:b7:5e:7c:fa:70:d7:6d:4f:d6:15:a1:6f:
f5:99:b7:6d:7a:1d:80:af:1d:a5:b0:8f:ea:c4:c5:
8c:ad:c7:e1:40:26:5c:0e:ad:d0:b8:22:e5:90:fb:
78:a4:68:89:98:1d:8c:d2:c7:ec:78:44:97:0e:77:
25:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D0:F8:A5:65:86:F6:9C:97:BD:32:95:F2:EA:32:F8:00:E8:50:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
82:08:ce:9d:82:de:29:5a:7a:ee:05:d4:de:b3:13:1b:6f:35:
e9:c8:4b:88:90:8b:e1:b2:b3:1b:cc:24:2c:11:a7:ef:86:c2:
ce:e3:11:02:43:ef:94:84:88:9c:7c:2c:a8:1a:61:b1:17:5c:
b7:df:90:70:9f:63:35:3a:5c:b6:48:a1:10:c2:99:3f:1a:79:
b8:84:cb:85:a7:30:24:68:1c:b1:ba:f4:c8:cd:56:cd:9a:47:
fb:83:0e:2d:53:db:c4:4e:62:1e:d9:62:52:c2:a6:3c:01:eb:
a0:70:92:33:e4:1f:95:15:de:75:4b:e9:ca:fc:42:fe:a5:9e:
4d:b7:66:ce:98:be:e1:76:5e:48:67:d5:31:8b:99:f5:61:a8:
64:01:22:73:97:11:52:7b:53:d7:25:ab:cb:ac:46:8c:e2:05:
03:b5:8a:5a:72:ba:9e:a1:0e:26:8c:ea:31:1a:75:5b:6e:d1:
ac:6c:c8:36:56:ec:6a:fd:46:91:3d:38:35:e7:0c:28:90:ea:
41:1d:6c:2b:d7:60:c8:e4:b3:aa:f9:df:47:bc:e6:53:c1:12:
49:e3:f3:ad:e7:1f:8a:e1:50:be:ab:85:5a:b4:c3:13:2d:03:
f0:b6:0f:45:a5:05:31:8e:8b:ba:c3:bd:fd:9a:96:aa:d9:1b:
b9:d7:33:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDLfZrOFQP9Iu+lR83wtz5oaKEvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMjZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YTRiYzQ4MDNjMTg4MDM0ZDU1NDU1MmRkM2VjYTk0OGY3MzJhYTVkOWVl
ZDU2MzFjZWFjZWU2MzNhN2M4MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHBrnFSb7pGAyFtRoVgs840m/zhSTsiVZp7TCvL7KU8AvQ2B2QFZLCTzchQ
UpJ0EwkdpWZxI/uX6cGvQgwGeTfR0Y9i+pbvSvq/vILHJ//coISnRppWxzE0s4YN
Oze3uopdlAVZBCGN6pXnU73+KgHt3AFqw4W2fN1eroUYS0NjK94SFdLjkZl3mjcO
1oe5xJWuP84CGHWE64qHLJ+qfXNiUTYqn78+XhpVL5HmeNP50+J3NOHFW3apX09v
ZzOO+qdnpnnEt158+nDXbU/WFaFv9Zm3bXodgK8dpbCP6sTFjK3H4UAmXA6t0Lgi
5ZD7eKRoiZgdjNLH7HhElw53JW8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRS0Pil
ZYb2nJe9MpXy6jL4AOhQTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAggjOnYLeKVp67gXU3rMTG2816chLiJCL4bKz
G8wkLBGn74bCzuMRAkPvlISInHwsqBphsRdct9+QcJ9jNTpctkihEMKZPxp5uITL
hacwJGgcsbr0yM1WzZpH+4MOLVPbxE5iHtliUsKmPAHroHCSM+QflRXedUvpyvxC
/qWeTbdmzpi+4XZeSGfVMYuZ9WGoZAEic5cRUntT1yWry6xGjOIFA7WKWnK6nqEO
JozqMRp1W27RrGzINlbsav1GkT04NecMKJDqQR1sK9dgyOSzqvnfR7zmU8ESSePz
recfiuFQvquFWrTDEy0D8LYPRaUFMY6LusO9/ZqWqtkbudczcg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:33 2025 by rpki-client