Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
File: 72da9f02-356c-4664-864e-e60b7c9e874d.roa (raw, json)
Hash identifier: CjZdRYHheOi0Y57prAMUfk1+6VyLJy+/MRB51kGNYxw=
Subject key identifier: 68:34:87:29:9D:CC:BE:79:0E:3F:DD:AD:5B:62:8A:A2:4F:74:39:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D2CEF8F8C74F76A289A4A84C51DACEB980DCF4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
Signing time: Wed 05 Mar 2025 17:11:14 +0000
ROA not before: Wed 05 Mar 2025 17:11:14 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2c:ef:8f:8c:74:f7:6a:28:9a:4a:84:c5:1d:ac:eb:98:0d:cf:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:11:14 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:ad:1a:97:6d:92:ce:7a:56:69:4c:d0:45:
7a:ea:98:37:c5:dc:e7:08:97:be:7b:04:c6:7b:1e:
06:9f:15:19:98:88:04:38:2a:8a:90:7e:20:75:1e:
09:bc:aa:b1:0d:ea:5f:8c:e8:35:49:fa:4e:d6:d4:
a4:71:a6:38:89:2e:1f:78:ba:8a:fb:48:93:26:c1:
fd:67:1a:68:bb:79:9a:a7:0f:75:38:ef:cb:d3:bb:
e1:12:c7:4a:7f:3f:ad:92:45:d6:83:8a:5e:54:13:
9f:b5:eb:ce:d8:d8:1b:cc:41:7f:13:c3:d1:b3:25:
04:85:e2:2d:45:18:32:53:38:d4:6d:d1:6d:28:58:
ba:2a:43:7c:b9:2a:a6:80:8a:5c:3d:19:13:54:58:
ea:be:a8:1a:70:b6:24:06:af:2b:71:a9:f8:6a:a2:
61:d3:0c:87:c3:64:e6:99:52:ac:ec:b7:4d:43:c2:
44:21:3e:63:c5:44:c2:f0:55:3c:ac:d0:27:0d:af:
81:a4:09:e8:a7:7a:f3:5e:09:90:13:82:c6:23:58:
94:05:29:74:b9:52:9c:fc:57:fc:d4:eb:d6:1f:7b:
0a:ca:c8:99:03:66:27:fb:57:8b:2e:25:69:88:41:
dd:6b:16:0c:34:17:aa:30:3a:be:00:09:55:2f:00:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:34:87:29:9D:CC:BE:79:0E:3F:DD:AD:5B:62:8A:A2:4F:74:39:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c040::/46
Signature Algorithm: sha256WithRSAEncryption
25:8f:b9:1b:80:a1:5b:31:19:6c:9a:a1:f6:25:b0:8b:68:9a:
f4:69:20:36:04:2e:8a:b4:ab:cf:b1:82:77:37:65:d5:db:63:
1d:38:14:62:6a:b4:e4:a2:d8:dd:e4:a1:8e:68:e9:61:59:71:
e8:f4:36:84:a8:2d:54:8e:f4:23:89:d0:64:10:c9:ce:2e:8d:
b2:85:0e:ff:0f:a9:45:d3:22:c1:6b:06:75:84:67:13:b8:2a:
82:76:98:86:74:e0:54:27:97:ce:87:b2:80:ac:2a:6b:c2:34:
ff:76:19:a6:77:ac:67:6e:19:6d:eb:fd:22:1a:33:0a:7c:45:
50:57:62:37:03:ef:7c:d9:ff:23:0e:a2:7f:b8:3a:16:a1:72:
bc:d8:0e:3b:1c:07:b5:40:e6:bb:78:5b:49:f6:89:0b:8a:98:
6c:15:bc:fa:dc:5a:09:f9:b8:16:1f:60:3a:4d:48:45:33:e5:
ba:45:8d:8d:52:9d:c9:e3:ad:78:d9:04:44:60:76:f7:ce:ef:
90:1e:78:3c:b9:1d:db:3b:b3:fc:ed:cb:98:98:41:bf:51:d5:
6a:4e:62:b1:78:1a:28:ae:76:b4:ed:b0:8f:e8:1b:d6:f5:77:
ce:c2:9c:f3:d2:88:3b:6c:b1:28:9c:70:2f:f2:1c:52:89:26:
4f:8a:f1:ef
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDSzvj4x092oomkqExR2s65gNz0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzExMTRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YjI2OTVjOTFjMWQ5NzQ1OWFmNDM4YmQ3NjZhMjNjZjc1MjZkOWVhMjgw
NTdkNDdmNjhmMTI5MmY2YmJjZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk5rRqXbZLOelZpTNBFeuqYN8Xc5wiXvnsExnseBp8VGZiIBDgqipB+IHUe
CbyqsQ3qX4zoNUn6TtbUpHGmOIkuH3i6ivtIkybB/WcaaLt5mqcPdTjvy9O74RLH
Sn8/rZJF1oOKXlQTn7XrztjYG8xBfxPD0bMlBIXiLUUYMlM41G3RbShYuipDfLkq
poCKXD0ZE1RY6r6oGnC2JAavK3Gp+GqiYdMMh8Nk5plSrOy3TUPCRCE+Y8VEwvBV
PKzQJw2vgaQJ6Kd6814JkBOCxiNYlAUpdLlSnPxX/NTr1h97CsrImQNmJ/tXiy4l
aYhB3WsWDDQXqjA6vgAJVS8AR6ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoNIcp
ncy+eQ4/3a1bYoqiT3Q5FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJkYTlmMDItMzU2Yy00NjY0LTg2NGUtZTYwYjdjOWU4NzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
QDANBgkqhkiG9w0BAQsFAAOCAQEAJY+5G4ChWzEZbJqh9iWwi2ia9GkgNgQuirSr
z7GCdzdl1dtjHTgUYmq05KLY3eShjmjpYVlx6PQ2hKgtVI70I4nQZBDJzi6NsoUO
/w+pRdMiwWsGdYRnE7gqgnaYhnTgVCeXzoeygKwqa8I0/3YZpnesZ24Zbev9Ihoz
CnxFUFdiNwPvfNn/Iw6if7g6FqFyvNgOOxwHtUDmu3hbSfaJC4qYbBW8+txaCfm4
Fh9gOk1IRTPlukWNjVKdyeOteNkERGB2987vkB54PLkd2zuz/O3LmJhBv1HVak5i
sXgaKK52tO2wj+gb1vV3zsKc89KIO2yxKJxwL/IcUokmT4rx7w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:33 2025 by rpki-client