Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
File: 73488a43-875c-415a-9969-c278b245b9fb.roa (raw, json)
Hash identifier: BB10nSpJ8MNBQO1qnaTWIZZjE09TiAMQO9eCIzrCSK8=
Subject key identifier: 01:FB:24:3D:62:75:08:6B:69:C6:87:52:51:16:EC:2D:DA:22:CC:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 183ED1E2509F1977BE05B09901CC641B8C6B1701
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
Signing time: Wed 05 Mar 2025 17:00:24 +0000
ROA not before: Wed 05 Mar 2025 17:00:24 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:3e:d1:e2:50:9f:19:77:be:05:b0:99:01:cc:64:1b:8c:6b:17:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:24 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bd:44:08:3c:d5:f7:6d:dd:03:ff:eb:07:28:
09:ff:86:34:d0:dd:eb:50:b1:43:35:ad:af:85:e8:
5d:ba:7f:bb:74:3c:75:a3:e0:fc:79:b6:e3:d4:9f:
bb:59:ca:d7:a3:25:40:bb:38:54:f2:62:93:03:3f:
27:90:09:e0:e6:60:04:e5:52:a1:eb:30:42:11:c6:
04:96:73:a3:26:a7:8c:f1:0f:08:cb:cd:1b:26:0e:
0c:d9:a7:6f:e9:34:b3:77:ed:46:cb:96:48:2c:04:
9c:b1:a2:5f:3f:9f:92:82:a6:6d:cb:85:2a:0f:8a:
ce:e2:8e:3b:04:af:86:a0:2a:56:dc:88:51:0c:29:
1a:fb:59:ae:38:b4:ae:b0:40:97:15:5e:e1:c8:27:
57:cf:66:66:d2:38:e2:c2:ed:92:c8:d6:68:50:78:
ce:33:b8:60:ac:c4:aa:22:04:cf:ab:46:a4:ca:60:
e2:29:d8:fa:12:27:b7:02:e0:e2:5c:dc:bf:88:e1:
e2:4d:70:96:c7:67:8b:39:91:fa:b4:23:09:93:54:
25:91:2e:57:f0:47:df:ac:3d:20:f5:cd:cc:bc:f1:
61:96:08:ed:37:69:dd:b6:9c:25:35:23:29:e5:1a:
1d:22:fb:dd:f9:ce:d0:72:bd:12:83:9b:07:36:f9:
3c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FB:24:3D:62:75:08:6B:69:C6:87:52:51:16:EC:2D:DA:22:CC:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e080::/48
Signature Algorithm: sha256WithRSAEncryption
b6:94:6b:7c:c9:c1:07:80:41:7a:2c:10:45:98:c6:a6:39:01:
7f:29:77:57:0e:ac:ad:de:5c:18:78:83:63:55:d6:7c:b4:e5:
ae:8e:cd:20:6e:e0:39:04:2f:d3:d0:b8:bb:1b:97:e4:22:42:
9a:b1:0a:9f:01:1c:3f:75:b9:1d:98:22:dd:ca:1e:cd:ab:e7:
a7:82:e0:c4:49:f3:35:88:6b:30:1e:e5:ce:4e:8d:57:50:e1:
37:17:3e:fa:4c:34:d7:a8:a3:bc:34:e4:4d:a4:b8:76:13:2b:
4c:de:32:02:61:86:de:4b:32:cc:18:19:8c:56:c7:42:3c:92:
f0:b2:4f:b1:5f:19:51:2f:b6:ac:4b:7f:61:63:06:3a:f9:84:
cd:85:ca:c5:43:02:f3:1f:c6:37:56:74:58:65:7e:87:ee:2b:
d9:54:d6:6c:2c:1a:44:9f:04:a7:f6:bc:cb:c9:c7:cc:e5:de:
67:bb:ba:7d:f7:ee:63:4c:66:04:c0:bf:75:3a:67:97:c4:1c:
c1:c6:38:5b:f3:ef:3c:d0:53:7b:4e:79:f4:d4:3c:a6:84:6f:
91:48:54:6b:97:65:3d:78:35:56:ae:0c:87:2d:00:3c:29:72:
57:2e:fd:6d:0b:62:24:c7:18:8f:b3:90:b0:a7:6a:0a:07:6e:
0d:a1:e1:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGD7R4lCfGXe+BbCZAcxkG4xrFwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMjRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMDVjNmQ1NjAwMDZkMDk4ZDc5NzJlN2VmNzdhYzdkYjI1OGM2YWY1ZTQx
ZDFhMWVkYjc4NTFkN2EzNDc3MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIa9RAg81fdt3QP/6wcoCf+GNNDd61CxQzWtr4XoXbp/u3Q8daPg/Hm249Sf
u1nK16MlQLs4VPJikwM/J5AJ4OZgBOVSoeswQhHGBJZzoyanjPEPCMvNGyYODNmn
b+k0s3ftRsuWSCwEnLGiXz+fkoKmbcuFKg+KzuKOOwSvhqAqVtyIUQwpGvtZrji0
rrBAlxVe4cgnV89mZtI44sLtksjWaFB4zjO4YKzEqiIEz6tGpMpg4inY+hIntwLg
4lzcv4jh4k1wlsdnizmR+rQjCZNUJZEuV/BH36w9IPXNzLzxYZYI7Tdp3bacJTUj
KeUaHSL73fnO0HK9EoObBzb5PH0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQB+yQ9
YnUIa2nGh1JRFuwt2iLMxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM0ODhhNDMtODc1Yy00MTVhLTk5NjktYzI3OGIyNDViOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
gDANBgkqhkiG9w0BAQsFAAOCAQEAtpRrfMnBB4BBeiwQRZjGpjkBfyl3Vw6srd5c
GHiDY1XWfLTlro7NIG7gOQQv09C4uxuX5CJCmrEKnwEcP3W5HZgi3coezavnp4Lg
xEnzNYhrMB7lzk6NV1DhNxc++kw016ijvDTkTaS4dhMrTN4yAmGG3ksyzBgZjFbH
QjyS8LJPsV8ZUS+2rEt/YWMGOvmEzYXKxUMC8x/GN1Z0WGV+h+4r2VTWbCwaRJ8E
p/a8y8nHzOXeZ7u6fffuY0xmBMC/dTpnl8QcwcY4W/PvPNBTe0559NQ8poRvkUhU
a5dlPXg1Vq4Mhy0APClyVy79bQtiJMcYj7OQsKdqCgduDaHhFA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:47 2025 by rpki-client