Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74829dde-c52b-46c2-8036-0755ebbb7a37.roa
File: 74829dde-c52b-46c2-8036-0755ebbb7a37.roa (raw, json)
Hash identifier: N+H81QUcvx/ddvTvzPCf6T6NOvQC+mauNIt81Wn5mPg=
Subject key identifier: 13:B0:F7:70:73:B6:DB:CF:44:7E:4B:D1:86:FA:52:81:5C:68:20:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5344C9CEDDF668FB276DEFBA658049CE89985710
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74829dde-c52b-46c2-8036-0755ebbb7a37.roa
Signing time: Wed 05 Mar 2025 15:21:29 +0000
ROA not before: Wed 05 Mar 2025 15:21:29 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:44:c9:ce:dd:f6:68:fb:27:6d:ef:ba:65:80:49:ce:89:98:57:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:21:29 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3a:b2:74:1b:56:29:77:64:66:50:e5:9e:28:
fa:ce:6b:a6:db:0d:87:dd:31:f3:76:ba:57:2e:2e:
d8:11:28:08:87:67:a9:c3:76:bb:70:6a:7c:68:c0:
40:a8:b9:f6:9e:df:6c:44:0e:5a:83:b6:b4:1a:07:
b7:ea:cd:05:2c:95:1e:6d:57:21:66:90:26:61:f3:
c4:e8:19:01:0d:c3:cf:37:dc:93:10:19:e1:22:9e:
a4:67:8b:7c:c3:dc:9c:33:46:87:f5:f1:3a:70:5c:
67:73:14:62:c8:a6:a3:a6:00:8a:cc:ec:b4:39:7e:
c0:d8:fc:34:13:e6:5b:9a:27:6c:a6:e0:f6:82:4a:
20:a9:fe:a0:3c:35:1e:37:bd:22:c2:2b:a2:31:e2:
b0:8f:19:17:36:6e:a9:77:0b:07:09:26:88:10:f6:
82:64:7a:cc:b4:9a:62:42:93:09:5b:66:05:6a:09:
fc:1e:9d:85:8d:50:b1:72:25:d9:25:15:2b:7d:de:
16:eb:b8:73:66:b7:ae:08:23:2b:23:c3:1c:59:95:
14:9b:92:7e:1b:70:f3:7f:25:68:d9:a7:31:7b:c3:
a1:e3:0f:cd:62:d2:90:8d:04:19:f4:91:72:9f:30:
b0:e4:bc:ea:d5:d2:9c:bb:9a:04:ae:2b:9c:fb:2b:
85:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B0:F7:70:73:B6:DB:CF:44:7E:4B:D1:86:FA:52:81:5C:68:20:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74829dde-c52b-46c2-8036-0755ebbb7a37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2080::/48
Signature Algorithm: sha256WithRSAEncryption
ac:55:48:bd:ca:83:ee:03:98:87:c0:12:55:b1:38:d0:43:ab:
d4:b8:4c:79:2b:5a:02:43:51:58:94:63:8d:1f:91:ed:83:4f:
dd:20:3a:70:31:ec:9b:28:53:c9:7a:16:70:aa:e1:bc:b8:c1:
1a:1b:23:3b:a2:f4:c2:74:62:54:96:a8:5a:c0:3f:83:87:10:
49:8e:ed:c2:f1:5f:35:86:4e:2b:aa:eb:b2:40:b3:b6:7e:93:
83:77:0e:62:a3:fc:2f:74:f5:f9:74:fd:76:58:6d:e6:95:bd:
3a:da:ca:1b:c7:1f:f7:ad:83:86:3e:32:90:58:10:df:c2:a0:
29:e0:e9:20:5d:68:3f:c5:93:fa:18:72:b1:c6:7d:3c:e0:7e:
3e:07:d6:59:0a:d9:f0:b9:0b:fc:16:71:2f:1c:e8:eb:42:b8:
8a:a1:39:7f:c3:f0:5d:d3:76:6b:aa:32:fe:1f:78:8c:29:4c:
32:f1:68:c7:f5:6f:c7:0d:73:c5:30:70:ee:09:81:81:ef:61:
38:3f:bd:92:97:83:78:9a:59:40:e4:66:b1:07:3e:d5:66:ba:
d3:d3:51:d8:68:cc:ae:87:2c:ec:b3:0d:0c:36:4b:1b:08:44:
6e:77:ad:2b:2c:cc:9b:08:66:b0:b7:d1:16:83:c1:c1:23:d6:
6d:b0:fb:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU0TJzt32aPsnbe+6ZYBJzomYVxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTIxMjlaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZWVjNDhmNjMzM2RmZDA2OGI0NWE1NWEwNTcyMzBkYzViMThmMmIzYjEz
NjgzNGYxYmJjMWFhMjBjNTA4MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ6snQbVil3ZGZQ5Z4o+s5rptsNh90x83a6Vy4u2BEoCIdnqcN2u3BqfGjA
QKi59p7fbEQOWoO2tBoHt+rNBSyVHm1XIWaQJmHzxOgZAQ3DzzfckxAZ4SKepGeL
fMPcnDNGh/XxOnBcZ3MUYsimo6YAiszstDl+wNj8NBPmW5onbKbg9oJKIKn+oDw1
Hje9IsIrojHisI8ZFzZuqXcLBwkmiBD2gmR6zLSaYkKTCVtmBWoJ/B6dhY1QsXIl
2SUVK33eFuu4c2a3rggjKyPDHFmVFJuSfhtw838laNmnMXvDoeMPzWLSkI0EGfSR
cp8wsOS86tXSnLuaBK4rnPsrhfUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQTsPdw
c7bbz0R+S9GG+lKBXGggbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzQ4MjlkZGUtYzUyYi00NmMyLTgwMzYtMDc1NWViYmI3YTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQg
gDANBgkqhkiG9w0BAQsFAAOCAQEArFVIvcqD7gOYh8ASVbE40EOr1LhMeStaAkNR
WJRjjR+R7YNP3SA6cDHsmyhTyXoWcKrhvLjBGhsjO6L0wnRiVJaoWsA/g4cQSY7t
wvFfNYZOK6rrskCztn6Tg3cOYqP8L3T1+XT9dlht5pW9OtrKG8cf962Dhj4ykFgQ
38KgKeDpIF1oP8WT+hhyscZ9POB+PgfWWQrZ8LkL/BZxLxzo60K4iqE5f8PwXdN2
a6oy/h94jClMMvFox/Vvxw1zxTBw7gmBge9hOD+9kpeDeJpZQORmsQc+1Wa609NR
2GjMrocs7LMNDDZLGwhEbnetKyzMmwhmsLfRFoPBwSPWbbD76Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:53 2025 by rpki-client