Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: /iYn/jD6hYy1t2MaHvFUBmZ63riFD88uwTgEI0rjLJ4=
Subject key identifier: 60:A9:72:E9:42:0D:17:64:6F:D2:1D:CE:B9:AF:6A:FA:C3:8E:AA:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C18C2C227024621D921E534E3416449CDDD3B9B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Wed 05 Mar 2025 16:00:51 +0000
ROA not before: Wed 05 Mar 2025 16:00:51 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:18:c2:c2:27:02:46:21:d9:21:e5:34:e3:41:64:49:cd:dd:3b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:00:51 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9e:6e:d8:83:66:1e:8d:6a:03:7c:b9:51:de:
0c:ad:97:90:cf:f1:e3:ff:ea:2b:15:e3:c1:5d:aa:
73:fc:65:44:ca:ed:a5:5a:19:a7:d6:98:17:83:00:
ce:a1:1c:86:5f:a1:c6:f0:e4:93:f8:2b:c9:3f:61:
3c:70:a9:eb:41:43:6e:57:5c:61:6f:71:bf:0b:7f:
42:96:a8:78:49:0f:ed:4c:5d:ef:36:0d:7f:2d:c7:
d4:c8:ac:9d:76:9c:f9:60:db:a9:f9:ba:e5:19:7c:
1d:04:78:d8:fd:b3:ca:e9:c1:55:72:15:65:43:2a:
8a:e1:16:49:d2:37:ff:c7:36:8c:59:cc:aa:a9:50:
37:c1:21:2d:f9:27:47:ed:22:6a:b5:66:7a:fc:64:
f9:19:7d:fe:14:f9:ec:92:f1:c2:b5:a0:3c:67:b7:
32:28:26:7d:6a:b9:aa:7a:13:bf:7d:d1:e4:d0:bc:
16:c5:67:c5:f5:f3:cf:24:c6:57:86:32:fa:83:33:
49:54:e3:83:f6:80:b4:b9:2f:31:51:05:ea:a5:cf:
20:b1:28:f1:55:1e:c5:f3:5c:00:f4:f4:c8:cc:84:
63:bb:05:e3:6a:49:a7:76:52:1b:77:28:f8:1d:00:
16:28:42:09:07:0b:6a:23:d3:7f:3e:6f:4a:18:42:
a0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A9:72:E9:42:0D:17:64:6F:D2:1D:CE:B9:AF:6A:FA:C3:8E:AA:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:4c:53:0f:81:3f:08:9e:ea:65:58:12:73:bc:a2:7d:a6:27:
a5:58:2f:aa:04:bc:23:10:0f:80:0f:51:41:4c:d6:08:66:84:
13:e8:ce:dd:2f:94:a4:5e:26:23:e7:3a:17:6e:06:96:fb:ba:
f1:5c:ec:ac:60:5e:47:da:02:a9:fa:ae:dc:26:25:2b:1c:40:
c8:d6:31:4c:95:8e:06:90:7c:0d:0f:a1:c4:55:31:5a:cc:db:
96:1f:51:a4:56:bb:71:c1:6c:4d:d9:db:26:3b:b3:42:85:80:
e0:e9:c3:0e:18:e7:2a:de:ff:f3:33:3a:85:b0:2d:e9:0a:ed:
e4:d7:da:55:a9:b0:42:16:e0:96:b3:bc:07:ce:0b:85:01:f1:
ca:75:78:16:35:42:36:82:9a:4b:04:43:be:9a:1b:06:e9:b3:
95:8b:fc:3f:6d:6d:0f:db:fa:b8:b9:4c:2f:e5:28:25:c8:37:
47:02:f1:76:b3:b7:cc:14:b0:0f:e0:b9:a5:0f:a1:82:79:c9:
96:47:7d:c3:b5:fa:7f:6b:3f:ba:4e:1d:71:f2:96:1f:99:de:
4c:88:f8:1d:77:c0:8a:83:25:23:94:c0:6a:81:08:b7:f4:1c:
00:a4:89:af:17:7f:55:5e:ed:c9:02:87:ce:26:47:ca:94:30:
be:97:c6:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHBjCwicCRiHZIeU040FkSc3dO5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjAwNTFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYmJhZTkzZjViNDdlZTUwOGI3NzU3MzI0Y2FiOGUxYTdkMDAyOTI2YjQ4
OTVmMWRkNDFkODYyNGE0MDIzNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSebtiDZh6NagN8uVHeDK2XkM/x4//qKxXjwV2qc/xlRMrtpVoZp9aYF4MA
zqEchl+hxvDkk/gryT9hPHCp60FDbldcYW9xvwt/QpaoeEkP7Uxd7zYNfy3H1Mis
nXac+WDbqfm65Rl8HQR42P2zyunBVXIVZUMqiuEWSdI3/8c2jFnMqqlQN8EhLfkn
R+0iarVmevxk+Rl9/hT57JLxwrWgPGe3MigmfWq5qnoTv33R5NC8FsVnxfXzzyTG
V4Yy+oMzSVTjg/aAtLkvMVEF6qXPILEo8VUexfNcAPT0yMyEY7sF42pJp3ZSG3co
+B0AFihCCQcLaiPTfz5vShhCoLcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgqXLp
Qg0XZG/SHc65r2r6w46q3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBaTFMPgT8InuplWBJzvKJ9pielWC+qBLwjEA+A
D1FBTNYIZoQT6M7dL5SkXiYj5zoXbgaW+7rxXOysYF5H2gKp+q7cJiUrHEDI1jFM
lY4GkHwND6HEVTFazNuWH1GkVrtxwWxN2dsmO7NChYDg6cMOGOcq3v/zMzqFsC3p
Cu3k19pVqbBCFuCWs7wHzguFAfHKdXgWNUI2gppLBEO+mhsG6bOVi/w/bW0P2/q4
uUwv5SglyDdHAvF2s7fMFLAP4LmlD6GCecmWR33Dtfp/az+6Th1x8pYfmd5MiPgd
d8CKgyUjlMBqgQi39BwApImvF39VXu3JAofOJkfKlDC+l8Zw
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:34 2025 by rpki-client