Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
File: 7665346b-5715-4d4a-9ee7-32affc669e92.roa (raw, json)
Hash identifier: LY/9DZtus71Ne10OQg+jqqJektbwbJvpcNMbFKrJihE=
Subject key identifier: DA:AE:CA:03:C4:EB:75:0C:8E:F7:32:6C:05:CE:F1:6A:85:AE:32:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28B1708DE685739C1ABDDE1C236090340BE6F91E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
Signing time: Tue 04 Mar 2025 23:50:10 +0000
ROA not before: Tue 04 Mar 2025 23:50:10 +0000
ROA not after: Tue 08 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b1:70:8d:e6:85:73:9c:1a:bd:de:1c:23:60:90:34:0b:e6:f9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 4 23:50:10 2025 GMT
Not After : Apr 8 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:d6:1f:2a:f5:d0:02:c0:a5:01:18:15:76:
5d:fb:e7:e3:aa:f6:f2:df:d3:94:c7:ec:79:29:d8:
2a:30:30:26:90:ea:01:e0:7c:8b:6e:84:ce:e0:2f:
d3:09:a3:a8:b4:bd:98:f0:77:d1:67:ce:66:68:53:
2d:1f:9a:af:b8:5d:2b:54:ec:ca:4d:02:aa:d2:5e:
a7:ad:b8:79:c9:93:1d:1d:d3:40:f8:f3:a0:84:8e:
9a:d3:9f:15:b6:d6:a2:bd:0e:41:65:ed:fd:fe:bf:
a1:e5:51:d0:9a:2e:80:47:89:a0:00:03:f7:03:6f:
f5:ce:12:70:54:4b:d0:2a:b5:6f:08:97:d5:a2:33:
16:08:22:96:e1:34:27:d4:32:3d:8e:b4:f0:1b:c0:
ee:83:e3:b8:80:4e:26:80:a8:5e:bc:08:30:34:ab:
b3:dd:3a:e6:6d:ab:d2:a0:d0:c0:6a:2f:df:cb:02:
34:73:98:6f:fb:5d:b8:a9:10:2e:8d:2f:f6:5d:e8:
eb:58:77:aa:4e:8a:cd:b3:f1:93:71:de:78:c9:9e:
1e:87:b1:38:cc:64:8c:49:2a:7a:b1:6f:f8:a8:4a:
82:68:16:d7:21:47:f4:88:47:ce:c6:80:88:3c:21:
e0:31:b5:da:32:94:11:9c:df:56:a5:05:a4:70:87:
a6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AE:CA:03:C4:EB:75:0C:8E:F7:32:6C:05:CE:F1:6A:85:AE:32:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2040::/48
Signature Algorithm: sha256WithRSAEncryption
2c:ee:36:6b:b6:87:f3:ae:bf:06:d5:04:1b:1b:aa:38:18:7c:
9a:a4:e0:78:50:64:bc:de:d4:af:ac:09:78:dd:93:ae:10:f7:
0c:32:62:4a:1e:05:de:53:2f:82:1d:15:8b:c9:44:a2:69:0e:
e7:93:c3:b8:80:86:47:a7:80:cb:54:0c:30:70:92:a1:02:a2:
58:04:78:f5:2c:8e:1d:94:e8:ff:f3:af:f0:4c:35:e3:fa:64:
92:c7:d5:6e:f6:88:50:e8:47:15:fc:d7:8c:5f:9e:91:a6:7d:
e2:dc:74:c4:80:61:91:94:e1:50:45:13:c9:39:56:f3:34:e6:
8b:51:f6:af:a3:de:a9:e4:54:de:a9:06:38:1e:a2:fa:74:a1:
ff:ac:bb:aa:47:ce:39:ca:20:8d:95:dd:30:c1:1a:5d:d5:8f:
e9:c8:13:7b:c6:d1:f8:63:e9:ed:ce:f6:07:0f:94:ac:66:ed:
c4:53:27:5c:2e:88:b6:69:6e:5b:90:db:f9:10:8f:66:a6:d8:
24:bb:47:75:74:51:25:37:8a:4f:f9:c1:31:e5:4f:6d:f8:90:
80:50:c4:da:35:9d:42:3c:4c:68:14:8e:e2:a5:e8:92:82:9c:
9f:5d:d8:a3:be:32:d0:1d:42:8e:8d:c6:79:3a:04:9c:f2:6b:
d5:21:37:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKLFwjeaFc5wavd4cI2CQNAvm+R4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDQyMzUwMTBaFw0yNTA0MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyM2U2NWU0MDcxZTAxMWQxZjM2ZmU0OTZlYzQxMmI2ZjA3ZWFmZmM3MDhj
MTM3OTM5MjFhOTc4ZDdlYmJkMjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9N1h8q9dACwKUBGBV2Xfvn46r28t/TlMfseSnYKjAwJpDqAeB8i26EzuAv
0wmjqLS9mPB30WfOZmhTLR+ar7hdK1Tsyk0CqtJep624ecmTHR3TQPjzoISOmtOf
FbbWor0OQWXt/f6/oeVR0JougEeJoAAD9wNv9c4ScFRL0Cq1bwiX1aIzFggiluE0
J9QyPY608BvA7oPjuIBOJoCoXrwIMDSrs9065m2r0qDQwGov38sCNHOYb/tduKkQ
Lo0v9l3o61h3qk6KzbPxk3HeeMmeHoexOMxkjEkqerFv+KhKgmgW1yFH9IhHzsaA
iDwh4DG12jKUEZzfVqUFpHCHpi0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTarsoD
xOt1DI73MmwFzvFqha4yYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY2NTM0NmItNTcxNS00ZDRhLTllZTctMzJhZmZjNjY5ZTkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
QDANBgkqhkiG9w0BAQsFAAOCAQEALO42a7aH866/BtUEGxuqOBh8mqTgeFBkvN7U
r6wJeN2TrhD3DDJiSh4F3lMvgh0Vi8lEomkO55PDuICGR6eAy1QMMHCSoQKiWAR4
9SyOHZTo//Ov8Ew14/pkksfVbvaIUOhHFfzXjF+ekaZ94tx0xIBhkZThUEUTyTlW
8zTmi1H2r6PeqeRU3qkGOB6i+nSh/6y7qkfOOcogjZXdMMEaXdWP6cgTe8bR+GPp
7c72Bw+UrGbtxFMnXC6ItmluW5Db+RCPZqbYJLtHdXRRJTeKT/nBMeVPbfiQgFDE
2jWdQjxMaBSO4qXokoKcn13Yo74y0B1Cjo3GeToEnPJr1SE3/w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:10 2025 by rpki-client