Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
File: 788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa (raw, json)
Hash identifier: 55z0CGC7wiZfqHtR4uywHLnby3hcpxnCUlkpJ8UBlew=
Subject key identifier: 2C:3B:A0:04:B6:55:C2:09:E4:8E:87:CD:BF:DA:EA:AB:E8:39:B3:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EEA42F43F3D9CB217A319606377F5527E5A725A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
Signing time: Fri 07 Mar 2025 15:00:26 +0000
ROA not before: Fri 07 Mar 2025 15:00:26 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:9000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:ea:42:f4:3f:3d:9c:b2:17:a3:19:60:63:77:f5:52:7e:5a:72:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:00:26 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:37:60:e2:ce:ff:f3:cd:12:79:6e:2e:b9:
34:47:d4:15:88:47:05:59:0c:1c:d7:43:4a:c0:98:
d3:fd:30:b0:90:4c:2e:63:30:b9:bc:59:fc:a1:33:
31:9e:a3:ed:8d:53:71:b9:3d:d0:a7:d3:a9:68:21:
e6:d2:fb:45:34:3b:fb:b7:47:40:09:f3:b4:6f:1f:
4b:bf:02:22:0f:94:98:86:17:2e:84:e1:2d:83:3e:
fc:96:6f:3d:a4:6f:c9:54:04:aa:0c:a3:79:01:af:
a9:98:47:cd:c9:a7:ef:77:37:58:92:8c:48:1b:26:
52:88:00:1d:83:8e:58:74:ec:55:0d:95:9d:56:bb:
30:4b:e5:26:69:39:fd:35:96:b5:64:9a:df:bc:67:
47:38:1f:2c:74:23:cb:29:41:41:e6:50:06:c3:7a:
97:2f:fb:f7:5b:1d:ef:42:f2:50:10:08:1f:96:35:
d5:ff:85:b6:e3:b2:c8:44:e1:a4:c2:45:df:c5:da:
2d:b8:3a:5f:06:9b:02:a0:da:1b:00:fa:f9:64:0c:
26:33:a5:3b:72:f6:b5:86:7f:41:11:a1:47:eb:fe:
3d:50:ea:05:fe:e8:b5:70:2a:16:e4:d5:90:0e:ae:
bc:6a:60:5a:cd:f4:59:60:75:fa:13:d3:55:90:d5:
8a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3B:A0:04:B6:55:C2:09:E4:8E:87:CD:BF:DA:EA:AB:E8:39:B3:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:9000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:bc:23:4b:f8:65:9a:e5:d9:0c:27:f9:0d:e1:cb:93:c8:9d:
62:1f:e7:ef:0f:fc:28:b3:2e:dd:10:8b:3b:6a:ba:a8:f9:1a:
74:90:c4:2f:14:25:8b:11:14:c2:16:3a:99:79:1d:ec:49:c5:
8a:db:56:f0:9f:79:ed:4f:60:17:b9:a5:96:76:62:e9:78:fe:
75:69:fa:db:5e:3f:56:ff:51:12:8c:b6:2c:82:81:da:f7:7b:
b3:b5:b9:3b:4c:8f:0c:49:c0:59:7c:54:f5:94:c5:ea:71:f3:
fb:aa:e6:c2:c9:d0:3b:5a:3e:73:41:54:a8:e9:9e:30:8a:e8:
7a:4d:9e:55:8c:de:ed:5a:bf:6e:d4:89:90:9d:f3:f1:9b:89:
da:f9:48:b7:3a:55:96:31:eb:68:2d:10:05:ed:81:cf:72:a3:
23:16:61:d3:5f:60:4d:24:64:d6:41:41:ae:9b:b3:4c:47:dd:
6f:49:19:72:92:4a:d5:55:4c:0c:b6:b0:cc:f8:1b:81:5f:dc:
fa:c6:11:55:1f:5a:78:f4:03:85:0d:52:53:98:30:b4:ab:08:
6b:f2:9f:00:02:e2:80:08:0b:ea:9d:87:61:13:8f:fb:f4:ed:
a3:a3:b9:e9:af:7f:b4:9a:ed:de:9f:5f:ff:7a:42:4a:b6:f6:
08:db:93:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbupC9D89nLIXoxlgY3f1Un5aclowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTAwMjZaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMWRmZGZkZGQ3MmRjZWIxNDAyMzZiNWM0MDA3MTIxYjZkMjY5NWE4ZmM5
NzMxZmRlODBiNmY2MTI3ZThmOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMX2N2Dizv/zzRJ5bi65NEfUFYhHBVkMHNdDSsCY0/0wsJBMLmMwubxZ/KEz
MZ6j7Y1Tcbk90KfTqWgh5tL7RTQ7+7dHQAnztG8fS78CIg+UmIYXLoThLYM+/JZv
PaRvyVQEqgyjeQGvqZhHzcmn73c3WJKMSBsmUogAHYOOWHTsVQ2VnVa7MEvlJmk5
/TWWtWSa37xnRzgfLHQjyylBQeZQBsN6ly/791sd70LyUBAIH5Y11f+FtuOyyETh
pMJF38XaLbg6XwabAqDaGwD6+WQMJjOlO3L2tYZ/QRGhR+v+PVDqBf7otXAqFuTV
kA6uvGpgWs30WWB1+hPTVZDVit8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsO6AE
tlXCCeSOh82/2uqr6DmzrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg4ZDlkMjMtYmEzZi00MmM0LWIxYTMtODBmMjQxNGVmYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBevCNL+GWa5dkMJ/kN4cuTyJ1iH+fvD/wosy7d
EIs7arqo+Rp0kMQvFCWLERTCFjqZeR3sScWK21bwn3ntT2AXuaWWdmLpeP51afrb
Xj9W/1ESjLYsgoHa93uztbk7TI8MScBZfFT1lMXqcfP7qubCydA7Wj5zQVSo6Z4w
iuh6TZ5VjN7tWr9u1ImQnfPxm4na+Ui3OlWWMetoLRAF7YHPcqMjFmHTX2BNJGTW
QUGum7NMR91vSRlykkrVVUwMtrDM+BuBX9z6xhFVH1p49AOFDVJTmDC0qwhr8p8A
AuKACAvqnYdhE4/79O2jo7npr3+0mu3en1//ekJKtvYI25OB
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:39 2025 by rpki-client