Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
File: 7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa (raw, json)
Hash identifier: LG3z6U1ZjG8hNnqxQMZkDXWCCRuPfpO1HMcboGYCehg=
Subject key identifier: 6C:16:B4:6B:47:10:26:D3:A6:F9:77:97:D4:02:BC:8A:22:C4:0A:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1578755DC41D495A3CA91CF68EB08E11F7152C70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
Signing time: Wed 05 Mar 2025 17:01:08 +0000
ROA not before: Wed 05 Mar 2025 17:01:08 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:78:75:5d:c4:1d:49:5a:3c:a9:1c:f6:8e:b0:8e:11:f7:15:2c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:01:08 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b8:82:97:40:02:c3:aa:e5:f7:cb:83:6c:49:
f2:22:0e:0a:1b:94:06:da:5e:a4:63:40:45:af:e4:
33:c5:66:b5:11:ae:0c:a0:81:75:1b:ca:54:a4:54:
70:36:aa:20:7e:f6:08:fe:64:61:62:74:88:14:a2:
cc:65:71:db:06:c8:0f:9a:6f:52:3c:c5:59:63:21:
e4:06:df:8e:85:52:bb:28:3e:4e:d0:b0:20:1a:48:
95:bd:73:c3:6e:4f:41:87:bd:ca:88:99:0a:e2:4f:
35:40:89:ec:3b:05:fd:9a:01:3b:1b:e5:01:ba:c6:
53:59:cb:5b:ba:39:cc:ae:56:ac:c8:46:e0:e0:8e:
8e:cc:e4:54:9d:3b:76:4b:cc:c1:07:6f:6c:38:b7:
19:5d:84:54:ab:9e:c9:f9:e6:8a:d5:6c:b0:bb:a0:
33:3d:ea:bc:d1:5d:ac:7e:c4:8d:f2:47:5e:2c:5c:
eb:4b:77:49:d0:cc:23:fb:44:bb:73:61:26:e6:82:
bb:e1:cb:8f:86:77:bd:09:32:19:d9:e6:d7:db:e6:
3e:6f:8e:af:0c:5b:99:4d:42:33:84:30:a2:2c:89:
af:32:e4:c6:c0:0f:89:c0:9e:61:ff:84:9b:45:33:
b7:ac:ac:8a:8d:71:d9:ac:95:f3:4c:26:6a:c1:eb:
c1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:16:B4:6B:47:10:26:D3:A6:F9:77:97:D4:02:BC:8A:22:C4:0A:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6040::/46
Signature Algorithm: sha256WithRSAEncryption
92:b1:cd:2a:6c:26:51:4b:bd:ed:da:f8:ab:5d:7c:b6:9f:68:
09:4f:c8:29:d2:82:ef:35:f6:eb:99:db:1c:5b:ce:01:be:e6:
66:16:21:ff:6a:31:d3:d0:b5:7c:76:4f:d2:66:67:4c:21:72:
17:b5:66:53:6b:e9:6a:e2:2a:ac:27:42:81:b1:97:f9:a6:2e:
5e:40:cb:7b:8f:f1:9a:94:35:34:47:c6:a3:21:3b:79:67:62:
de:bd:0a:18:ef:0c:4a:8e:ea:d7:7b:5e:e7:b9:a1:be:74:8c:
99:6d:f1:ba:88:77:b5:85:64:d4:3a:f9:87:2e:17:ac:f9:c1:
34:81:12:54:9a:3b:8b:58:e2:19:68:0f:a6:31:e3:73:4f:15:
9a:77:da:e0:ad:b8:57:c8:06:ef:c5:c5:d5:eb:2d:fc:6d:72:
35:1f:c6:ad:d8:79:80:16:14:5c:fc:f1:ba:c0:9d:3c:06:bb:
7b:42:02:dd:61:fe:d3:0d:b0:11:3f:f3:e5:54:ac:e3:6a:01:
93:78:0d:92:cd:8e:59:6e:b7:42:5f:0f:65:73:27:a1:f1:a0:
7b:cb:7c:20:35:e9:2e:b1:e2:5c:c0:3a:47:33:2c:a0:94:80:
63:53:ac:0a:cc:6e:14:21:dd:fb:83:5d:57:fd:be:7b:a0:fc:
7a:46:75:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFXh1XcQdSVo8qRz2jrCOEfcVLHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAxMDhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4Y2U4ODJiMDZiZjNiMjdkNWRlYjU5ZjFmNjBjMDVmOWZjOTVhNGQ4MWE3
NWYzOGYyNWQ2NjMwMDczNjEwMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKK4gpdAAsOq5ffLg2xJ8iIOChuUBtpepGNARa/kM8VmtRGuDKCBdRvKVKRU
cDaqIH72CP5kYWJ0iBSizGVx2wbID5pvUjzFWWMh5AbfjoVSuyg+TtCwIBpIlb1z
w25PQYe9yoiZCuJPNUCJ7DsF/ZoBOxvlAbrGU1nLW7o5zK5WrMhG4OCOjszkVJ07
dkvMwQdvbDi3GV2EVKueyfnmitVssLugMz3qvNFdrH7EjfJHXixc60t3SdDMI/tE
u3NhJuaCu+HLj4Z3vQkyGdnm19vmPm+OrwxbmU1CM4QwoiyJrzLkxsAPicCeYf+E
m0Uzt6ysio1x2ayV80wmasHrwQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRsFrRr
RxAm06b5d5fUAryKIsQKYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzQwYzMtY2I2Ny00YTFmLWIzOTEtZmMwYmQ3NTRhNDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
QDANBgkqhkiG9w0BAQsFAAOCAQEAkrHNKmwmUUu97dr4q118tp9oCU/IKdKC7zX2
65nbHFvOAb7mZhYh/2ox09C1fHZP0mZnTCFyF7VmU2vpauIqrCdCgbGX+aYuXkDL
e4/xmpQ1NEfGoyE7eWdi3r0KGO8MSo7q13te57mhvnSMmW3xuoh3tYVk1Dr5hy4X
rPnBNIESVJo7i1jiGWgPpjHjc08Vmnfa4K24V8gG78XF1est/G1yNR/Grdh5gBYU
XPzxusCdPAa7e0IC3WH+0w2wET/z5VSs42oBk3gNks2OWW63Ql8PZXMnofGge8t8
IDXpLrHiXMA6RzMsoJSAY1OsCsxuFCHd+4NdV/2+e6D8ekZ1aw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:15 2025 by rpki-client