Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: +1djkM9TCzRxJyeAQsnXgsipK1+cCdyEjQsX3XzJT4g=
Subject key identifier: EC:36:91:04:F1:B8:EE:F5:25:00:37:A6:F6:9E:85:2F:E6:62:C8:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03076494D9C2DAE20007996D7E4B8E165561E223
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Wed 05 Mar 2025 17:40:13 +0000
ROA not before: Wed 05 Mar 2025 17:40:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:07:64:94:d9:c2:da:e2:00:07:99:6d:7e:4b:8e:16:55:61:e2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:40:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0b:2f:50:09:64:69:7d:07:58:62:77:9f:b5:
ac:40:32:26:c3:71:45:fa:35:fe:41:cc:bb:09:c2:
6a:cc:4c:60:b9:ae:62:c3:6e:64:7e:9c:f5:7d:23:
27:25:c1:b8:24:a0:6e:89:56:9b:87:83:ad:8f:d8:
71:79:de:02:a8:63:28:45:a1:15:ab:d0:1d:8d:17:
1f:ae:59:49:b6:d1:1c:5d:d5:d8:95:5e:6c:04:49:
13:cf:7d:2b:9f:38:9f:51:83:50:ba:cc:30:9f:3f:
ee:31:59:18:26:cd:9b:72:3b:f7:dd:20:9f:21:87:
6c:e4:0e:96:a5:ac:a8:f0:93:cd:96:e6:7d:4a:08:
8b:9a:23:a3:64:e9:ac:8b:dd:e9:e1:9b:e0:47:c9:
63:db:2a:f4:65:59:c0:8d:cf:46:d3:29:f9:9f:06:
6d:d9:e3:c2:f0:f0:bb:2a:f7:f0:93:19:a4:59:5f:
54:3f:0b:9a:1b:ba:30:1a:f4:9c:95:18:51:2c:5c:
a2:ea:7e:de:2b:8e:0a:24:43:ba:38:42:d5:6a:46:
ab:72:a9:37:b7:97:24:fb:bc:9d:27:5a:0b:51:ba:
7d:72:a5:10:a1:8d:dc:10:bf:70:64:5f:e9:37:b1:
c0:9b:e6:7e:bd:8f:54:5f:6d:f3:8b:70:98:c7:80:
60:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:36:91:04:F1:B8:EE:F5:25:00:37:A6:F6:9E:85:2F:E6:62:C8:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
88:17:92:e4:14:61:ec:d9:85:98:b4:c5:0e:9c:72:67:be:17:
8a:d3:2c:ff:d0:d2:40:28:a8:e6:fd:ae:2d:85:0c:92:82:69:
06:99:6a:29:b9:30:7c:98:ff:6b:c2:f0:53:39:c1:d8:03:53:
e3:3b:c7:b0:8b:0f:6d:bb:d1:05:d3:e0:d2:f6:df:ff:c2:42:
64:29:d6:89:f2:dd:5d:c4:87:5d:f3:29:5a:d2:f0:50:fe:5e:
5c:5e:1d:af:c4:15:65:7f:f4:af:2e:fb:d1:f1:f6:da:9c:66:
7d:ba:6b:35:d6:28:fc:13:50:4c:54:0c:80:f8:a1:8c:86:99:
a7:57:40:e5:45:d3:42:4c:14:e1:19:4d:a1:65:2d:a3:25:88:
c7:ef:04:9f:f5:7c:3c:d5:77:40:81:1e:81:ad:84:e5:ee:15:
8d:d0:53:45:0a:f0:c8:7f:0f:2f:f2:e8:e0:4e:ec:d9:b0:6e:
42:78:5b:c9:7f:95:01:ce:d3:1b:1a:c2:5b:39:e8:6f:8b:42:
08:d1:df:e4:ff:97:93:e2:5f:63:a0:85:0d:71:2a:d9:13:ed:
d9:4c:cf:7e:f2:73:9e:59:71:44:3b:bc:cd:52:da:34:5d:fd:
b6:85:97:0a:3e:47:85:50:b6:1d:4c:b3:5f:1d:0c:38:1a:b0:
3b:62:ee:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAwdklNnC2uIAB5ltfkuOFlVh4iMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQwMTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNDMxM2I2ZWFkMGY2NTNkZmZkOGQ0ZTE0NDg1NWRiNDgxN2I0YTdkNWFi
MDUyMjE3Y2QxNDVkMzE5NWU4MjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwLL1AJZGl9B1hid5+1rEAyJsNxRfo1/kHMuwnCasxMYLmuYsNuZH6c9X0j
JyXBuCSgbolWm4eDrY/YcXneAqhjKEWhFavQHY0XH65ZSbbRHF3V2JVebARJE899
K584n1GDULrMMJ8/7jFZGCbNm3I7990gnyGHbOQOlqWsqPCTzZbmfUoIi5ojo2Tp
rIvd6eGb4EfJY9sq9GVZwI3PRtMp+Z8GbdnjwvDwuyr38JMZpFlfVD8Lmhu6MBr0
nJUYUSxcoup+3iuOCiRDujhC1WpGq3KpN7eXJPu8nSdaC1G6fXKlEKGN3BC/cGRf
6TexwJvmfr2PVF9t84twmMeAYN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsNpEE
8bju9SUAN6b2noUv5mLIiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCIF5LkFGHs2YWYtMUOnHJnvheK0yz/0NJAKKjm
/a4thQySgmkGmWopuTB8mP9rwvBTOcHYA1PjO8ewiw9tu9EF0+DS9t//wkJkKdaJ
8t1dxIdd8yla0vBQ/l5cXh2vxBVlf/SvLvvR8fbanGZ9ums11ij8E1BMVAyA+KGM
hpmnV0DlRdNCTBThGU2hZS2jJYjH7wSf9Xw81XdAgR6BrYTl7hWN0FNFCvDIfw8v
8ujgTuzZsG5CeFvJf5UBztMbGsJbOehvi0II0d/k/5eT4l9joIUNcSrZE+3ZTM9+
8nOeWXFEO7zNUto0Xf22hZcKPkeFULYdTLNfHQw4GrA7Yu5U
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:22 2025 by rpki-client