Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
File: 8615f258-46a8-450c-972c-84b27581bb43.roa (raw, json)
Hash identifier: l+csiRC99ze936UVsDa1ASfk1/T786WSHMMY4tZu4lk=
Subject key identifier: 63:D8:2C:66:71:03:0F:77:AD:60:F9:F0:5B:62:8E:62:FE:13:87:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AC1AC8390ABF84A2735F06237D67E777414BCB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
Signing time: Wed 05 Mar 2025 17:42:04 +0000
ROA not before: Wed 05 Mar 2025 17:42:04 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:c1:ac:83:90:ab:f8:4a:27:35:f0:62:37:d6:7e:77:74:14:bc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:42:04 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:02:99:9f:43:ac:3a:8f:c1:cc:c1:41:8b:f0:
55:4c:18:c1:cf:a3:e6:81:5b:93:0a:1c:4f:40:9d:
e0:5c:4e:75:d6:23:3a:3e:a4:de:06:4d:b5:ca:71:
60:d7:fc:74:07:c1:ea:b3:60:de:d9:e6:d6:c2:3a:
bd:3f:0b:cd:4b:e3:0d:77:80:00:60:5e:20:e6:c0:
81:74:85:0d:57:c1:c0:50:33:dc:70:80:a6:5a:19:
53:82:ce:85:5d:df:36:32:7b:3a:a0:b2:b4:ae:7f:
0d:42:ce:a7:cf:3d:b5:d8:57:70:f1:8e:e4:9c:0e:
27:38:98:cd:40:19:43:e8:4b:07:38:3e:8f:56:6f:
1d:5c:28:54:e4:f3:fd:0b:0c:5d:0e:eb:82:23:0d:
f9:65:95:76:89:9b:b6:17:b6:18:25:22:ee:1d:85:
3e:d3:22:e1:30:f4:08:91:24:20:2f:54:59:31:9e:
1b:4a:9e:74:fe:73:04:98:0f:39:8a:06:75:3b:a1:
f9:2b:61:1e:2b:72:41:0a:94:bb:91:35:52:88:f8:
cb:fc:58:78:6b:b8:fd:cc:2a:2d:4e:d7:03:89:24:
74:fa:32:49:15:af:72:5f:29:05:0c:98:f1:e2:5c:
ea:6a:29:d7:25:23:bf:f9:a1:9a:0c:17:1f:f2:d4:
ff:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D8:2C:66:71:03:0F:77:AD:60:F9:F0:5B:62:8E:62:FE:13:87:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/36
Signature Algorithm: sha256WithRSAEncryption
b1:08:d5:b6:29:4c:fc:ef:0b:54:d3:dd:60:cb:99:96:d2:80:
71:fb:4c:ef:e0:04:b6:fd:4f:cc:93:92:88:b9:cc:81:fd:5f:
60:a5:ea:8b:8b:8e:fe:1b:01:67:80:ea:76:bd:94:13:05:0d:
e1:0c:6a:ee:0b:35:81:60:95:8f:ad:19:18:07:b6:4f:8d:7e:
90:83:0d:ad:b7:03:9c:cc:26:e0:cd:76:1e:04:7c:e0:76:0d:
7f:47:44:56:aa:6b:c4:e9:e3:cf:9d:23:a3:1d:e7:30:69:21:
0e:a0:d2:cf:34:cf:ef:d7:41:b9:56:1a:3a:17:47:83:78:95:
dd:a4:71:9f:9a:58:cc:bd:27:5d:b7:d7:89:a1:3d:93:5d:ce:
10:cc:a6:ec:70:e1:c6:40:db:03:27:87:3b:a5:4b:10:d6:30:
88:7e:a4:1f:34:e8:b6:21:f9:af:41:47:b8:87:41:8f:5e:8e:
a1:2d:f0:7d:e9:bf:74:56:94:d2:56:12:3b:95:b4:d9:f9:b6:
f6:72:d6:76:c7:b1:b1:42:64:c5:77:75:bc:b4:ea:b5:8c:33:
0c:66:30:00:4a:2b:e3:fc:8d:28:6f:22:bb:4f:24:9c:70:ec:
2a:8d:4b:0d:ce:d6:d8:79:b9:50:7c:b9:3f:1c:b7:09:30:79:
e9:e7:02:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGsGsg5Cr+EonNfBiN9Z+d3QUvLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQyMDRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YTc4NjdhYjNmNDk1Yjc1Yzg4OGVlN2UyYTVmOTIyMWY4NzExZTBlOGI1
OTI0ZGQ4ZDI3MzVkOWIwMDMyZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANECmZ9DrDqPwczBQYvwVUwYwc+j5oFbkwocT0Cd4FxOddYjOj6k3gZNtcpx
YNf8dAfB6rNg3tnm1sI6vT8LzUvjDXeAAGBeIObAgXSFDVfBwFAz3HCAploZU4LO
hV3fNjJ7OqCytK5/DULOp889tdhXcPGO5JwOJziYzUAZQ+hLBzg+j1ZvHVwoVOTz
/QsMXQ7rgiMN+WWVdombthe2GCUi7h2FPtMi4TD0CJEkIC9UWTGeG0qedP5zBJgP
OYoGdTuh+SthHityQQqUu5E1Uoj4y/xYeGu4/cwqLU7XA4kkdPoySRWvcl8pBQyY
8eJc6mop1yUjv/mhmgwXH/LU/5sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRj2Cxm
cQMPd61g+fBbYo5i/hOHtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODYxNWYyNTgtNDZhOC00NTBjLTk3MmMtODRiMjc1ODFiYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCxCNW2KUz87wtU091gy5mW0oBx+0zv4AS2/U/M
k5KIucyB/V9gpeqLi47+GwFngOp2vZQTBQ3hDGruCzWBYJWPrRkYB7ZPjX6Qgw2t
twOczCbgzXYeBHzgdg1/R0RWqmvE6ePPnSOjHecwaSEOoNLPNM/v10G5Vho6F0eD
eJXdpHGfmljMvSddt9eJoT2TXc4QzKbscOHGQNsDJ4c7pUsQ1jCIfqQfNOi2Ifmv
QUe4h0GPXo6hLfB96b90VpTSVhI7lbTZ+bb2ctZ2x7GxQmTFd3W8tOq1jDMMZjAA
Sivj/I0obyK7TySccOwqjUsNztbYeblQfLk/HLcJMHnp5wJa
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:11 2025 by rpki-client