Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: KImMCJcHOwMYqNwE6BlWylb9PB98UUclRst1TjIIruc=
Subject key identifier: 55:2F:EC:EF:FB:14:0E:D4:45:59:BF:34:5A:11:CE:64:A2:49:DA:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38B5F7831C549C2CF691FB82DF6E72DB4C7D0E87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Wed 05 Mar 2025 16:21:16 +0000
ROA not before: Wed 05 Mar 2025 16:21:16 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:b5:f7:83:1c:54:9c:2c:f6:91:fb:82:df:6e:72:db:4c:7d:0e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:21:16 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:89:32:45:f7:9f:89:28:17:c8:a1:9c:a2:5f:
f1:2e:1c:6f:30:9c:92:e3:9c:bb:35:52:0d:1c:01:
77:a6:b0:07:7c:e3:69:8c:1c:91:28:ab:58:7d:9e:
ad:94:09:a1:f2:b6:c9:dd:6e:e1:2f:fd:b0:54:b5:
c8:e7:52:cb:ec:df:81:a2:fc:b2:1a:f1:a9:98:09:
9e:6b:81:e4:41:ce:2a:18:13:8e:56:1a:9e:d4:10:
5f:7f:f9:06:fd:99:7b:00:6f:97:ba:c6:ec:b2:0d:
bc:b9:04:13:a3:4d:70:82:1f:48:da:f2:8a:71:e8:
3a:9f:6a:67:1e:91:b0:93:37:98:26:60:21:e7:5b:
af:55:51:58:23:b3:aa:e7:9f:62:4b:26:61:47:04:
6c:ec:9e:9d:08:71:ef:d8:6b:f4:06:34:2b:72:5e:
73:ca:94:b5:f2:b5:cc:91:98:2c:f9:2a:b5:21:ee:
95:4d:71:23:b7:6f:63:89:9f:82:26:aa:3f:4d:32:
36:07:94:b9:17:ec:11:0d:e4:f4:fa:8f:46:c2:1e:
1a:3b:0a:44:d3:65:c0:f4:c5:dd:10:a5:8a:ae:ec:
ef:43:4d:91:73:91:93:71:2c:3d:63:a9:f6:ba:7a:
3d:f6:d8:e7:95:5b:ed:33:7f:47:3c:1b:ba:52:65:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:2F:EC:EF:FB:14:0E:D4:45:59:BF:34:5A:11:CE:64:A2:49:DA:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
67:0f:62:06:75:ef:65:88:3e:2b:57:87:a0:1f:b1:93:19:6b:
51:65:ef:07:72:12:d8:1a:e1:11:b8:8c:63:fc:57:af:b7:35:
0a:27:09:fa:26:39:88:8f:e9:28:25:af:80:29:33:45:bc:0d:
fc:69:18:b9:9b:0a:62:5a:b7:96:cc:96:2a:05:f5:2b:5b:a7:
8c:60:1b:0b:a8:ca:3f:1e:5e:6b:2b:39:be:c6:91:ac:1e:3b:
f4:f4:0a:fe:53:b7:a0:39:9c:37:f6:f0:4e:5f:f3:ad:15:5a:
35:a7:d5:fd:98:4a:30:3d:55:33:a2:d6:7b:5d:00:08:5a:a1:
ee:91:bf:ff:a3:10:f9:66:f9:34:7b:a7:c0:26:4c:5a:39:36:
d0:8c:e1:61:02:d8:b3:b4:9c:03:a2:cb:7a:6c:ac:49:32:b9:
69:c2:96:2b:ac:fc:f4:94:95:3a:7e:08:37:3e:82:d4:eb:61:
8d:b9:de:d6:aa:7f:22:17:04:3f:62:99:96:af:5d:1a:17:e1:
95:a9:b4:6f:49:3d:98:f7:1b:20:94:1b:e5:87:89:14:86:19:
ed:ed:d4:cd:fb:38:6e:db:cd:21:3d:71:e5:d8:55:dc:0e:e5:
bf:b4:79:22:1b:43:35:36:18:6f:6d:d7:39:33:01:47:1d:71:
dd:35:a9:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOLX3gxxUnCz2kfuC325y20x9DocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjIxMTZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlZTUxODRiMjg1M2M0ZjRkOTA1NDI3ZjM3YzZiNmU4NzlhZGE4OThlMTQy
NjNjYmM4Yjg3OWU1MGY1MWQ3OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKJMkX3n4koF8ihnKJf8S4cbzCckuOcuzVSDRwBd6awB3zjaYwckSirWH2e
rZQJofK2yd1u4S/9sFS1yOdSy+zfgaL8shrxqZgJnmuB5EHOKhgTjlYantQQX3/5
Bv2ZewBvl7rG7LINvLkEE6NNcIIfSNryinHoOp9qZx6RsJM3mCZgIedbr1VRWCOz
quefYksmYUcEbOyenQhx79hr9AY0K3Jec8qUtfK1zJGYLPkqtSHulU1xI7dvY4mf
giaqP00yNgeUuRfsEQ3k9PqPRsIeGjsKRNNlwPTF3RCliq7s70NNkXORk3EsPWOp
9rp6PfbY55Vb7TN/RzwbulJlBx8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVL+zv
+xQO1EVZvzRaEc5koknamzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEAZw9iBnXvZYg+K1eHoB+xkxlrUWXvB3IS2Brh
EbiMY/xXr7c1CicJ+iY5iI/pKCWvgCkzRbwN/GkYuZsKYlq3lsyWKgX1K1unjGAb
C6jKPx5eays5vsaRrB479PQK/lO3oDmcN/bwTl/zrRVaNafV/ZhKMD1VM6LWe10A
CFqh7pG//6MQ+Wb5NHunwCZMWjk20IzhYQLYs7ScA6LLemysSTK5acKWK6z89JSV
On4INz6C1Othjbne1qp/IhcEP2KZlq9dGhfhlam0b0k9mPcbIJQb5YeJFIYZ7e3U
zfs4btvNIT1x5dhV3A7lv7R5IhtDNTYYb23XOTMBRx1x3TWpXQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:33 2025 by rpki-client