Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: 3bdLuuXAOzWvxM5A3asysrCVJZeyVjej3AMbLyocR8M=
Subject key identifier: 7E:C5:C5:B1:CE:D2:17:DC:F5:0E:11:CA:38:3E:7B:3A:76:F4:B4:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58645A975227C6142C88A4445E196EDD3F89A638
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Fri 07 Mar 2025 15:00:22 +0000
ROA not before: Fri 07 Mar 2025 15:00:22 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:64:5a:97:52:27:c6:14:2c:88:a4:44:5e:19:6e:dd:3f:89:a6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:00:22 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a9:67:6a:e4:61:7b:82:e8:c0:bc:2c:87:75:
1a:bf:21:8a:f3:32:9a:26:68:0b:37:fe:53:80:0a:
9d:7d:84:de:0a:3f:12:9e:56:cb:6f:7c:fe:b2:ff:
25:9a:42:73:35:f2:33:78:e0:ae:00:1f:8f:16:67:
71:07:64:33:73:46:1f:b1:e4:98:a2:16:32:d4:bb:
f0:cc:3f:ce:71:91:8e:7a:d9:8c:5b:30:6e:d6:6b:
fe:a7:ac:dd:9d:6a:aa:c3:1d:66:75:22:ab:bb:6b:
94:79:6c:27:bc:e3:63:0c:fc:e3:f9:eb:fd:b1:c4:
87:35:51:57:f2:79:cf:28:00:27:f5:6a:9f:7e:08:
ec:5a:c5:b4:15:95:40:a2:2f:9f:ec:fc:c0:ea:b6:
88:80:95:54:bf:43:65:92:df:3c:52:27:ae:f8:03:
1b:d4:d4:89:ec:f4:7a:56:e0:97:0b:bf:c0:41:6b:
a5:f0:98:40:09:1e:f5:b5:aa:09:4b:22:9f:b2:f3:
89:8b:29:c6:48:10:4e:3c:28:55:09:59:74:b6:18:
3b:6d:8a:66:bc:73:38:02:b9:4a:86:e5:13:db:2f:
56:e2:80:41:dd:8c:da:34:6f:c6:3c:7f:48:de:00:
8e:b0:bc:71:8c:53:10:e8:d7:c5:64:e3:29:a7:73:
40:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C5:C5:B1:CE:D2:17:DC:F5:0E:11:CA:38:3E:7B:3A:76:F4:B4:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:49:de:ab:f9:7e:2d:33:57:3c:de:4c:93:b3:e0:51:3b:d9:
d9:0a:9e:05:65:83:f1:b5:f1:06:3d:06:63:a4:db:f6:3c:a7:
71:95:cc:04:76:c7:05:04:8a:5b:73:c1:c8:13:bd:4f:39:01:
d0:61:83:da:bd:29:d2:11:5f:ac:fc:af:35:e0:0e:55:b0:61:
2f:a3:74:39:24:11:a0:7a:36:64:14:88:5c:ef:6e:80:6b:75:
d8:d6:05:23:f6:27:7c:c0:15:44:fb:2a:cf:4b:64:a1:79:b2:
93:ba:37:61:b9:ea:2c:35:7c:24:6d:69:fe:20:3c:6a:40:47:
62:f8:1f:e5:6d:aa:d1:4e:3d:ff:1e:1f:af:fe:c5:20:e1:29:
90:54:78:0f:3f:e1:45:c3:c8:4e:a5:d9:3b:76:26:e1:dc:c7:
84:61:41:22:b7:8b:c9:ea:1f:9d:2f:1b:26:7d:ad:ac:bd:fd:
c8:68:16:ae:b9:39:30:e3:69:de:b5:37:58:0b:98:75:0b:db:
21:29:a0:ac:de:b7:23:c0:d9:af:8a:f1:3c:3b:7c:ab:dd:de:
b8:e4:85:9e:c3:64:9e:18:97:36:8c:4c:27:18:20:8a:96:91:
2d:2e:82:f7:4b:8c:48:8b:9b:d2:c2:11:86:98:58:25:fe:d1:
b0:04:52:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWGRal1InxhQsiKREXhlu3T+JpjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTAwMjJaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlYWE3ODYwNjU1MTlkYWRhMDRkMWJhZDQ4YWRhZDMzZjE0NDA1ZGQ3MGJi
ODAyNGFmMDA2NjY3NjRhZmFjYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOpZ2rkYXuC6MC8LId1Gr8hivMymiZoCzf+U4AKnX2E3go/Ep5Wy298/rL/
JZpCczXyM3jgrgAfjxZncQdkM3NGH7HkmKIWMtS78Mw/znGRjnrZjFswbtZr/qes
3Z1qqsMdZnUiq7trlHlsJ7zjYwz84/nr/bHEhzVRV/J5zygAJ/Vqn34I7FrFtBWV
QKIvn+z8wOq2iICVVL9DZZLfPFInrvgDG9TUiez0elbglwu/wEFrpfCYQAke9bWq
CUsin7LziYspxkgQTjwoVQlZdLYYO22KZrxzOAK5SoblE9svVuKAQd2M2jRvxjx/
SN4AjrC8cYxTEOjXxWTjKadzQLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+xcWx
ztIX3PUOEco4Pns6dvS0KTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQCiSd6r+X4tM1c83kyTs+BRO9nZCp4FZYPxtfEG
PQZjpNv2PKdxlcwEdscFBIpbc8HIE71POQHQYYPavSnSEV+s/K814A5VsGEvo3Q5
JBGgejZkFIhc726Aa3XY1gUj9id8wBVE+yrPS2ShebKTujdhueosNXwkbWn+IDxq
QEdi+B/lbarRTj3/Hh+v/sUg4SmQVHgPP+FFw8hOpdk7dibh3MeEYUEit4vJ6h+d
Lxsmfa2svf3IaBauuTkw42netTdYC5h1C9shKaCs3rcjwNmvivE8O3yr3d645IWe
w2SeGJc2jEwnGCCKlpEtLoL3S4xIi5vSwhGGmFgl/tGwBFKM
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:24 2025 by rpki-client