Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: Pdy99xcG7qQioUtt+yd2mt7sd4CPeD69LwE0AoAr2Ms=
Subject key identifier: 52:4E:6E:96:1B:66:24:35:16:49:18:E2:37:B7:E7:D6:20:81:10:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A0CC44CF5532E7CE643C5D0995FE9FA548623BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Wed 05 Mar 2025 17:40:16 +0000
ROA not before: Wed 05 Mar 2025 17:40:16 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:0c:c4:4c:f5:53:2e:7c:e6:43:c5:d0:99:5f:e9:fa:54:86:23:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:40:16 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3e:20:f1:f1:75:db:5e:54:41:2d:5c:a2:67:
ea:f3:8e:1e:6b:e4:c9:32:3e:30:1a:5a:7d:3a:ff:
13:52:71:47:03:e1:c9:79:ad:45:88:05:ae:ee:1f:
b2:89:5c:f6:76:97:0e:d7:99:98:e5:39:6a:b3:da:
ff:94:d2:89:be:fd:71:80:3e:e2:61:4e:cd:6f:10:
30:77:74:d0:43:81:b3:d2:51:9e:08:71:8e:96:c3:
c6:1f:03:0c:39:86:26:2b:36:86:43:b6:2e:a3:2c:
de:fb:8c:6f:8a:e3:66:2c:62:1b:3d:61:a1:21:cd:
b4:ed:0e:2f:96:a3:9e:16:b4:a5:94:e2:00:e2:85:
77:4b:03:ae:ef:bd:87:b1:c4:bb:6f:9f:06:92:39:
ec:e8:a6:b1:83:72:ca:a8:e7:af:32:6f:7a:b9:94:
a4:12:5b:3a:a6:9e:0f:de:25:45:07:44:59:da:7d:
c0:c1:61:21:2b:80:29:06:2f:2a:10:05:bf:72:11:
34:80:22:90:ef:51:1c:cf:5a:49:15:ab:55:d4:ad:
51:ec:75:9a:34:26:96:8d:5c:79:c6:82:1a:ba:0f:
54:47:85:11:87:28:72:db:72:a6:40:4c:56:06:9e:
2d:08:17:db:6d:7a:5a:6a:72:79:f5:c6:e4:84:16:
17:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4E:6E:96:1B:66:24:35:16:49:18:E2:37:B7:E7:D6:20:81:10:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
63:f9:1d:4a:99:d5:dd:62:9c:7e:4b:56:79:39:10:1e:56:32:
97:65:78:05:4a:48:13:36:dd:03:cd:26:eb:29:74:00:5c:f5:
91:1e:18:37:62:61:b4:9f:d6:23:15:5c:b7:7d:e7:a2:7a:2e:
d2:6f:6e:6a:01:48:46:6d:5d:2e:3d:bc:f5:2e:c4:62:81:91:
c5:67:21:b9:ee:e3:fa:9d:8b:f3:f1:70:ec:f8:c7:92:31:8c:
75:5a:7e:40:06:e1:69:57:b2:d2:93:9b:ca:38:2f:7b:4d:ad:
18:89:b8:a2:63:38:ad:4e:b8:1c:0c:69:ff:00:ef:20:29:6e:
67:c2:24:95:7c:a0:6a:ae:0b:88:a1:18:26:ec:1d:c4:c1:67:
3b:17:71:8c:82:32:e3:e4:de:68:b2:3c:1d:d1:5a:4d:f0:4d:
47:1e:6a:85:f0:56:f4:8e:c0:15:5e:d3:de:bb:2b:63:14:c2:
72:62:31:69:06:3b:5e:9b:d6:96:b1:47:85:14:ef:b5:1c:c3:
88:2d:d0:85:58:72:56:16:2c:59:25:59:78:21:4d:e7:ba:46:
71:24:a8:38:0e:5b:47:85:88:22:2c:31:62:76:95:e1:49:64:
9e:9f:98:2c:94:4a:e9:e8:9c:6c:d8:32:9e:fe:54:25:29:c4:
ce:f2:92:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUagzETPVTLnzmQ8XQmV/p+lSGI70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQwMTZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNGJmNGViYTA2NzJiMWM4Yzc1OGNiZWRmOGQ3YzBlYmExMzVlZWE2OTA0
ODYzOTliYjVlODA1MWJjMWY1ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0+IPHxddteVEEtXKJn6vOOHmvkyTI+MBpafTr/E1JxRwPhyXmtRYgFru4f
solc9naXDteZmOU5arPa/5TSib79cYA+4mFOzW8QMHd00EOBs9JRnghxjpbDxh8D
DDmGJis2hkO2LqMs3vuMb4rjZixiGz1hoSHNtO0OL5ajnha0pZTiAOKFd0sDru+9
h7HEu2+fBpI57OimsYNyyqjnrzJvermUpBJbOqaeD94lRQdEWdp9wMFhISuAKQYv
KhAFv3IRNIAikO9RHM9aSRWrVdStUex1mjQmlo1cecaCGroPVEeFEYcocttypkBM
VgaeLQgX2216WmpyefXG5IQWF2MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSTm6W
G2YkNRZJGOI3t+fWIIEQwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQBj+R1KmdXdYpx+S1Z5ORAeVjKXZXgFSkgTNt0D
zSbrKXQAXPWRHhg3YmG0n9YjFVy3feeiei7Sb25qAUhGbV0uPbz1LsRigZHFZyG5
7uP6nYvz8XDs+MeSMYx1Wn5ABuFpV7LSk5vKOC97Ta0YibiiYzitTrgcDGn/AO8g
KW5nwiSVfKBqrguIoRgm7B3EwWc7F3GMgjLj5N5osjwd0VpN8E1HHmqF8Fb0jsAV
XtPeuytjFMJyYjFpBjtem9aWsUeFFO+1HMOILdCFWHJWFixZJVl4IU3nukZxJKg4
DltHhYgiLDFidpXhSWSen5gslErp6Jxs2DKe/lQlKcTO8pJs
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:21 2025 by rpki-client