Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: K3h9Dq5dpswmV7wX83MF32ST69NPLoaZNc6LlVybZgk=
Subject key identifier: DC:4A:82:B6:2A:ED:47:55:56:64:AF:E0:7F:1B:2C:1C:DF:EF:12:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 427404CE96A4615A7D7661E21ED0530AC21B4AC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Wed 05 Mar 2025 16:30:25 +0000
ROA not before: Wed 05 Mar 2025 16:30:25 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:74:04:ce:96:a4:61:5a:7d:76:61:e2:1e:d0:53:0a:c2:1b:4a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:30:25 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:65:3f:34:a4:87:bd:dc:e2:27:23:83:45:95:
a7:fb:07:00:6c:e3:28:27:43:d9:99:d7:5e:35:5e:
a8:5f:0a:4d:10:5c:bb:b0:85:ef:66:76:a6:3a:39:
02:75:26:39:1c:e3:03:b4:d9:d3:e8:fb:4a:ec:e4:
f2:23:62:61:e0:cd:c8:04:35:28:92:8b:cd:8e:0c:
4a:5e:ef:b2:31:de:fa:c6:97:de:42:b9:b4:6d:01:
d8:c8:e0:83:ae:99:21:1a:31:58:c4:f7:48:ca:82:
00:63:9c:0c:0b:ff:84:5a:bf:19:47:d8:e5:03:6f:
68:48:61:e7:9d:48:ee:f4:03:88:f4:15:ce:6e:23:
23:88:43:cc:1b:5c:94:a3:7c:48:ef:57:a8:a9:0a:
35:7e:73:28:00:e0:64:8c:04:3b:6b:d4:a4:f9:f0:
7a:b4:f8:cb:7f:e0:68:a0:ca:92:10:10:58:3a:de:
76:c6:29:cf:21:e2:e7:0e:18:1f:1f:82:6b:a7:86:
29:65:b8:f2:5d:82:d9:61:18:f4:ba:7e:aa:96:c1:
3d:0a:8e:f6:c7:c6:50:c6:06:34:c9:d0:aa:4a:7f:
95:9a:10:6d:a4:f6:40:d0:b1:57:3e:b4:7d:7c:f5:
6a:48:7a:12:19:29:30:d9:a4:37:ca:17:c5:0a:c7:
cb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4A:82:B6:2A:ED:47:55:56:64:AF:E0:7F:1B:2C:1C:DF:EF:12:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
41:a1:97:67:02:ed:4a:1c:40:37:db:f7:f6:e4:44:9e:be:ca:
09:40:19:23:bb:37:bf:57:65:5f:12:27:52:ef:2c:e7:32:54:
27:16:8a:4d:ed:8a:cb:4e:d9:07:e4:f9:f1:f7:a2:b6:67:37:
3e:61:4f:5e:05:8e:1c:42:c1:3c:11:b9:b7:c0:0b:d7:cc:e9:
3d:57:0e:1a:ba:3a:58:d9:57:51:1d:ad:55:84:dc:1d:22:34:
67:c0:3c:35:b9:6c:13:98:34:ea:ca:61:da:f1:f3:d6:34:4c:
f2:53:97:44:74:88:e2:a9:f6:02:e8:eb:3b:22:9c:c0:a3:76:
c9:c4:39:89:ba:a5:53:fe:6e:4a:6d:30:90:39:03:60:44:f9:
3b:ea:23:c7:eb:9f:b8:ba:86:d4:e0:f1:3d:ac:18:03:2f:e1:
ac:02:15:58:cc:5a:23:e5:52:02:20:c8:37:49:21:06:8e:e3:
27:2c:78:87:cb:79:9a:dd:9e:ee:b7:91:d6:38:30:4b:48:23:
bb:a0:f8:05:03:c7:60:4c:e0:64:1f:65:cd:13:d4:eb:86:0d:
28:45:ba:a5:c4:2f:d7:61:48:09:9d:02:92:74:40:18:9b:2c:
08:88:7d:4b:2e:cd:48:80:87:f2:62:93:cb:07:97:9d:8e:70:
57:29:16:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQnQEzpakYVp9dmHiHtBTCsIbSsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjMwMjVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NzE0NTUzYzc2MDIyYjkxNzQ3MGFlNWJlMDVjYjVkNzVlNGEyZWY4NGQx
NDI1Y2QyOGNmYTcyN2E0Mjg0MWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdlPzSkh73c4icjg0WVp/sHAGzjKCdD2ZnXXjVeqF8KTRBcu7CF72Z2pjo5
AnUmORzjA7TZ0+j7Suzk8iNiYeDNyAQ1KJKLzY4MSl7vsjHe+saX3kK5tG0B2Mjg
g66ZIRoxWMT3SMqCAGOcDAv/hFq/GUfY5QNvaEhh551I7vQDiPQVzm4jI4hDzBtc
lKN8SO9XqKkKNX5zKADgZIwEO2vUpPnwerT4y3/gaKDKkhAQWDredsYpzyHi5w4Y
Hx+Ca6eGKWW48l2C2WEY9Lp+qpbBPQqO9sfGUMYGNMnQqkp/lZoQbaT2QNCxVz60
fXz1akh6EhkpMNmkN8oXxQrHyz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcSoK2
Ku1HVVZkr+B/Gywc3+8SZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBBoZdnAu1KHEA32/f25ESevsoJQBkjuze/V2Vf
EidS7yznMlQnFopN7YrLTtkH5Pnx96K2Zzc+YU9eBY4cQsE8Ebm3wAvXzOk9Vw4a
ujpY2VdRHa1VhNwdIjRnwDw1uWwTmDTqymHa8fPWNEzyU5dEdIjiqfYC6Os7IpzA
o3bJxDmJuqVT/m5KbTCQOQNgRPk76iPH65+4uobU4PE9rBgDL+GsAhVYzFoj5VIC
IMg3SSEGjuMnLHiHy3ma3Z7ut5HWODBLSCO7oPgFA8dgTOBkH2XNE9Trhg0oRbql
xC/XYUgJnQKSdEAYmywIiH1LLs1IgIfyYpPLB5edjnBXKRZ3
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:01 2025 by rpki-client