Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: nwDzULqMTUe73Is+BhIvu8PgIpJTu0xrRQa90/hnKtQ=
Subject key identifier: 64:D1:0C:19:33:DB:74:42:56:CD:A9:3B:8A:20:EE:87:C9:8F:16:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33EE8A0EF801AE67048A77F47BBD0884D1084316
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Wed 05 Mar 2025 17:31:14 +0000
ROA not before: Wed 05 Mar 2025 17:31:14 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ee:8a:0e:f8:01:ae:67:04:8a:77:f4:7b:bd:08:84:d1:08:43:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:31:14 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:13:c0:95:2d:2b:4b:c7:fc:b1:33:02:09:
18:71:b3:56:20:0b:8a:9a:0d:a1:97:aa:7a:94:7e:
45:af:1b:df:47:07:0a:45:90:06:c3:bc:46:f8:77:
b2:fb:c6:50:7e:96:49:5b:fb:e0:ac:2f:23:d6:20:
86:a4:98:18:f4:29:6a:92:d0:09:47:91:b0:eb:86:
75:22:70:95:76:c6:52:e5:12:c2:98:41:b9:9a:05:
bc:ae:11:4f:9b:96:74:b3:44:ce:f5:45:d7:82:4a:
fd:08:d6:f2:7c:fd:80:45:10:72:b3:2e:b5:0b:1c:
3d:d2:b4:ef:2b:5f:6b:c7:e1:ff:24:c2:4e:06:3f:
28:bc:94:d2:fc:ce:d3:6f:f5:51:8b:fb:a1:0d:a2:
b4:4d:98:a8:a6:4a:7b:44:d9:2e:b1:03:f6:77:d2:
89:e0:c6:a3:e2:11:32:5e:24:32:cb:fc:58:61:b9:
71:3a:45:2d:bc:1b:91:e8:e2:5a:6f:b1:34:e9:b3:
bb:1b:c3:55:3c:cf:50:53:37:d3:20:7d:15:b0:5b:
9d:da:c6:c3:99:e2:21:31:5c:e9:38:5b:f2:f1:5d:
65:a3:37:c7:1b:ad:5e:08:ca:45:ee:9d:77:56:fc:
d6:a3:a3:4e:c3:fb:87:11:f0:72:d7:e5:2c:ee:3d:
8d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D1:0C:19:33:DB:74:42:56:CD:A9:3B:8A:20:EE:87:C9:8F:16:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:1f:43:68:ab:83:8a:dc:bc:85:16:8c:4f:c3:3b:16:69:11:
e8:53:a0:63:1b:2d:91:31:01:cb:f6:65:64:e1:e3:74:5a:05:
88:f5:94:95:0d:50:f9:06:75:59:b7:92:f0:b5:95:72:c7:4e:
c5:30:32:e3:74:54:bd:58:42:e9:b8:30:48:61:a7:60:f0:a7:
69:29:af:be:63:c6:07:a2:39:54:c4:c0:de:3f:fa:bc:66:b8:
5b:db:c2:d1:6c:e9:e1:35:32:53:9c:d3:96:e5:4b:b5:c2:25:
0c:ca:4e:41:91:4d:37:b1:06:72:b0:ad:e0:bd:72:47:8a:1a:
28:60:a0:d2:4c:ab:cf:1d:fe:9a:7b:53:b4:e7:af:f8:61:d8:
5b:4f:98:7e:d1:44:74:bd:2b:8a:cd:43:cf:48:b0:a3:21:4e:
d5:4a:e2:cb:82:c6:1c:fc:e7:a0:52:0c:8f:fd:82:ef:da:38:
5e:ef:3e:cb:ff:3f:15:7e:b5:64:92:d7:10:9f:42:98:e0:e5:
25:82:2b:90:fe:5c:20:97:51:57:b2:52:89:c7:07:0f:a8:39:
15:59:fd:2b:8b:14:3e:cf:82:e2:ea:d8:78:9a:09:75:69:1a:
25:a2:77:4c:4f:9a:42:0d:b1:54:0b:89:6a:b8:3b:4d:a4:bf:
81:f1:c0:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM+6KDvgBrmcEinf0e70IhNEIQxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzMxMTRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NDBlODU2MGYyZjkwNGIzMGI2MDA0MWRjMWI2YTg3YTg4MjJlYjZjZmJm
NzljYmJhOTc0YjUyMTlhYzI4YmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB1E8CVLStLx/yxMwIJGHGzViALipoNoZeqepR+Ra8b30cHCkWQBsO8Rvh3
svvGUH6WSVv74KwvI9YghqSYGPQpapLQCUeRsOuGdSJwlXbGUuUSwphBuZoFvK4R
T5uWdLNEzvVF14JK/QjW8nz9gEUQcrMutQscPdK07ytfa8fh/yTCTgY/KLyU0vzO
02/1UYv7oQ2itE2YqKZKe0TZLrED9nfSieDGo+IRMl4kMsv8WGG5cTpFLbwbkeji
Wm+xNOmzuxvDVTzPUFM30yB9FbBbndrGw5niITFc6Thb8vFdZaM3xxutXgjKRe6d
d1b81qOjTsP7hxHwctflLO49jcMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRk0QwZ
M9t0QlbNqTuKIO6HyY8WiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCyH0Noq4OK3LyFFoxPwzsWaRHoU6BjGy2RMQHL
9mVk4eN0WgWI9ZSVDVD5BnVZt5LwtZVyx07FMDLjdFS9WELpuDBIYadg8KdpKa++
Y8YHojlUxMDeP/q8Zrhb28LRbOnhNTJTnNOW5Uu1wiUMyk5BkU03sQZysK3gvXJH
ihooYKDSTKvPHf6ae1O056/4YdhbT5h+0UR0vSuKzUPPSLCjIU7VSuLLgsYc/Oeg
UgyP/YLv2jhe7z7L/z8VfrVkktcQn0KY4OUlgiuQ/lwgl1FXslKJxwcPqDkVWf0r
ixQ+z4Li6th4mgl1aRolondMT5pCDbFUC4lquDtNpL+B8cB5
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:43 2025 by rpki-client