Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
File: 8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa (raw, json)
Hash identifier: tH137eTJjW/IKU2Nwsm5Q066hXcxRbGSRxVFsUhl7ds=
Subject key identifier: 3D:BA:DA:17:EE:5D:5D:B8:B1:32:6D:91:77:73:59:ED:0F:B1:0F:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 109082448B6A2F19EFDB602AFC51E576431A49A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
Signing time: Fri 21 Mar 2025 15:00:18 +0000
ROA not before: Fri 21 Mar 2025 15:00:18 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:90:82:44:8b:6a:2f:19:ef:db:60:2a:fc:51:e5:76:43:1a:49:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:18 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:89:a6:b4:e7:6f:39:9b:1e:1d:b4:a1:a4:d7:
40:cc:19:ca:bf:0c:0a:e8:8f:50:03:95:bd:7a:83:
43:cb:a2:41:85:26:69:46:6f:a0:c0:70:4d:83:2c:
9f:bf:d5:03:f4:b8:53:f8:1d:5b:30:32:b3:b2:9f:
d7:8e:93:8d:76:0a:b5:2a:00:36:b0:d3:0c:62:51:
26:93:4c:5b:23:08:02:5a:8a:b5:d1:45:51:84:cf:
e3:7f:ab:d5:29:d5:d6:9e:4a:9b:e4:18:67:2c:cf:
79:99:54:b4:d1:28:f4:64:e5:00:e9:b8:d0:d1:10:
7c:49:82:86:90:b6:65:ec:b9:ee:1d:8d:20:f2:a9:
c3:73:f0:ab:1f:84:4d:5b:41:b1:54:00:0f:64:5f:
28:55:ad:43:33:6c:86:e1:57:6a:dd:1d:1f:7e:33:
40:eb:61:fb:fa:e0:1a:d5:16:77:0b:e7:7c:e7:18:
4b:b4:de:75:9e:5b:b7:ee:ac:8f:39:d7:b8:f6:f8:
c4:e7:2d:6a:86:14:b9:c9:c7:46:65:c5:07:a7:ad:
7c:dd:8f:26:b7:3a:24:22:bc:c0:fe:ad:2d:7d:d3:
68:4d:62:b7:f8:39:23:eb:96:43:fa:be:02:ee:5c:
96:07:b3:35:3b:c2:b1:84:54:4a:82:9e:7c:f7:b7:
d6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BA:DA:17:EE:5D:5D:B8:B1:32:6D:91:77:73:59:ED:0F:B1:0F:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:6e:27:b7:c8:50:a8:d9:cd:5f:91:6a:1c:a0:6a:81:51:62:
34:10:91:c4:a6:8e:b3:d8:b5:2f:9a:3e:69:2d:fc:b1:60:10:
55:93:0c:b2:19:fa:24:2f:8e:13:4f:45:07:94:16:ac:31:b5:
9f:d1:41:21:3c:6b:53:82:d5:09:ab:f9:26:8f:7b:aa:4d:9d:
4d:c5:fb:ee:dd:eb:61:1d:be:12:db:8e:a3:35:e8:bf:f2:a1:
03:2e:ab:87:5f:55:91:08:a1:5a:5a:75:bf:2e:97:ba:92:67:
53:25:d4:7b:f2:0f:e0:59:d3:5d:3a:4f:f9:a5:2f:a5:7f:fa:
d0:69:dc:11:87:4f:c2:6a:9c:8e:2d:99:4c:37:1a:d5:61:48:
79:fc:e3:fd:fc:3d:70:e9:99:5b:8d:a5:ca:b9:36:55:25:e9:
81:9b:9a:c2:03:e0:aa:d1:0e:7e:29:4c:5d:5b:77:80:3e:6b:
30:d6:5e:d0:07:fa:10:e8:be:0a:50:41:12:d8:62:0b:00:6b:
b3:27:30:ed:c1:b1:2c:b3:fe:c3:3e:b9:88:fb:fc:bd:90:76:
78:dd:37:51:bf:96:0d:56:83:b2:20:65:f5:c9:7e:0c:09:a1:
1c:9c:33:5a:4d:96:59:b0:a9:24:11:f1:5e:40:71:50:ca:23:
ed:58:83:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEJCCRItqLxnv22Aq/FHldkMaSaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwMThaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMDQyNjQ4MzNlOTAzMDZjOGYyODg2YjZmMTY1ZjkwNjExMDU2NTg3NGVl
ZjYyM2I5YzljM2MxMTA1YWJjMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaJprTnbzmbHh20oaTXQMwZyr8MCuiPUAOVvXqDQ8uiQYUmaUZvoMBwTYMs
n7/VA/S4U/gdWzAys7Kf146TjXYKtSoANrDTDGJRJpNMWyMIAlqKtdFFUYTP43+r
1SnV1p5Km+QYZyzPeZlUtNEo9GTlAOm40NEQfEmChpC2Zey57h2NIPKpw3Pwqx+E
TVtBsVQAD2RfKFWtQzNshuFXat0dH34zQOth+/rgGtUWdwvnfOcYS7TedZ5bt+6s
jznXuPb4xOctaoYUucnHRmXFB6etfN2PJrc6JCK8wP6tLX3TaE1it/g5I+uWQ/q+
Au5clgezNTvCsYRUSoKefPe31uUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9utoX
7l1duLEybZF3c1ntD7EPKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGZhNTQ0MmQtZjdiNi00NTMxLTlkM2UtZjYxZTNlODkyMGU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCabie3yFCo2c1fkWocoGqBUWI0EJHEpo6z2LUv
mj5pLfyxYBBVkwyyGfokL44TT0UHlBasMbWf0UEhPGtTgtUJq/kmj3uqTZ1Nxfvu
3ethHb4S246jNei/8qEDLquHX1WRCKFaWnW/Lpe6kmdTJdR78g/gWdNdOk/5pS+l
f/rQadwRh0/CapyOLZlMNxrVYUh5/OP9/D1w6ZlbjaXKuTZVJemBm5rCA+Cq0Q5+
KUxdW3eAPmsw1l7QB/oQ6L4KUEES2GILAGuzJzDtwbEss/7DPrmI+/y9kHZ43TdR
v5YNVoOyIGX1yX4MCaEcnDNaTZZZsKkkEfFeQHFQyiPtWINt
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:18 2025 by rpki-client