Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
File: 9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa (raw, json)
Hash identifier: yKxDEeO0IX7NdM4pL+CaaXyMU2pZW7qyy8/yX6ELFOU=
Subject key identifier: 30:69:EA:9C:15:BB:E4:5B:B0:14:AC:4E:DE:F0:4D:BC:23:A0:ED:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E250270BCFD9FD923975D5C30E3624E816A9AC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
Signing time: Wed 05 Mar 2025 16:50:48 +0000
ROA not before: Wed 05 Mar 2025 16:50:48 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:25:02:70:bc:fd:9f:d9:23:97:5d:5c:30:e3:62:4e:81:6a:9a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:50:48 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:cb:d0:20:ed:4f:3d:7b:dd:03:cc:a2:b9:
c9:86:6d:bf:d7:e5:c0:15:22:c0:dd:bb:42:a9:07:
c5:43:25:6a:14:e2:67:e5:48:1a:5b:21:45:43:30:
68:15:a6:5b:40:78:69:b9:50:9e:7d:57:ba:6a:33:
16:19:26:ba:0e:ca:e1:52:e8:63:18:a2:6d:d0:25:
ee:5c:64:10:09:f1:a3:7f:a1:34:48:52:44:91:78:
e9:d5:6f:78:60:89:90:5b:1c:85:02:eb:18:47:70:
11:04:07:e1:30:f1:95:d8:a9:bd:1f:7e:f9:bd:09:
77:fd:89:39:76:f5:c5:16:3c:40:d7:84:86:ef:51:
48:23:1c:65:a2:bf:9b:d3:8e:20:5f:63:26:6c:51:
71:77:37:b7:eb:50:ee:8d:44:af:35:f0:18:82:6f:
29:22:9a:eb:58:bb:0e:18:62:47:18:b8:51:88:b5:
bf:73:76:2e:70:7a:ce:fd:75:43:4f:6b:37:92:20:
8c:5f:94:7c:67:38:75:9f:f8:09:5c:52:3f:86:12:
5b:3b:78:40:e0:0e:ee:8f:86:27:29:ff:dd:28:be:
63:a4:75:38:3b:28:f9:16:26:d9:69:78:38:63:1d:
b9:2a:89:b6:a9:58:44:f1:3d:ac:09:36:4b:03:43:
56:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:69:EA:9C:15:BB:E4:5B:B0:14:AC:4E:DE:F0:4D:BC:23:A0:ED:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9040::/48
Signature Algorithm: sha256WithRSAEncryption
01:8e:09:85:f0:69:30:82:cf:61:16:22:14:f8:28:1a:39:49:
51:b3:e6:7d:80:17:f6:6b:c2:74:35:c8:ef:30:b7:5f:bf:29:
4b:09:c7:22:c4:f0:70:2e:14:70:d5:5b:f4:fb:30:30:32:68:
34:40:fc:1f:e8:4e:ab:c4:75:ae:91:2e:3a:45:b5:1c:d6:be:
3a:0e:7d:96:1f:1a:06:14:45:f4:b5:ed:c8:c5:25:fa:41:58:
54:36:c4:7b:43:9a:ef:aa:10:2e:46:45:d2:16:86:de:b4:a2:
e7:30:e5:47:88:b8:0c:2f:2c:67:34:86:18:e4:a4:a4:50:0e:
90:a1:0c:76:70:82:d6:04:93:2f:0c:60:81:e2:3d:2a:3b:ea:
e4:03:3c:7f:e3:a8:f4:1c:54:60:e0:b5:67:a5:ba:80:10:51:
b1:08:48:42:d6:57:a2:46:c2:94:59:2a:1f:76:fb:ad:b8:c3:
15:ac:75:9a:6c:f9:7c:63:fa:4c:4f:3f:c5:a0:e4:cb:99:94:
ff:63:26:75:e4:32:9b:17:48:15:2f:89:f3:6a:18:e3:9d:1d:
6f:b7:66:c0:d7:f6:67:ec:7d:17:53:6f:bc:77:74:d4:af:09:
7b:cc:61:22:b0:4b:f2:32:fe:f7:a3:21:90:1a:77:fb:84:12:
2e:7b:9b:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULiUCcLz9n9kjl11cMONiToFqmscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjUwNDhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5MDk4NTgyMjc5YTFjYTViZGY0ZDQ0NjNkMmNmY2ZkMjFjYTk4NzEyZTdi
NzhkOTU5M2IwYzgyMDI1NmM2MjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwPy9Ag7U89e90DzKK5yYZtv9flwBUiwN27QqkHxUMlahTiZ+VIGlshRUMw
aBWmW0B4ablQnn1XumozFhkmug7K4VLoYxiibdAl7lxkEAnxo3+hNEhSRJF46dVv
eGCJkFschQLrGEdwEQQH4TDxldipvR9++b0Jd/2JOXb1xRY8QNeEhu9RSCMcZaK/
m9OOIF9jJmxRcXc3t+tQ7o1ErzXwGIJvKSKa61i7DhhiRxi4UYi1v3N2LnB6zv11
Q09rN5IgjF+UfGc4dZ/4CVxSP4YSWzt4QOAO7o+GJyn/3Si+Y6R1ODso+RYm2Wl4
OGMduSqJtqlYRPE9rAk2SwNDVksCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwaeqc
FbvkW7AUrE7e8E28I6Dt3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIwNzU5NWUtM2JiYy00NWY3LThmMGEtODEzZTFiMDFmOWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAAY4JhfBpMILPYRYiFPgoGjlJUbPmfYAX9mvC
dDXI7zC3X78pSwnHIsTwcC4UcNVb9PswMDJoNED8H+hOq8R1rpEuOkW1HNa+Og59
lh8aBhRF9LXtyMUl+kFYVDbEe0Oa76oQLkZF0haG3rSi5zDlR4i4DC8sZzSGGOSk
pFAOkKEMdnCC1gSTLwxggeI9Kjvq5AM8f+Oo9BxUYOC1Z6W6gBBRsQhIQtZXokbC
lFkqH3b7rbjDFax1mmz5fGP6TE8/xaDky5mU/2MmdeQymxdIFS+J82oY450db7dm
wNf2Z+x9F1NvvHd01K8Je8xhIrBL8jL+96MhkBp3+4QSLnubIg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:27 2025 by rpki-client