Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: oNTZyaQMpl3FxuLB4XMHunUQ97HRtLTxJPqHNvV06RI=
Subject key identifier: E5:8D:7B:95:FE:DD:FC:2A:82:20:99:D5:D4:18:8F:9C:37:AB:BA:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74DF1B25732DFB8D39136936DEE2D30EB30B4732
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Wed 05 Mar 2025 16:10:13 +0000
ROA not before: Wed 05 Mar 2025 16:10:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:df:1b:25:73:2d:fb:8d:39:13:69:36:de:e2:d3:0e:b3:0b:47:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:10:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:45:1a:c9:81:e1:67:37:cd:6c:42:c2:9d:61:
ca:cd:6b:a7:8e:fd:d7:e1:67:c7:4b:c6:df:a6:50:
82:32:a2:89:a1:9c:f7:34:6f:01:dd:c3:3b:65:c9:
82:7c:49:b3:e8:32:82:a1:f6:3a:be:2f:03:a5:3a:
d0:4c:01:cf:99:bb:2c:ad:bd:7c:2d:3b:ce:5f:df:
49:bf:ac:96:a1:9b:a3:74:f2:69:66:39:af:ba:cd:
5e:44:f6:f6:ec:2e:d2:d5:8d:54:03:42:58:75:ac:
5d:61:60:c9:25:3d:a4:c2:c8:aa:9d:bd:a7:75:78:
91:6e:9b:e9:9c:58:a4:85:2e:4e:60:2f:48:e9:a4:
17:b2:6a:c4:e6:9c:20:96:d3:dc:e2:fe:76:48:93:
67:49:df:cd:5b:66:48:a8:b9:f9:e0:9d:e9:66:61:
ec:9f:53:4f:0f:e0:c5:1d:95:93:e0:42:cb:09:d3:
ea:b1:2a:c3:5e:c8:83:c4:51:42:f4:04:90:82:53:
02:a1:6a:4f:b3:04:4e:a8:b5:d6:08:a3:18:84:51:
87:8c:52:b2:9b:82:96:d2:a9:3f:6f:b7:a4:d1:86:
61:77:6a:26:6d:4b:9a:d0:5f:20:52:b7:ac:c5:27:
b4:00:a4:aa:21:6f:73:61:3f:65:73:38:fb:16:fb:
27:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8D:7B:95:FE:DD:FC:2A:82:20:99:D5:D4:18:8F:9C:37:AB:BA:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
51:59:f1:d2:23:c5:d9:65:5d:18:00:fe:de:51:57:ef:f2:67:
7e:fa:8a:4b:07:a2:8d:13:11:78:6c:6a:70:84:58:9e:7d:a5:
68:b7:62:dd:1d:ca:ea:c9:06:20:7a:7d:55:71:21:be:47:19:
a4:6e:0f:68:a0:e0:6f:74:0f:93:5f:ed:ea:ef:f0:3e:7b:40:
dd:a8:68:d6:e3:b6:23:86:0f:43:a6:72:10:09:dd:d9:f3:9e:
92:21:3a:27:ce:97:9d:fd:76:10:f6:98:b8:99:02:c9:7a:b0:
86:cf:52:71:82:0b:5f:01:2c:ae:ac:83:25:ba:44:3f:f8:4e:
75:ba:8f:f0:2a:d0:1b:6b:95:83:1b:0f:32:3e:2e:3f:3e:99:
64:02:4a:68:b4:31:1d:52:d1:d3:95:c3:a2:aa:94:45:d1:6a:
9b:96:f4:68:7d:c3:73:36:c8:0e:8a:19:ad:bd:04:85:28:94:
b3:a7:25:b7:13:43:3c:f0:3c:84:c5:ec:ae:66:ae:dc:b2:6d:
24:8b:fb:18:c5:67:1a:11:27:cf:92:94:33:fe:75:ef:85:cd:
c0:2d:f3:7b:96:e8:f5:81:59:f1:39:13:23:23:80:ee:03:fc:
7b:c4:71:c5:d3:aa:6b:0d:11:e2:bf:6c:a2:d1:28:10:ff:39:
01:48:b0:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdN8bJXMt+405E2k23uLTDrMLRzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjEwMTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0OTM4YTdjZGJkNjhiYzkxZDZmNmYzZWNiZjRjNTliNzZhN2E3YzdkODQw
MGY4MDU0NjM4NGYzODdiODRkNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZFGsmB4Wc3zWxCwp1hys1rp4791+Fnx0vG36ZQgjKiiaGc9zRvAd3DO2XJ
gnxJs+gygqH2Or4vA6U60EwBz5m7LK29fC07zl/fSb+slqGbo3TyaWY5r7rNXkT2
9uwu0tWNVANCWHWsXWFgySU9pMLIqp29p3V4kW6b6ZxYpIUuTmAvSOmkF7JqxOac
IJbT3OL+dkiTZ0nfzVtmSKi5+eCd6WZh7J9TTw/gxR2Vk+BCywnT6rEqw17Ig8RR
QvQEkIJTAqFqT7METqi11gijGIRRh4xSspuCltKpP2+3pNGGYXdqJm1LmtBfIFK3
rMUntACkqiFvc2E/ZXM4+xb7J90CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTljXuV
/t38KoIgmdXUGI+cN6u67TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEAUVnx0iPF2WVdGAD+3lFX7/JnfvqKSweijRMR
eGxqcIRYnn2laLdi3R3K6skGIHp9VXEhvkcZpG4PaKDgb3QPk1/t6u/wPntA3aho
1uO2I4YPQ6ZyEAnd2fOekiE6J86Xnf12EPaYuJkCyXqwhs9ScYILXwEsrqyDJbpE
P/hOdbqP8CrQG2uVgxsPMj4uPz6ZZAJKaLQxHVLR05XDoqqURdFqm5b0aH3DczbI
DooZrb0EhSiUs6cltxNDPPA8hMXsrmau3LJtJIv7GMVnGhEnz5KUM/5174XNwC3z
e5bo9YFZ8TkTIyOA7gP8e8RxxdOqaw0R4r9sotEoEP85AUiw3Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:57 2025 by rpki-client