Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
File: 9843a73f-18f2-433e-b871-f493b0645337.roa (raw, json)
Hash identifier: qyp+5hKaPryImgSvuYYShcuu+0gMbHYbZhxaSyL9uxY=
Subject key identifier: 84:42:0F:ED:64:E3:45:BA:1A:01:FE:46:26:84:80:83:AE:95:5E:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27FDF473012892C6F215C030923625893447FE51
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
Signing time: Wed 26 Mar 2025 19:23:40 +0000
ROA not before: Wed 26 Mar 2025 19:23:40 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:fd:f4:73:01:28:92:c6:f2:15:c0:30:92:36:25:89:34:47:fe:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 26 19:23:40 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:c0:9b:76:ba:9d:a2:b4:c0:a0:16:c8:aa:
24:8c:f4:2a:3e:df:3b:d0:d7:84:63:57:1d:ef:d3:
02:01:f6:db:1f:8f:cb:ee:5a:32:bd:24:f2:3f:b5:
0d:e6:4f:cb:c2:26:25:9a:f0:81:73:2a:50:4e:22:
fd:7d:97:07:a5:53:c0:92:ae:82:ae:85:3d:a4:0a:
da:ff:0f:8f:7c:8e:15:8b:8f:48:3e:12:67:e5:68:
2a:6b:ef:e1:cd:0c:2d:49:db:c8:9f:10:fd:be:e0:
53:34:20:2a:0d:c0:30:8d:9b:ca:31:33:d2:57:8a:
df:94:10:e2:ee:e4:7d:fc:66:72:a4:a4:9b:3e:74:
78:ee:aa:a6:96:b1:a2:05:a7:00:96:ae:c1:43:df:
b5:cf:99:20:ef:93:5d:0d:b3:ea:4c:91:d5:9d:55:
dc:88:50:d8:46:58:73:9c:2c:2c:fc:7c:00:77:a5:
1e:6e:9b:b3:2e:b3:b9:fd:8e:64:9c:3c:dd:44:6c:
9c:a1:4b:2b:17:2a:a7:db:98:0c:84:96:70:b8:8b:
0a:0b:ee:ba:85:07:e7:76:25:b9:c6:ad:cc:1a:33:
47:7d:df:ff:aa:ef:10:f0:9a:b0:e8:50:66:9a:ba:
f1:59:80:4c:f0:20:06:49:b2:9e:90:bb:25:b4:0c:
cd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:42:0F:ED:64:E3:45:BA:1A:01:FE:46:26:84:80:83:AE:95:5E:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:800::/40
Signature Algorithm: sha256WithRSAEncryption
61:a7:6a:54:81:29:f6:dc:8b:94:e2:19:9a:27:47:b2:78:9b:
0e:54:c3:af:a9:72:bb:73:6c:fa:42:80:d0:46:c4:40:26:96:
a2:72:c4:ae:a7:5d:8d:e3:1b:62:a7:52:29:f7:8e:4a:9b:f8:
81:87:db:c9:7c:7f:00:10:d0:85:92:8f:91:77:fe:aa:91:c6:
ee:f7:95:62:3d:ef:11:d0:31:28:de:49:b3:75:32:c9:b4:9e:
64:fd:be:00:29:05:90:59:a8:08:fe:fc:5c:78:f7:23:a7:47:
01:ff:56:b2:06:12:94:36:95:99:b1:6c:f5:42:26:6f:6f:f6:
ef:70:4f:81:b5:b5:61:b9:8f:b4:99:e1:19:41:7a:71:e5:54:
ca:c8:bc:e4:58:a6:fa:a0:65:b6:e0:3d:0b:9b:6e:a2:77:f3:
34:d8:5a:0d:df:2c:07:ee:1c:6f:82:44:f9:00:48:09:1f:99:
cd:55:d3:7f:bb:67:47:17:0c:86:7a:07:87:4f:fe:a2:e4:bf:
d0:d7:ed:7f:f1:43:13:51:ad:c5:cd:fa:6d:2d:d3:b1:f7:f4:
cc:59:33:72:83:f4:67:dc:f2:37:9b:d7:b4:32:c5:a1:8c:e3:
17:10:8f:80:3d:ff:d2:1d:e1:3d:01:f1:41:17:85:47:89:1a:
1c:ea:fe:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ/30cwEoksbyFcAwkjYliTRH/lEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjYxOTIzNDBaFw0yNTA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNjdmNGViZTg2Y2JmZGQwZDFkMWZjNGNjYmJiZjdiOWFjOGJmMmVjNDgx
OTBhOWQ4MmVlMWYxZmI2MzM4MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaVwJt2up2itMCgFsiqJIz0Kj7fO9DXhGNXHe/TAgH22x+Py+5aMr0k8j+1
DeZPy8ImJZrwgXMqUE4i/X2XB6VTwJKugq6FPaQK2v8Pj3yOFYuPSD4SZ+VoKmvv
4c0MLUnbyJ8Q/b7gUzQgKg3AMI2byjEz0leK35QQ4u7kffxmcqSkmz50eO6qppax
ogWnAJauwUPftc+ZIO+TXQ2z6kyR1Z1V3IhQ2EZYc5wsLPx8AHelHm6bsy6zuf2O
ZJw83URsnKFLKxcqp9uYDISWcLiLCgvuuoUH53YlucatzBozR33f/6rvEPCasOhQ
Zpq68VmATPAgBkmynpC7JbQMzesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEQg/t
ZONFuhoB/kYmhICDrpVeKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTg0M2E3M2YtMThmMi00MzNlLWI4NzEtZjQ5M2IwNjQ1MzM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoI
MA0GCSqGSIb3DQEBCwUAA4IBAQBhp2pUgSn23IuU4hmaJ0eyeJsOVMOvqXK7c2z6
QoDQRsRAJpaicsSup12N4xtip1Ip945Km/iBh9vJfH8AENCFko+Rd/6qkcbu95Vi
Pe8R0DEo3kmzdTLJtJ5k/b4AKQWQWagI/vxcePcjp0cB/1ayBhKUNpWZsWz1QiZv
b/bvcE+BtbVhuY+0meEZQXpx5VTKyLzkWKb6oGW24D0Lm26id/M02FoN3ywH7hxv
gkT5AEgJH5nNVdN/u2dHFwyGegeHT/6i5L/Q1+1/8UMTUa3FzfptLdOx9/TMWTNy
g/Rn3PI3m9e0MsWhjOMXEI+APf/SHeE9AfFBF4VHiRoc6v6u
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:30 2025 by rpki-client