Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: mOd9mgLWt8cidcneRaUgFmX18wiocXEVg8DbkP3vU3w=
Subject key identifier: A3:C1:C4:AA:F1:18:67:4E:21:59:D3:84:28:E2:0A:16:CB:6F:18:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3540CEDD8289F92110E641A650D5D846541781D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Wed 05 Mar 2025 17:50:16 +0000
ROA not before: Wed 05 Mar 2025 17:50:16 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:40:ce:dd:82:89:f9:21:10:e6:41:a6:50:d5:d8:46:54:17:81:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:50:16 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:07:c4:7e:24:ed:b1:27:86:0c:d0:d5:57:
4c:16:a1:36:74:90:f2:bb:bd:29:39:be:2e:a2:02:
ef:e2:79:da:50:6a:f3:f1:69:a6:ea:07:3f:32:8f:
2e:08:bf:ab:00:b7:13:9a:b1:e2:fc:2e:3a:c3:9a:
f4:c3:e6:1d:b0:09:7f:1f:b0:e1:8c:42:a2:66:59:
09:4c:5d:1e:93:d7:5d:09:1e:e8:3c:aa:1f:f7:1b:
2c:60:21:5b:04:ee:98:44:33:b8:d7:a7:73:2f:6e:
f2:e1:ef:8f:e9:63:cb:45:c6:13:39:5c:ef:4c:ea:
38:c3:05:d5:c4:3c:05:ac:78:12:d9:af:8d:5f:6e:
35:ba:1a:3f:bf:65:93:58:39:00:1d:d2:ed:df:40:
6c:f4:da:8d:ab:81:1c:da:e5:f3:8e:41:c3:6d:9d:
a3:a5:c6:e1:90:56:e2:3a:35:32:49:83:69:4e:3d:
42:2d:53:8d:56:59:b5:b9:82:4a:be:96:52:29:10:
4d:a2:2a:3d:02:8f:e0:75:60:be:d3:ab:37:ae:8c:
c7:59:6c:2a:d9:0f:51:02:64:5d:9b:b7:1f:1b:f1:
4d:58:66:d4:63:31:da:6d:26:d6:88:c2:cc:32:cb:
ad:47:78:30:7d:e1:10:ae:f2:6f:e5:ce:c0:e7:c5:
66:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C1:C4:AA:F1:18:67:4E:21:59:D3:84:28:E2:0A:16:CB:6F:18:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
0f:3b:90:ee:04:92:bb:d5:8e:e7:3f:39:43:a2:22:3c:7e:3e:
59:82:6e:c4:54:32:35:a4:8b:61:23:e4:69:72:57:a8:cc:f4:
47:37:a4:d2:53:87:c3:20:ea:e9:c0:70:cf:c2:8b:70:bc:15:
16:c8:22:a0:2c:df:96:4b:0c:fc:4b:ba:67:49:31:b1:b3:c4:
23:5f:22:c6:9f:26:47:ed:b4:b6:2f:d3:56:db:d0:ac:8a:7f:
88:7a:6c:1a:8f:5f:7a:a9:6e:eb:c7:10:ef:c2:39:4d:24:57:
ab:39:4d:36:46:f6:7d:28:d5:e7:26:b0:90:2d:ff:a1:30:97:
f1:fa:b8:fa:e8:87:e7:42:b9:cb:2f:79:c9:a3:ae:b6:99:81:
32:87:7f:24:51:7e:42:d2:ff:d2:13:0f:56:4b:7b:6d:7f:73:
1b:e8:31:bb:f7:05:45:68:17:5e:d8:0d:2e:7c:9d:89:65:9c:
f9:bb:04:54:14:b4:7b:00:9a:b7:99:37:74:4e:81:06:44:bf:
d2:66:52:39:8f:50:d3:9c:9d:39:67:43:29:40:62:bb:03:56:
32:7f:65:55:23:a8:a6:73:fb:7f:2d:2c:eb:00:12:a4:ba:de:
f0:2e:37:46:62:80:61:b3:42:96:15:ea:6c:5c:e2:e2:9a:c1:
3d:6b:da:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNUDO3YKJ+SEQ5kGmUNXYRlQXgdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzUwMTZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzNTE5Y2E0MzQwZTkxOGQ0ZGNjZGExMmE0ZTJjN2MwMDRjNTgyMjQ4MDcx
MzU3ZDYzY2Y2ZTMxOTFiZDVmZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1JB8R+JO2xJ4YM0NVXTBahNnSQ8ru9KTm+LqIC7+J52lBq8/FppuoHPzKP
Lgi/qwC3E5qx4vwuOsOa9MPmHbAJfx+w4YxComZZCUxdHpPXXQke6DyqH/cbLGAh
WwTumEQzuNency9u8uHvj+ljy0XGEzlc70zqOMMF1cQ8Bax4EtmvjV9uNboaP79l
k1g5AB3S7d9AbPTajauBHNrl845Bw22do6XG4ZBW4jo1MkmDaU49Qi1TjVZZtbmC
Sr6WUikQTaIqPQKP4HVgvtOrN66Mx1lsKtkPUQJkXZu3HxvxTVhm1GMx2m0m1ojC
zDLLrUd4MH3hEK7yb+XOwOfFZokCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjwcSq
8RhnTiFZ04Qo4goWy28YJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPO5DuBJK71Y7nPzlDoiI8fj5Zgm7EVDI1pIth
I+RpcleozPRHN6TSU4fDIOrpwHDPwotwvBUWyCKgLN+WSwz8S7pnSTGxs8QjXyLG
nyZH7bS2L9NW29Csin+Iemwaj196qW7rxxDvwjlNJFerOU02RvZ9KNXnJrCQLf+h
MJfx+rj66IfnQrnLL3nJo662mYEyh38kUX5C0v/SEw9WS3ttf3Mb6DG79wVFaBde
2A0ufJ2JZZz5uwRUFLR7AJq3mTd0ToEGRL/SZlI5j1DTnJ05Z0MpQGK7A1Yyf2VV
I6imc/t/LSzrABKkut7wLjdGYoBhs0KWFepsXOLimsE9a9oT
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:15 2025 by rpki-client