Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: dNiM7IQXsghPuJ2ZYhU9ZXq6qZe4cMO0/n0Rt+u1SaY=
Subject key identifier: E4:E3:47:5C:C6:02:19:98:D4:13:0F:D9:58:4D:71:74:7E:F2:5A:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 091F8E45771564E2B651AED008C51C4B8AD0C58F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Wed 05 Mar 2025 17:21:08 +0000
ROA not before: Wed 05 Mar 2025 17:21:08 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:1f:8e:45:77:15:64:e2:b6:51:ae:d0:08:c5:1c:4b:8a:d0:c5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:21:08 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3a:40:86:31:ca:e1:d8:13:cd:20:a7:d9:33:
e2:11:77:d4:17:a9:d2:27:67:f1:cb:db:8f:a5:60:
e4:42:8e:38:86:0b:02:e7:a0:d7:3e:eb:78:c9:96:
07:79:82:05:20:9b:c5:62:a3:8e:56:f0:3d:a0:96:
61:c4:ca:22:d5:bd:1a:07:ee:2b:96:1c:96:9d:6b:
3f:d0:a5:a3:10:98:fa:f1:90:81:4f:2f:1f:c0:bc:
85:1a:8e:ff:df:0e:3e:be:ad:9b:00:6d:2e:1c:81:
fe:07:6e:84:4e:69:55:5a:ae:e3:ac:36:4c:79:3c:
4f:35:93:58:5d:42:c3:7d:98:31:67:80:ed:01:f1:
5f:a6:2f:68:68:cd:92:34:c9:c8:be:fa:38:95:e0:
77:4a:99:c8:83:90:ec:01:25:e0:d5:20:fc:8e:f3:
e5:58:ce:31:24:3f:2f:20:79:58:c2:b1:5c:f1:20:
72:0a:41:3e:3f:89:1a:7e:c7:c2:70:4e:3e:11:8d:
62:30:52:fe:7f:f2:5f:84:e5:f2:9f:bf:aa:18:85:
a8:da:3c:f2:21:92:6c:e2:fb:47:57:8d:dd:ad:eb:
64:2e:cd:16:6b:30:d9:79:48:d3:80:49:b5:08:9a:
dc:20:1e:5a:49:ad:ff:a4:82:e5:cc:72:ec:c6:5f:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E3:47:5C:C6:02:19:98:D4:13:0F:D9:58:4D:71:74:7E:F2:5A:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
49:52:67:49:bb:ac:7c:ed:02:16:e4:2f:a3:3e:01:c7:0a:62:
71:4c:84:a6:88:c5:1a:2f:a3:8b:de:5f:29:e9:d3:21:77:8a:
6a:56:e4:3c:b3:2d:08:27:3d:3e:6f:41:80:53:25:ad:e5:cc:
0e:f6:a7:56:16:61:7f:61:b8:0e:b7:14:a6:de:b4:d2:a1:a8:
2a:ad:2d:15:3f:93:90:33:fb:9e:ed:ca:d3:e4:aa:d1:5d:3a:
12:1e:d3:15:a4:95:64:da:25:65:e2:a0:ec:9a:9c:63:92:bc:
fd:d7:29:76:59:88:e6:aa:b9:db:e4:57:ea:03:55:99:cb:d6:
88:34:f2:5c:fd:41:0d:82:f4:74:e0:b9:e5:57:eb:6c:71:0e:
ce:30:79:40:1f:70:43:fd:ce:e9:c8:4b:bc:ec:fd:d3:c2:a9:
14:9a:56:46:4f:6c:87:7b:a8:e1:5b:c4:96:7e:80:9d:5c:8b:
05:12:fd:21:45:c6:2c:8e:de:6d:7a:83:22:00:90:14:29:7e:
bf:07:f0:62:40:e8:2d:9c:5e:e0:20:25:a4:84:c7:bf:30:1f:
2a:2e:d1:37:88:76:71:54:3e:45:b8:d9:51:0f:7c:89:d8:27:
20:20:9c:bd:9c:f4:67:84:ba:cd:f1:c6:b1:9d:c5:de:36:9a:
e6:02:99:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCR+ORXcVZOK2Ua7QCMUcS4rQxY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIxMDhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhMjQ0YTQ2OTVhZmY1YjNmYWQ3NTMyYWMzYjI0MmNiZmI0ZmMyNGZjYjM1
YjY3MDBlYjU5MThkZDEzZjVlNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM06QIYxyuHYE80gp9kz4hF31Bep0idn8cvbj6Vg5EKOOIYLAueg1z7reMmW
B3mCBSCbxWKjjlbwPaCWYcTKItW9GgfuK5Yclp1rP9CloxCY+vGQgU8vH8C8hRqO
/98OPr6tmwBtLhyB/gduhE5pVVqu46w2THk8TzWTWF1Cw32YMWeA7QHxX6YvaGjN
kjTJyL76OJXgd0qZyIOQ7AEl4NUg/I7z5VjOMSQ/LyB5WMKxXPEgcgpBPj+JGn7H
wnBOPhGNYjBS/n/yX4Tl8p+/qhiFqNo88iGSbOL7R1eN3a3rZC7NFmsw2XlI04BJ
tQia3CAeWkmt/6SC5cxy7MZftwcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTk40dc
xgIZmNQTD9lYTXF0fvJarTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBJUmdJu6x87QIW5C+jPgHHCmJxTISmiMUaL6OL
3l8p6dMhd4pqVuQ8sy0IJz0+b0GAUyWt5cwO9qdWFmF/YbgOtxSm3rTSoagqrS0V
P5OQM/ue7crT5KrRXToSHtMVpJVk2iVl4qDsmpxjkrz91yl2WYjmqrnb5FfqA1WZ
y9aINPJc/UENgvR04LnlV+tscQ7OMHlAH3BD/c7pyEu87P3TwqkUmlZGT2yHe6jh
W8SWfoCdXIsFEv0hRcYsjt5teoMiAJAUKX6/B/BiQOgtnF7gICWkhMe/MB8qLtE3
iHZxVD5FuNlRD3yJ2CcgIJy9nPRnhLrN8caxncXeNprmApmz
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:11 2025 by rpki-client