Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: uwDXP5bbSqMWcz5LUdROJAI6YtSd9AHiKrfbDF0oBHE=
Subject key identifier: F8:55:10:13:44:61:DE:8E:9C:AB:C4:64:B2:F5:8D:A8:CA:C5:99:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E7E7759DEEC94742DB80FA0740A2A2CA2289EF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Fri 07 Mar 2025 15:00:25 +0000
ROA not before: Fri 07 Mar 2025 15:00:25 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:7e:77:59:de:ec:94:74:2d:b8:0f:a0:74:0a:2a:2c:a2:28:9e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:00:25 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:2d:5d:7a:01:e8:55:8b:98:75:e3:ac:aa:
ef:f2:ec:db:c3:ba:5d:89:21:6c:0d:3b:2e:e0:cd:
67:d7:d5:7b:db:b8:ec:66:99:1c:d2:e4:52:23:e3:
05:66:2b:29:05:5a:8a:10:5c:e5:9d:ba:0e:d1:be:
2d:a6:67:0e:5a:54:e6:fd:ea:f4:8c:6d:4b:aa:47:
d8:19:e5:d5:8c:45:3b:64:82:6e:fd:ce:6b:de:8a:
87:f7:a2:ef:0a:7a:4a:a3:69:d3:7a:b4:dd:3d:6d:
ce:b6:8a:75:76:42:17:d0:d0:23:a8:df:e3:16:9d:
23:fd:e2:98:18:e8:af:95:b9:59:b2:cd:f4:ae:4c:
09:9d:2c:0a:c2:e8:1c:24:d4:2a:cf:3c:ee:0f:36:
70:4d:b8:bb:30:77:5c:df:08:87:de:e9:24:cc:f6:
0f:3e:da:43:53:27:00:60:b7:af:fa:78:dc:27:94:
66:61:6d:80:90:e8:d1:c4:e9:af:75:38:5b:6a:ff:
1c:26:32:c2:d9:98:ea:73:38:1a:a6:2a:89:bf:54:
a7:4e:af:76:12:ae:ae:65:c6:97:c7:c4:65:3c:63:
51:b7:79:df:c2:56:55:48:bb:2a:4b:00:12:9a:a0:
82:23:42:37:d7:8e:de:bc:d2:86:27:e7:b3:09:b1:
b1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:55:10:13:44:61:DE:8E:9C:AB:C4:64:B2:F5:8D:A8:CA:C5:99:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
86:a7:74:4b:bd:92:62:cb:c9:a6:36:4a:8d:c8:7c:ba:89:18:
42:1b:54:af:aa:c6:94:a5:96:e1:b9:88:48:5a:c0:51:e2:ab:
78:46:91:90:46:a7:cb:9e:bc:ac:b0:c5:7c:07:a3:48:8d:cb:
b9:db:6f:83:b6:49:e3:19:58:a8:16:c9:5e:4b:b8:c2:3d:a3:
30:aa:4b:4e:99:45:c9:77:25:70:cc:f0:cb:2f:85:b3:a5:83:
d4:c1:e5:c2:75:f6:a5:88:dc:66:17:20:84:e9:95:a8:7e:3b:
4a:a6:75:08:ae:45:9e:9b:c0:43:b9:85:94:58:f7:52:73:0f:
cd:c7:28:22:a4:ed:d4:56:78:3b:49:4f:54:22:ea:77:0c:cb:
52:8c:2c:71:57:55:24:18:4e:3a:71:19:e4:91:ec:4f:d0:67:
95:2a:7f:19:59:96:6b:ba:54:4d:fd:08:83:e1:7e:84:49:9a:
ae:63:8a:e6:17:e6:b2:60:c5:54:5b:48:ab:07:1e:bd:1e:41:
b8:19:7b:4d:53:f9:7f:64:6d:69:88:f8:bc:23:1b:64:39:6a:
7d:68:51:9f:9b:f1:ea:70:86:b2:64:e7:ec:75:21:fb:b8:1b:
85:00:57:67:77:a8:48:29:ed:09:78:3b:5c:d5:d3:64:f1:25:
18:9b:a7:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbn53Wd7slHQtuA+gdAoqLKIonvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTAwMjVaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzNWM4Mzc4ZTdjNDlhNWNlNTA3NTRlMjk3YmRhOTQ5ZGEzZjU3ZDEwYTcz
YzA0YjE3MGVkODI1NGIyYTAxY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU4LV16AehVi5h146yq7/Ls28O6XYkhbA07LuDNZ9fVe9u47GaZHNLkUiPj
BWYrKQVaihBc5Z26DtG+LaZnDlpU5v3q9IxtS6pH2Bnl1YxFO2SCbv3Oa96Kh/ei
7wp6SqNp03q03T1tzraKdXZCF9DQI6jf4xadI/3imBjor5W5WbLN9K5MCZ0sCsLo
HCTUKs887g82cE24uzB3XN8Ih97pJMz2Dz7aQ1MnAGC3r/p43CeUZmFtgJDo0cTp
r3U4W2r/HCYywtmY6nM4GqYqib9Up06vdhKurmXGl8fEZTxjUbd538JWVUi7KksA
EpqggiNCN9eO3rzShifnswmxsYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4VRAT
RGHejpyrxGSy9Y2oysWZqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCGp3RLvZJiy8mmNkqNyHy6iRhCG1SvqsaUpZbh
uYhIWsBR4qt4RpGQRqfLnryssMV8B6NIjcu522+DtknjGVioFsleS7jCPaMwqktO
mUXJdyVwzPDLL4WzpYPUweXCdfaliNxmFyCE6ZWofjtKpnUIrkWem8BDuYWUWPdS
cw/NxygipO3UVng7SU9UIup3DMtSjCxxV1UkGE46cRnkkexP0GeVKn8ZWZZrulRN
/QiD4X6ESZquY4rmF+ayYMVUW0irBx69HkG4GXtNU/l/ZG1piPi8IxtkOWp9aFGf
m/HqcIayZOfsdSH7uBuFAFdnd6hIKe0JeDtc1dNk8SUYm6c0
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:32 2025 by rpki-client