Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
File: a507fd37-f907-46ea-8c80-857b97a67610.roa (raw, json)
Hash identifier: sVXsoakIa9reXBCHi3PnGt9MzAGimFwCO96xMf0S4y0=
Subject key identifier: 52:42:DD:C5:1B:2F:C3:EC:68:B5:B4:AC:46:6C:8D:DE:8F:60:77:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E2D7EAE7BD1ADE5BA568BFF9D58DC859D668CFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
Signing time: Wed 05 Mar 2025 17:00:35 +0000
ROA not before: Wed 05 Mar 2025 17:00:35 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:2d:7e:ae:7b:d1:ad:e5:ba:56:8b:ff:9d:58:dc:85:9d:66:8c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:35 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:01:64:f1:0a:e5:d9:a8:9c:a5:96:13:63:
40:f9:b6:31:aa:9c:d3:92:d6:d5:10:8f:d8:4d:14:
bd:bf:36:16:9d:a2:b9:52:a8:c1:4a:b6:14:f1:2c:
e2:d9:dc:98:36:e0:78:a3:f9:a1:4f:8b:f4:54:eb:
a3:ae:2d:b4:4b:97:05:74:55:20:7f:e2:00:1e:d0:
88:48:4d:39:73:5b:67:aa:77:2f:86:f5:1a:15:8e:
7e:1b:dc:20:b5:91:93:78:e0:25:bb:43:12:68:3b:
96:54:83:ee:5d:0d:c1:92:43:37:e6:52:15:a0:0d:
9c:d8:01:c1:00:aa:ff:ad:fa:23:69:b2:6e:41:c6:
58:89:fa:0a:59:49:ea:1a:b4:11:8e:b1:48:d6:78:
dc:f6:d3:d5:91:fa:64:72:2e:8c:07:78:8d:7a:8e:
46:66:9a:5a:98:67:3a:d6:bd:5b:5a:98:37:3a:be:
3b:46:11:0d:db:a9:cf:22:c0:43:13:e7:07:31:5f:
5f:76:a4:55:c8:d4:c4:49:4f:d8:12:f2:3c:6d:c3:
cf:2a:06:54:e6:8b:c2:c6:08:06:8d:c2:10:11:45:
64:42:3f:c2:d7:45:96:c2:9d:7e:9c:53:c9:3b:5b:
27:2e:09:2f:a6:5e:66:11:a4:b0:5c:5c:3b:5d:54:
40:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:42:DD:C5:1B:2F:C3:EC:68:B5:B4:AC:46:6C:8D:DE:8F:60:77:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:74:06:0d:f5:e2:72:bc:58:86:6f:f9:8b:0b:5d:a1:94:14:
36:8e:ce:0f:b5:ee:25:a9:54:27:c9:a7:f2:16:c6:c0:e8:92:
a0:07:5f:ca:25:0a:b3:78:57:d5:36:be:7f:fa:dc:f8:23:53:
89:8e:19:80:71:13:9a:88:69:02:04:23:ab:97:48:78:f2:3c:
44:e9:1a:77:89:0b:b0:85:9f:c1:ff:8b:36:12:d4:67:a2:5f:
a9:8c:ec:d8:8e:af:f9:7e:03:13:f0:8b:9e:b7:e1:3a:1c:00:
3c:c4:70:26:e3:43:4e:bb:a2:79:ca:ae:e6:fd:87:7f:81:3f:
58:3b:ed:d8:f9:f8:ff:52:17:c3:37:a7:ea:fa:74:fa:9c:93:
15:29:bf:f7:2a:84:53:a9:d7:25:b4:33:d1:ae:9a:7e:41:20:
96:1c:5f:26:ec:cc:a5:3c:11:28:fa:8f:d4:57:61:16:c2:13:
4a:61:4c:ad:5b:b4:28:84:60:bc:6a:bd:8f:02:1e:a4:25:0b:
27:97:62:bb:6a:32:57:13:77:ef:7e:7d:fc:d2:22:b4:68:57:
e6:91:73:6c:0b:7b:95:42:d1:ed:2f:fc:b5:59:ed:df:75:18:
bf:ae:2f:07:6d:52:3f:18:6d:ae:04:6f:22:10:2e:ee:df:00:
1a:ea:c1:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDi1+rnvRreW6Vov/nVjchZ1mjPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMzVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmNjkyNDI5MTAwZTc4YjQwMzU5MTE4NmI2MDAxMDAzM2EwMjhmN2YzMTJj
MDRlZDk2YjhhNzhlOTFmMGQzZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMb1AWTxCuXZqJyllhNjQPm2Maqc05LW1RCP2E0Uvb82Fp2iuVKowUq2FPEs
4tncmDbgeKP5oU+L9FTro64ttEuXBXRVIH/iAB7QiEhNOXNbZ6p3L4b1GhWOfhvc
ILWRk3jgJbtDEmg7llSD7l0NwZJDN+ZSFaANnNgBwQCq/636I2mybkHGWIn6CllJ
6hq0EY6xSNZ43PbT1ZH6ZHIujAd4jXqORmaaWphnOta9W1qYNzq+O0YRDdupzyLA
QxPnBzFfX3akVcjUxElP2BLyPG3DzyoGVOaLwsYIBo3CEBFFZEI/wtdFlsKdfpxT
yTtbJy4JL6ZeZhGksFxcO11UQFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSQt3F
Gy/D7Gi1tKxGbI3ej2B31DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUwN2ZkMzctZjkwNy00NmVhLThjODAtODU3Yjk3YTY3NjEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQC1dAYN9eJyvFiGb/mLC12hlBQ2js4Pte4lqVQn
yafyFsbA6JKgB1/KJQqzeFfVNr5/+tz4I1OJjhmAcROaiGkCBCOrl0h48jxE6Rp3
iQuwhZ/B/4s2EtRnol+pjOzYjq/5fgMT8Iuet+E6HAA8xHAm40NOu6J5yq7m/Yd/
gT9YO+3Y+fj/UhfDN6fq+nT6nJMVKb/3KoRTqdcltDPRrpp+QSCWHF8m7MylPBEo
+o/UV2EWwhNKYUytW7QohGC8ar2PAh6kJQsnl2K7ajJXE3fvfn380iK0aFfmkXNs
C3uVQtHtL/y1We3fdRi/ri8HbVI/GG2uBG8iEC7u3wAa6sFO
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:49:05 2025 by rpki-client