Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
File: ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa (raw, json)
Hash identifier: /Dh1MoEnn36hDlSN3b4lyNMoNo6iAtolNi/muOVXbhE=
Subject key identifier: 52:9D:31:AB:08:8F:45:C2:9E:2F:A1:90:5F:24:32:8A:13:B8:D4:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 035B44108F3AB74049CD6DABB9CCCB2BFA3B196D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
Signing time: Wed 05 Mar 2025 17:20:22 +0000
ROA not before: Wed 05 Mar 2025 17:20:22 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:5b:44:10:8f:3a:b7:40:49:cd:6d:ab:b9:cc:cb:2b:fa:3b:19:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:20:22 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7c:ca:47:a1:15:1e:b3:c6:f9:bf:01:ee:fd:
76:5b:e0:7f:df:62:29:8a:8f:11:1a:9d:58:b1:76:
b0:ff:19:36:ce:c3:51:48:1c:97:51:bb:b0:f6:75:
75:dd:af:e0:a8:c4:f3:66:6d:36:77:77:6d:d2:b1:
52:8a:f3:4c:c0:7f:e3:c6:1d:72:80:24:28:91:61:
73:a3:5c:00:4f:19:67:6c:34:a0:a8:b8:f0:e5:48:
2c:1d:bf:c5:b0:1c:81:b6:60:5a:36:73:d6:92:e2:
5e:d8:61:ad:dd:69:9d:68:fb:bb:12:59:3b:28:64:
e7:fa:5e:b0:8a:fb:6f:7d:a4:ee:4e:89:b2:b8:2e:
5b:4c:ba:e2:06:ed:ca:80:ff:2d:17:c7:cc:fd:b2:
f7:7c:27:89:95:f3:b3:64:64:a9:e8:b4:54:f3:95:
e1:4b:b3:b7:29:e2:23:97:64:16:6c:d4:e7:4a:39:
21:9c:30:5a:8d:91:bb:67:cb:5d:79:82:51:57:c7:
36:d6:28:8c:f1:d6:89:c5:2b:9a:dd:de:e2:89:51:
1a:4d:fd:51:b8:d2:46:75:a4:39:43:c7:76:34:c7:
da:6f:30:d0:b7:f4:08:cd:4c:3f:f3:34:4a:f7:bf:
15:44:8b:dd:9f:70:e5:82:83:94:b7:45:ae:89:7f:
f2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9D:31:AB:08:8F:45:C2:9E:2F:A1:90:5F:24:32:8A:13:B8:D4:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1730a2-bb63-4a94-80ae-e84acdef93b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e040::/46
Signature Algorithm: sha256WithRSAEncryption
0c:5b:3f:a4:0b:47:10:55:bc:37:f7:6e:2f:ac:3c:cb:63:58:
3c:dd:e2:a6:8a:fb:7d:da:cb:af:c9:d0:b5:65:83:2f:a5:5a:
c8:dc:31:a8:83:f9:3e:e6:e8:bd:c6:b6:e2:b2:a0:89:a6:0c:
8b:72:85:04:c4:32:b2:df:da:c3:7f:67:64:ff:b0:bc:ca:9f:
40:25:3f:4a:aa:da:3e:07:99:95:83:8e:5b:bf:27:19:fb:41:
23:3b:ca:3b:b8:5b:f5:11:1c:a9:c5:60:d2:7a:27:22:ab:b2:
e8:3a:64:ec:21:60:29:28:0d:c7:16:41:3b:4a:4a:55:45:da:
bb:1b:ae:51:d2:d7:46:6c:58:36:b1:49:d1:a0:cc:27:4e:6e:
97:70:c8:af:83:27:30:38:6a:74:a7:73:1b:11:07:7b:5a:1c:
42:5c:89:9e:e0:c6:db:29:2d:b6:01:71:0b:56:b5:45:55:99:
10:ef:bf:c4:7e:60:9d:c3:30:c4:4e:81:39:5c:ff:90:f1:0d:
c4:a8:75:93:60:14:68:d3:59:d4:ad:7c:76:1e:bc:cb:d2:83:
f9:fa:5b:c4:38:0e:52:30:09:82:af:8d:2d:5f:0e:42:22:70:
d2:2b:87:88:53:10:a0:e0:4e:ed:75:dc:f5:2c:8e:ca:0f:b1:
f1:7f:19:93
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUA1tEEI86t0BJzW2ruczLK/o7GW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIwMjJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjODI3MmVhN2U5NTZmMWVjYTg4NzA4NWYwYjEyNTZkNDNmZTUxMDVmYWM3
NWU3ZmJiMjBiMTEzM2JiNGZkM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIp8ykehFR6zxvm/Ae79dlvgf99iKYqPERqdWLF2sP8ZNs7DUUgcl1G7sPZ1
dd2v4KjE82ZtNnd3bdKxUorzTMB/48YdcoAkKJFhc6NcAE8ZZ2w0oKi48OVILB2/
xbAcgbZgWjZz1pLiXthhrd1pnWj7uxJZOyhk5/pesIr7b32k7k6JsrguW0y64gbt
yoD/LRfHzP2y93wniZXzs2Rkqei0VPOV4UuztyniI5dkFmzU50o5IZwwWo2Ru2fL
XXmCUVfHNtYojPHWicUrmt3e4olRGk39UbjSRnWkOUPHdjTH2m8w0Lf0CM1MP/M0
Sve/FUSL3Z9w5YKDlLdFrol/8oMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRSnTGr
CI9Fwp4voZBfJDKKE7jUQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxNzMwYTItYmI2My00YTk0LTgwYWUtZTg0YWNkZWY5M2IyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
QDANBgkqhkiG9w0BAQsFAAOCAQEADFs/pAtHEFW8N/duL6w8y2NYPN3ipor7fdrL
r8nQtWWDL6VayNwxqIP5Pubovca24rKgiaYMi3KFBMQyst/aw39nZP+wvMqfQCU/
SqraPgeZlYOOW78nGftBIzvKO7hb9REcqcVg0nonIquy6Dpk7CFgKSgNxxZBO0pK
VUXauxuuUdLXRmxYNrFJ0aDMJ05ul3DIr4MnMDhqdKdzGxEHe1ocQlyJnuDG2ykt
tgFxC1a1RVWZEO+/xH5gncMwxE6BOVz/kPENxKh1k2AUaNNZ1K18dh68y9KD+fpb
xDgOUjAJgq+NLV8OQiJw0iuHiFMQoOBO7XXc9SyOyg+x8X8Zkw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:11 2025 by rpki-client