Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa
File: ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa (raw, json)
Hash identifier: j1/Wr/s45Ba4/BDkOTAcQibbNMMDoM0GXQakyQv7AvM=
Subject key identifier: 6E:8E:53:E5:ED:8F:E1:A7:01:5A:48:E1:93:19:F4:04:44:C7:39:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54226CD651CEB982730A3258796E5BA321E8FB8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa
Signing time: Wed 05 Mar 2025 17:50:04 +0000
ROA not before: Wed 05 Mar 2025 17:50:04 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027:800::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:22:6c:d6:51:ce:b9:82:73:0a:32:58:79:6e:5b:a3:21:e8:fb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:50:04 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:e2:f8:69:17:f2:f9:c4:a5:0e:da:93:f6:
a2:1b:fe:5c:45:0f:28:a9:82:d3:ef:db:d3:86:c2:
8d:e3:d5:bf:8f:e9:24:0a:b1:6e:db:2e:f8:33:57:
ba:d0:a5:62:ee:9d:fb:5a:63:93:ec:7b:db:fc:d5:
f7:17:7b:94:7c:0b:9e:d3:79:ff:01:39:52:91:df:
f3:69:3c:a7:c2:0c:1b:12:86:ad:ec:bd:5b:54:18:
28:69:c0:57:17:b8:8f:90:3d:97:fe:bc:d8:6a:dd:
d8:df:fb:74:97:2a:9b:4e:a2:39:9a:45:f2:c4:02:
bb:e3:f0:b2:52:43:04:f5:68:fa:a8:b5:c2:cd:e4:
b0:ba:2c:63:eb:d5:c4:e0:4d:b2:65:24:4a:8a:e0:
4d:3d:f8:4e:c6:e0:49:a3:13:2e:eb:2c:5c:5f:71:
dd:2c:d7:c0:a6:dc:94:a0:bc:a9:79:86:52:9f:9f:
72:95:38:22:f0:e3:44:8a:54:73:8a:03:6a:d9:bc:
f2:07:f1:a3:f6:bf:97:13:b4:8b:52:18:9b:5e:bd:
3c:55:98:5e:2d:3a:f2:20:10:b8:a8:04:c9:f5:14:
e2:75:41:6e:6f:bf:68:61:d3:99:42:6f:65:af:eb:
58:de:d6:bd:2a:66:50:12:f1:9c:c8:d2:03:55:e2:
20:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8E:53:E5:ED:8F:E1:A7:01:5A:48:E1:93:19:F4:04:44:C7:39:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027:800::/37
Signature Algorithm: sha256WithRSAEncryption
ab:dc:53:38:c9:47:bc:20:6c:79:5a:f9:b6:24:b4:a1:b4:72:
36:ae:04:ef:59:9a:28:e1:95:69:9d:6d:34:18:fd:c3:a6:88:
0e:8e:91:42:1f:e4:50:2b:f9:c9:07:ff:43:c1:b0:43:e0:62:
77:3b:b4:63:1d:25:a7:f0:83:95:52:c4:fa:d1:bf:ab:66:98:
e4:b3:f8:39:a7:2b:3e:e6:90:bd:4a:86:6c:27:11:4e:ec:48:
6f:1e:2c:68:21:81:d7:4d:d7:2d:a0:8a:fb:b5:d5:03:0e:2e:
92:fa:e9:9c:42:81:a2:7a:d4:97:90:ff:95:97:05:f3:16:12:
16:71:33:67:f1:79:c6:8b:ef:03:93:bc:0f:98:27:e6:a2:e1:
21:67:e5:4e:53:99:07:dc:1b:9b:7f:1b:dd:7b:56:bf:02:94:
31:c6:02:02:a2:f5:f6:2d:61:0f:97:56:dc:2a:5d:81:fc:83:
e8:10:75:a9:bf:90:54:5e:4c:e9:e6:21:29:f1:1a:9e:2f:42:
7e:5a:fe:4b:40:e8:52:08:00:05:fd:20:57:f9:82:6b:b2:ba:
b3:b3:ec:4b:5e:27:dc:11:83:24:64:51:08:28:c0:de:3e:50:
79:70:f2:ac:39:54:41:76:bb:fd:33:af:73:39:39:96:f6:39:
40:1e:19:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVCJs1lHOuYJzCjJYeW5boyHo+4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzUwMDRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjYzA0YzkzZWMzNGJjMTcyYjA3YzUwMzc5NjczNjZhODhhMjZkYTc0NjMy
MjNlMWVjNWY4ZGY2YjFjMWUxM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZn4vhpF/L5xKUO2pP2ohv+XEUPKKmC0+/b04bCjePVv4/pJAqxbtsu+DNX
utClYu6d+1pjk+x72/zV9xd7lHwLntN5/wE5UpHf82k8p8IMGxKGrey9W1QYKGnA
Vxe4j5A9l/682Grd2N/7dJcqm06iOZpF8sQCu+PwslJDBPVo+qi1ws3ksLosY+vV
xOBNsmUkSorgTT34TsbgSaMTLussXF9x3SzXwKbclKC8qXmGUp+fcpU4IvDjRIpU
c4oDatm88gfxo/a/lxO0i1IYm169PFWYXi068iAQuKgEyfUU4nVBbm+/aGHTmUJv
Za/rWN7WvSpmUBLxnMjSA1XiILUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRujlPl
7Y/hpwFaSOGTGfQERMc5rzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxYzQzNzYtMGZiMC00ODg3LWI5MGUtMjJkODRjOGNmYjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CcI
MA0GCSqGSIb3DQEBCwUAA4IBAQCr3FM4yUe8IGx5Wvm2JLShtHI2rgTvWZoo4ZVp
nW00GP3DpogOjpFCH+RQK/nJB/9DwbBD4GJ3O7RjHSWn8IOVUsT60b+rZpjks/g5
pys+5pC9SoZsJxFO7EhvHixoIYHXTdctoIr7tdUDDi6S+umcQoGietSXkP+VlwXz
FhIWcTNn8XnGi+8Dk7wPmCfmouEhZ+VOU5kH3Bubfxvde1a/ApQxxgICovX2LWEP
l1bcKl2B/IPoEHWpv5BUXkzp5iEp8RqeL0J+Wv5LQOhSCAAF/SBX+YJrsrqzs+xL
XifcEYMkZFEIKMDePlB5cPKsOVRBdrv9M69zOTmW9jlAHhlf
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:30 2025 by rpki-client