Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: x2EWQdH4wuLAlOxoLhrQwMchnt8eY/q1vucEKjFiONM=
Subject key identifier: 06:7D:C7:DC:83:18:51:D8:48:37:EE:F8:B3:86:0A:EA:FE:99:45:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B68D03ABAD7219192C583A31D7DE4BF2BDFFA42
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Wed 05 Mar 2025 17:00:28 +0000
ROA not before: Wed 05 Mar 2025 17:00:28 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:68:d0:3a:ba:d7:21:91:92:c5:83:a3:1d:7d:e4:bf:2b:df:fa:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:28 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f0:18:c7:5c:c3:f2:33:cb:f4:4c:ce:b8:5e:
94:05:af:93:3b:73:0a:63:a0:2d:1c:0b:10:0c:1d:
a7:4c:5b:f6:a5:72:69:e9:56:db:6f:58:d6:f0:02:
c7:4c:82:0e:dd:35:69:19:99:51:df:3e:c8:49:4b:
f1:b9:9a:31:54:de:f6:4c:9a:34:b6:62:8e:47:1d:
d8:6d:76:4b:d4:c9:7a:e5:2f:5f:9a:f3:46:ee:bd:
cb:74:49:05:76:28:b0:5e:a5:51:3b:de:7a:83:24:
19:24:21:06:95:cc:d1:a9:f0:f1:c9:a6:09:b1:33:
bb:3d:b2:d0:9d:aa:79:5c:a0:03:b9:1a:12:9e:1b:
5e:10:16:23:c1:ca:f7:71:31:a1:65:30:65:40:5c:
21:62:1b:fb:1d:c4:c9:d6:85:1e:dd:03:d7:2e:84:
2d:7c:31:63:37:6f:3a:29:c1:b9:7b:e3:f9:fa:e8:
4b:7b:3e:cd:c6:62:79:60:95:95:51:a3:40:d3:67:
0c:ff:62:b7:26:b7:4a:76:37:42:1b:b1:9a:c8:2b:
3e:8e:fc:eb:8f:31:de:51:64:a1:db:21:9b:44:e1:
9d:ba:cf:ae:db:49:53:18:ff:98:24:a7:6b:ad:0f:
22:40:07:02:27:70:29:5c:98:6e:d8:31:65:6b:0d:
8b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7D:C7:DC:83:18:51:D8:48:37:EE:F8:B3:86:0A:EA:FE:99:45:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
c6:4f:0a:22:58:af:76:2c:06:af:47:1b:66:f9:f3:c9:3e:87:
94:ef:04:2e:4f:10:bf:75:ed:0f:90:13:de:ed:48:a0:35:34:
31:8f:f3:ca:3f:53:30:08:b8:3d:a3:24:2c:a4:8a:75:9b:56:
84:a4:ed:4e:61:9a:0b:d3:b3:6e:cc:6b:27:df:44:cb:28:8e:
d1:f7:cc:18:47:3c:16:d3:b1:5a:f4:52:fe:0a:03:31:d2:21:
19:91:69:5d:60:f7:d4:ea:d5:1b:2c:a7:6d:a0:4d:24:0d:c2:
31:27:4f:ed:fc:01:c6:23:94:04:b0:0b:19:dd:50:de:d1:88:
6f:43:32:cc:6e:40:d3:3f:73:16:3c:49:28:6b:59:fb:7b:e9:
b2:cc:9f:34:ff:3f:2e:83:f9:38:57:d3:8b:4e:f4:4c:98:f7:
df:6b:38:ba:b9:3b:da:7c:be:4d:92:76:4a:3e:a2:54:34:2f:
ab:32:d3:36:6f:b9:ab:94:05:10:48:b0:a2:1e:96:29:9b:a2:
af:eb:e4:52:29:a4:0a:06:b7:3d:17:cb:b4:0d:44:d9:d6:05:
bb:37:b1:66:68:0c:15:ad:d3:68:5f:ec:9b:1a:10:b3:e4:40:
7e:c5:64:6f:88:c6:81:4f:ca:b5:ab:f9:e6:08:e9:db:25:25:
96:d6:57:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK2jQOrrXIZGSxYOjHX3kvyvf+kIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMjhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNmNkMzE1YzRkMjBiZjYyMWU4MDQ0Njg2MTZmMTRkNTFlODY4M2E0ZDli
M2E5YjQ2MjMyZTI4MWQzN2MzZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbwGMdcw/Izy/RMzrhelAWvkztzCmOgLRwLEAwdp0xb9qVyaelW229Y1vAC
x0yCDt01aRmZUd8+yElL8bmaMVTe9kyaNLZijkcd2G12S9TJeuUvX5rzRu69y3RJ
BXYosF6lUTveeoMkGSQhBpXM0anw8cmmCbEzuz2y0J2qeVygA7kaEp4bXhAWI8HK
93ExoWUwZUBcIWIb+x3EydaFHt0D1y6ELXwxYzdvOinBuXvj+froS3s+zcZieWCV
lVGjQNNnDP9itya3SnY3QhuxmsgrPo78648x3lFkodshm0ThnbrPrttJUxj/mCSn
a60PIkAHAidwKVyYbtgxZWsNi9UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGfcfc
gxhR2Eg37vizhgrq/plFjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAxk8KIlivdiwGr0cbZvnzyT6HlO8ELk8Qv3Xt
D5AT3u1IoDU0MY/zyj9TMAi4PaMkLKSKdZtWhKTtTmGaC9OzbsxrJ99EyyiO0ffM
GEc8FtOxWvRS/goDMdIhGZFpXWD31OrVGyynbaBNJA3CMSdP7fwBxiOUBLALGd1Q
3tGIb0MyzG5A0z9zFjxJKGtZ+3vpssyfNP8/LoP5OFfTi070TJj332s4urk72ny+
TZJ2Sj6iVDQvqzLTNm+5q5QFEEiwoh6WKZuir+vkUimkCga3PRfLtA1E2dYFuzex
ZmgMFa3TaF/smxoQs+RAfsVkb4jGgU/Ktav55gjp2yUlltZX7Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:12 2025 by rpki-client