Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
File: b176a187-5863-4413-a001-74ccc0321be5.roa (raw, json)
Hash identifier: dcIZuKLuplETfFxoW993wCfigGJN+Rm2cfA32TgmLMA=
Subject key identifier: 7A:6F:59:35:6D:04:04:0B:96:D6:1C:DC:CC:89:A8:E4:B8:6E:44:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7037C22413A938781DD4AAAD2DBF664540226C22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
Signing time: Wed 05 Mar 2025 17:50:15 +0000
ROA not before: Wed 05 Mar 2025 17:50:15 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02c::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:37:c2:24:13:a9:38:78:1d:d4:aa:ad:2d:bf:66:45:40:22:6c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:50:15 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:56:14:05:12:f6:60:5b:b6:b5:13:cd:52:
e0:b0:01:9c:a6:c9:56:c4:0a:5b:e9:1d:35:06:2e:
19:4b:71:0b:b3:5d:c9:45:30:9d:9f:c2:f2:56:29:
35:ff:a8:5a:34:76:d6:30:29:97:e4:b8:d1:0e:c6:
be:58:09:77:2e:f5:d5:16:b8:f8:c5:27:5b:ee:64:
20:f2:fe:87:93:76:58:d6:30:09:11:5e:f2:29:3b:
f9:45:a3:f8:bd:fe:ef:7a:fe:80:30:d2:2c:b2:b7:
28:67:18:56:82:f6:d5:ff:6d:e1:3f:90:e9:d5:87:
69:49:0e:c0:f5:f3:21:01:e3:0e:18:a2:8e:21:76:
f7:55:70:99:3c:e5:f3:42:1a:0c:f8:76:cd:04:17:
b9:4f:94:54:40:dd:6c:2b:ce:58:3c:78:f9:b8:f9:
81:ce:c4:68:35:f0:94:e0:8c:8e:2f:bc:2c:aa:1c:
e3:08:1e:8a:89:69:31:27:ed:d3:34:c9:46:67:02:
94:92:15:3f:b7:92:07:74:48:ce:93:43:f0:0a:51:
87:e9:9d:cc:0f:41:75:5e:46:57:34:82:7c:0a:0f:
bb:75:a2:06:71:ad:e8:bb:b3:b8:20:ac:f4:a9:5d:
f2:e9:08:83:a8:92:3c:af:3d:c7:9d:48:b6:7a:fc:
52:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6F:59:35:6D:04:04:0B:96:D6:1C:DC:CC:89:A8:E4:B8:6E:44:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02c::/36
Signature Algorithm: sha256WithRSAEncryption
4e:7e:a2:37:e2:01:1b:1c:c5:ac:c1:0e:7e:7d:05:56:c6:2c:
d5:8e:23:21:22:c7:b1:b9:0d:a1:5e:72:67:12:81:02:08:59:
7e:5b:f1:88:de:34:0a:4a:fa:8f:45:b1:a2:c7:ad:4a:5e:d0:
b6:86:95:26:e6:06:62:30:90:04:f5:3f:76:3b:4b:f7:38:68:
1d:99:8a:ba:ca:fb:09:1c:f6:79:86:bb:3e:07:10:b2:29:00:
c8:75:b6:06:e9:90:4c:92:c8:d3:89:37:a5:3f:80:62:52:c1:
b0:4a:f7:73:4f:bd:9b:36:92:0e:95:cb:e8:e5:9d:86:53:8b:
29:3f:68:db:5c:fa:c8:cb:b8:0e:24:1c:90:fd:3c:be:60:b8:
26:1a:0c:4a:62:45:cc:a0:fb:25:4f:ad:bd:d7:b7:ff:3e:0d:
2b:35:2b:43:a9:fb:3f:07:c9:79:31:43:4b:b0:7f:af:a3:14:
87:f0:3e:33:94:b6:6e:ce:2d:cb:62:f6:dc:82:79:50:c3:b4:
8d:a8:89:96:a4:2c:36:d4:7b:98:a5:75:02:92:8e:1c:50:16:
97:ad:1a:de:87:91:7c:1c:06:64:7f:69:a2:ff:f3:54:87:5d:
58:00:8a:4f:4e:b5:19:44:34:bc:8d:13:f9:df:e8:9b:d0:4f:
73:55:6c:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcDfCJBOpOHgd1KqtLb9mRUAibCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzUwMTVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDViY2M5NjAxNDUxOTYzZDQ3ZTQzNGY3ZWI1N2Y0ZTIwZDJkODM2OTZjN2I1
Mzg3NzE5NDEzNTk3ZWNiMzAxMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0EVhQFEvZgW7a1E81S4LABnKbJVsQKW+kdNQYuGUtxC7NdyUUwnZ/C8lYp
Nf+oWjR21jApl+S40Q7GvlgJdy711Ra4+MUnW+5kIPL+h5N2WNYwCRFe8ik7+UWj
+L3+73r+gDDSLLK3KGcYVoL21f9t4T+Q6dWHaUkOwPXzIQHjDhiijiF291VwmTzl
80IaDPh2zQQXuU+UVEDdbCvOWDx4+bj5gc7EaDXwlOCMji+8LKoc4wgeiolpMSft
0zTJRmcClJIVP7eSB3RIzpND8ApRh+mdzA9BdV5GVzSCfAoPu3WiBnGt6LuzuCCs
9Kld8ukIg6iSPK89x51Itnr8UpkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6b1k1
bQQEC5bWHNzMiajkuG5E8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3NmExODctNTg2My00NDEzLWEwMDEtNzRjY2MwMzIxYmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOfqI34gEbHMWswQ5+fQVWxizVjiMhIsexuQ2h
XnJnEoECCFl+W/GI3jQKSvqPRbGix61KXtC2hpUm5gZiMJAE9T92O0v3OGgdmYq6
yvsJHPZ5hrs+BxCyKQDIdbYG6ZBMksjTiTelP4BiUsGwSvdzT72bNpIOlcvo5Z2G
U4spP2jbXPrIy7gOJByQ/Ty+YLgmGgxKYkXMoPslT62917f/Pg0rNStDqfs/B8l5
MUNLsH+voxSH8D4zlLZuzi3LYvbcgnlQw7SNqImWpCw21HuYpXUCko4cUBaXrRre
h5F8HAZkf2mi//NUh11YAIpPTrUZRDS8jRP53+ib0E9zVWzM
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:35 2025 by rpki-client