Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
File: b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa (raw, json)
Hash identifier: JyasJlEBRhe9SsOS41E/M43ViP0fgZePqPkzblVUkoY=
Subject key identifier: 37:C6:45:79:9A:77:AC:41:1A:EC:70:FE:38:0D:9B:9B:EB:46:23:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DA3CB12C1047497F3B2611AFB4BCAE815755ADD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
Signing time: Wed 05 Mar 2025 17:11:51 +0000
ROA not before: Wed 05 Mar 2025 17:11:51 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:a3:cb:12:c1:04:74:97:f3:b2:61:1a:fb:4b:ca:e8:15:75:5a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:11:51 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:cb:7c:13:b5:ff:a5:fd:ed:18:58:8d:29:
39:42:53:9c:34:b6:e1:83:c7:22:a8:6d:1b:f9:d3:
8e:6d:e8:37:9b:94:01:09:97:c7:00:86:ce:da:33:
2e:0e:40:6e:57:8a:e6:c1:6b:9e:a3:82:bb:f5:59:
54:41:87:13:95:9a:58:5f:7c:2b:87:76:82:24:fc:
b6:7b:9b:ec:ab:0b:76:65:ea:38:e3:ba:7c:0d:d3:
18:8f:36:52:98:83:92:39:3d:a1:2b:41:b7:74:62:
17:b1:40:e8:76:e7:8f:e1:97:89:92:28:2d:7a:c0:
77:a4:c8:3f:e6:bd:1c:9d:a3:fb:0c:5b:f2:f6:53:
6c:25:ac:71:c3:68:9a:74:ad:54:2f:34:33:3c:f4:
49:b9:41:d5:5a:74:3f:98:bd:5c:47:88:03:9c:b0:
54:c6:e4:78:a6:9e:fd:e1:6f:ef:79:93:3f:e6:50:
3a:4c:46:f0:75:98:a2:ba:88:a4:d9:d3:a4:ce:6c:
1f:f7:9e:fe:f7:0c:e2:2d:fe:34:35:ec:ad:3f:1c:
c0:04:c4:17:6c:a7:78:85:59:ff:50:0d:02:bb:3d:
70:8a:03:a6:fd:62:24:4d:dc:17:48:f0:e2:48:1a:
26:f3:48:07:2a:4a:72:88:94:f3:96:15:51:8e:f1:
ca:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C6:45:79:9A:77:AC:41:1A:EC:70:FE:38:0D:9B:9B:EB:46:23:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c040::/46
Signature Algorithm: sha256WithRSAEncryption
72:0d:ae:1f:bb:0b:83:0b:fb:fa:ba:5e:a3:96:03:09:47:cd:
4d:40:d2:f4:8e:04:1d:36:55:51:ad:37:60:e8:65:60:a3:02:
2c:e3:44:90:aa:e6:2d:18:79:51:50:31:c4:12:6e:ce:84:2b:
13:6a:ff:72:34:3e:45:4b:46:2d:af:76:e9:dc:e7:20:cf:71:
f8:92:49:59:d7:68:17:6c:25:1a:a3:8e:51:cb:eb:c5:24:79:
75:de:cd:3b:85:1c:55:dc:aa:f2:89:74:c8:3a:2e:16:9a:84:
6e:30:c3:71:f1:1b:d1:bf:ed:7f:dc:c2:32:d3:cc:ed:89:67:
8c:9c:83:e8:fd:b8:dd:c4:1a:42:8d:73:93:76:a9:05:e5:f6:
38:7d:2a:71:bf:23:4c:2a:3d:5e:df:ed:54:5d:2e:61:fe:e9:
78:01:93:89:18:bc:bc:60:92:db:f8:a7:c7:0e:3e:de:26:a4:
e8:53:47:7b:83:ad:aa:9d:dc:14:a5:9e:91:e7:be:09:69:62:
2b:2c:ea:1d:a5:37:a2:97:7a:32:9c:5c:cf:4c:25:34:68:5b:
d6:b5:59:15:08:d7:7c:e6:a3:c0:2c:b3:77:41:c5:da:3e:68:
b7:77:e2:1a:33:bb:dd:16:2a:c8:08:b0:d8:1b:88:d9:d1:3b:
d6:19:92:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHaPLEsEEdJfzsmEa+0vK6BV1Wt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzExNTFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkYjg2MThjNzIyN2Q2ZWExMDBiNWM5MTdjZGE0OTg2MTM0MzNhMDI1M2Q1
ZmM0YjJlNjdmNjdkMzQ3MGExNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYuy3wTtf+l/e0YWI0pOUJTnDS24YPHIqhtG/nTjm3oN5uUAQmXxwCGztoz
Lg5AbleK5sFrnqOCu/VZVEGHE5WaWF98K4d2giT8tnub7KsLdmXqOOO6fA3TGI82
UpiDkjk9oStBt3RiF7FA6Hbnj+GXiZIoLXrAd6TIP+a9HJ2j+wxb8vZTbCWsccNo
mnStVC80Mzz0SblB1Vp0P5i9XEeIA5ywVMbkeKae/eFv73mTP+ZQOkxG8HWYorqI
pNnTpM5sH/ee/vcM4i3+NDXsrT8cwATEF2yneIVZ/1ANArs9cIoDpv1iJE3cF0jw
4kgaJvNIBypKcoiU85YVUY7xypkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ3xkV5
mnesQRrscP44DZub60YjGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQwZGQ5ZWMtNDE3Ny00NDhmLWIzYzItOTM3MjYzMmNkMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
QDANBgkqhkiG9w0BAQsFAAOCAQEAcg2uH7sLgwv7+rpeo5YDCUfNTUDS9I4EHTZV
Ua03YOhlYKMCLONEkKrmLRh5UVAxxBJuzoQrE2r/cjQ+RUtGLa926dznIM9x+JJJ
WddoF2wlGqOOUcvrxSR5dd7NO4UcVdyq8ol0yDouFpqEbjDDcfEb0b/tf9zCMtPM
7YlnjJyD6P243cQaQo1zk3apBeX2OH0qcb8jTCo9Xt/tVF0uYf7peAGTiRi8vGCS
2/inxw4+3iak6FNHe4Otqp3cFKWekee+CWliKyzqHaU3opd6Mpxcz0wlNGhb1rVZ
FQjXfOajwCyzd0HF2j5ot3fiGjO73RYqyAiw2BuI2dE71hmScQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:08 2025 by rpki-client