Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json)
Hash identifier: tyGzHYcQBBWbcB+sS0JwSKslgff2b/UpfdcpGh6eCaE=
Subject key identifier: 95:43:79:30:E1:48:76:E9:56:C4:13:7B:CC:79:9C:75:8F:29:EE:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BBC0D626A33115AEF88689010F685C0D610B774
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
Signing time: Wed 05 Mar 2025 16:51:00 +0000
ROA not before: Wed 05 Mar 2025 16:51:00 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:bc:0d:62:6a:33:11:5a:ef:88:68:90:10:f6:85:c0:d6:10:b7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:51:00 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c2:95:43:55:4c:ca:0d:2a:36:40:be:33:a9:
ef:72:c1:8a:3f:42:02:34:9e:6e:96:07:40:52:05:
09:9f:25:ec:24:ce:5a:b1:83:dc:26:47:a4:9a:fe:
1c:ba:97:ae:79:a9:6b:5b:de:e3:f6:9e:48:33:02:
6c:6b:2c:c9:2f:7e:49:41:4e:f3:cc:b0:53:ba:a5:
94:47:4f:ae:55:43:cf:2c:e9:97:f7:ff:5c:b6:85:
ed:e0:92:9b:c7:c8:7b:33:62:7e:65:68:29:80:9b:
28:03:da:8c:1f:3e:24:a4:c2:1e:39:e1:b2:a9:93:
55:87:80:2e:73:b3:41:c4:69:7f:e7:9a:99:1e:93:
fe:d5:f9:59:ad:0f:0c:25:34:45:c5:67:d9:00:04:
e7:d0:6a:6f:8b:49:f5:55:e1:4f:42:cd:dd:35:ac:
36:25:45:58:a3:fd:e4:bc:42:79:a5:4e:5a:82:76:
bc:0e:08:d5:ae:eb:fd:9f:1e:06:7a:f2:29:95:b7:
55:ca:4f:81:73:60:22:ef:93:14:1d:25:34:f3:db:
b1:b3:39:15:47:76:26:74:3c:cf:ca:00:78:92:ae:
69:e5:6c:ec:61:75:30:50:22:ea:22:98:52:27:64:
2b:bc:29:c7:68:12:cb:ee:ac:71:b4:5d:92:83:2c:
01:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:43:79:30:E1:48:76:E9:56:C4:13:7B:CC:79:9C:75:8F:29:EE:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
16:06:0d:01:94:07:ff:72:e5:aa:5b:56:b9:b0:34:04:55:27:
81:f4:5e:1f:2a:07:ac:dc:39:1a:68:18:c3:74:f0:11:24:c3:
0d:6b:0b:9f:d0:ae:4e:40:3d:28:b0:e2:42:3d:f8:1b:cb:3b:
c2:03:56:c0:4c:a7:7e:21:da:d1:99:28:82:98:27:5d:af:52:
fa:69:01:1d:02:cc:1e:f9:d4:67:0e:42:00:0d:52:83:c2:fd:
c4:c1:bb:c5:fa:6f:14:19:94:92:f0:63:75:54:30:be:fa:ab:
c9:32:0d:a0:11:4a:9d:43:cd:68:2e:cf:ab:f8:c9:f3:f2:cb:
8b:ae:e8:ea:2a:17:8b:50:65:c3:1a:60:f4:e0:c0:ea:be:2d:
df:05:ff:4b:c6:73:8f:2f:1c:57:4a:40:e7:ab:62:08:77:7d:
59:7c:6a:2b:19:5d:6b:0e:70:21:00:7d:2e:dd:15:c1:06:dc:
17:b0:e2:d8:89:7d:fa:bf:7d:5d:a0:15:d3:43:1c:2f:58:77:
9b:3d:a4:b2:42:be:4f:b3:e5:49:3e:dd:8b:1d:44:50:d7:e6:
de:40:f6:06:b7:6a:f9:fd:79:63:ab:22:3f:eb:3e:bb:c5:7d:
10:f9:05:9d:cb:47:87:07:a2:bf:2a:8a:e0:bf:d7:18:98:de:
ef:af:72:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUW7wNYmozEVrviGiQEPaFwNYQt3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjUxMDBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNTM3ZDZlZjRkNzM5NDY1MTQ4N2NiMWYwYjZhMmEzNjMxOGI5YWI4YmIz
OTgyNmMyN2U3NWIyMjI1NmQxNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3ClUNVTMoNKjZAvjOp73LBij9CAjSebpYHQFIFCZ8l7CTOWrGD3CZHpJr+
HLqXrnmpa1ve4/aeSDMCbGssyS9+SUFO88ywU7qllEdPrlVDzyzpl/f/XLaF7eCS
m8fIezNifmVoKYCbKAPajB8+JKTCHjnhsqmTVYeALnOzQcRpf+eamR6T/tX5Wa0P
DCU0RcVn2QAE59Bqb4tJ9VXhT0LN3TWsNiVFWKP95LxCeaVOWoJ2vA4I1a7r/Z8e
BnryKZW3VcpPgXNgIu+TFB0lNPPbsbM5FUd2JnQ8z8oAeJKuaeVs7GF1MFAi6iKY
UidkK7wpx2gSy+6scbRdkoMsATUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSVQ3kw
4Uh26VbEE3vMeZx1jynuAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAFgYNAZQH/3LlqltWubA0BFUngfReHyoHrNw5
GmgYw3TwESTDDWsLn9CuTkA9KLDiQj34G8s7wgNWwEynfiHa0ZkogpgnXa9S+mkB
HQLMHvnUZw5CAA1Sg8L9xMG7xfpvFBmUkvBjdVQwvvqryTINoBFKnUPNaC7Pq/jJ
8/LLi67o6ioXi1Blwxpg9ODA6r4t3wX/S8Zzjy8cV0pA56tiCHd9WXxqKxldaw5w
IQB9Lt0VwQbcF7Di2Il9+r99XaAV00McL1h3mz2kskK+T7PlST7dix1EUNfm3kD2
Brdq+f15Y6siP+s+u8V9EPkFnctHhweivyqK4L/XGJje769ywQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:13 2025 by rpki-client