Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: m3tNfers8333YKBSauVkzRalRj/U0GlfJ6Slo47yDvw=
Subject key identifier: 10:94:9D:7C:78:FA:A0:6F:3F:23:65:29:1D:CB:E7:D9:06:4F:40:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F9EB0AC687956CC2309C0121C88F02D7C92F301
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Wed 05 Mar 2025 17:40:22 +0000
ROA not before: Wed 05 Mar 2025 17:40:22 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:9e:b0:ac:68:79:56:cc:23:09:c0:12:1c:88:f0:2d:7c:92:f3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:40:22 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c1:bb:be:42:b4:f9:41:87:35:e2:d2:f9:d4:
a2:12:ef:d1:96:33:e6:a7:14:85:8b:d5:9e:ac:5a:
c1:6a:b7:5e:ec:b5:e1:22:69:00:0e:5e:cf:f2:a5:
63:77:9d:b5:e3:1d:6e:c4:e7:29:5f:69:60:44:ad:
cc:5f:5b:3b:a9:50:51:99:09:45:b2:de:5a:12:50:
e9:d6:a8:ee:08:7e:b3:67:ef:f5:32:fa:0c:e1:60:
54:19:f3:9a:f6:27:7e:b2:70:35:91:5b:33:66:49:
c0:83:72:30:9b:3f:da:a0:1f:7c:0b:63:c6:11:e2:
43:f9:04:52:77:d2:65:d7:d2:a1:63:70:24:69:fa:
f7:a5:e3:99:93:39:82:4b:6f:21:7f:33:18:c4:ef:
a2:89:1f:e1:97:45:29:da:3c:b4:16:88:b8:b3:b4:
a7:26:48:6c:0b:6b:31:fe:7f:84:dd:4f:b0:37:98:
16:50:66:d2:73:5c:29:f6:c4:bc:28:e1:dc:bb:f0:
f3:f3:f6:93:03:e3:b2:17:78:23:50:34:d8:31:39:
a9:3c:ef:70:59:1a:40:25:f0:d3:af:e2:a9:9e:81:
60:11:25:92:cb:ee:c4:b4:e7:b1:96:14:f8:39:f4:
cd:65:0f:14:71:8d:74:1f:87:f6:16:98:66:5a:43:
57:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:94:9D:7C:78:FA:A0:6F:3F:23:65:29:1D:CB:E7:D9:06:4F:40:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
c7:ef:c2:a2:86:e2:29:ac:ac:e4:9c:b0:1d:c3:08:a9:72:86:
84:a8:20:da:7d:b0:17:7e:3a:c1:8f:79:75:de:a5:9c:a5:eb:
87:59:26:c7:54:ee:cf:56:b3:3c:10:81:e1:b2:c2:d3:5b:c1:
2a:9f:b4:1a:29:cd:fb:be:26:47:ba:9d:3f:d9:f1:e4:88:2e:
cf:af:75:45:19:e5:fc:ef:12:b8:aa:66:06:22:64:65:59:45:
81:45:56:26:2b:e9:be:f9:3b:bf:dd:74:ce:55:fa:12:e5:58:
73:99:91:2f:0f:be:a4:31:6c:f8:8e:e7:69:9b:fa:c4:8e:0b:
87:a8:61:97:17:36:37:c7:23:92:da:8f:6a:3c:ad:43:6d:4e:
d2:ca:c3:29:46:42:83:2d:31:d3:f2:a1:9b:52:10:87:71:10:
14:d5:22:05:ea:20:3d:63:20:50:bd:2a:cc:05:f2:d0:92:6e:
e9:45:bf:dc:26:5d:9b:93:ad:8e:57:1b:7c:44:3d:60:d5:97:
cc:fc:17:62:27:00:26:5f:55:ea:24:d8:4f:0b:6f:4a:66:4d:
3f:ef:77:f0:7d:90:69:c7:9c:a3:88:1a:a1:8c:fb:c3:b8:eb:
7a:6c:95:8b:4c:d9:4d:a1:b6:2b:15:9d:51:d8:ae:bc:be:09:
50:20:74:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX56wrGh5VswjCcASHIjwLXyS8wEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzQwMjJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjOWU2NTgwNTVmYTQ0ZTYyNDdmZWJkM2E4NTMyOTdhYzVkZWFlNTljYWJh
NWMxNTc1MGQ4NzRjMDZlMTE3OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOnBu75CtPlBhzXi0vnUohLv0ZYz5qcUhYvVnqxawWq3Xuy14SJpAA5ez/Kl
Y3edteMdbsTnKV9pYEStzF9bO6lQUZkJRbLeWhJQ6dao7gh+s2fv9TL6DOFgVBnz
mvYnfrJwNZFbM2ZJwINyMJs/2qAffAtjxhHiQ/kEUnfSZdfSoWNwJGn696XjmZM5
gktvIX8zGMTvookf4ZdFKdo8tBaIuLO0pyZIbAtrMf5/hN1PsDeYFlBm0nNcKfbE
vCjh3Lvw8/P2kwPjshd4I1A02DE5qTzvcFkaQCXw06/iqZ6BYBElksvuxLTnsZYU
+Dn0zWUPFHGNdB+H9haYZlpDVzUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQlJ18
ePqgbz8jZSkdy+fZBk9APzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQDH78KihuIprKzknLAdwwipcoaEqCDafbAXfjrB
j3l13qWcpeuHWSbHVO7PVrM8EIHhssLTW8Eqn7QaKc37viZHup0/2fHkiC7Pr3VF
GeX87xK4qmYGImRlWUWBRVYmK+m++Tu/3XTOVfoS5VhzmZEvD76kMWz4judpm/rE
jguHqGGXFzY3xyOS2o9qPK1DbU7SysMpRkKDLTHT8qGbUhCHcRAU1SIF6iA9YyBQ
vSrMBfLQkm7pRb/cJl2bk62OVxt8RD1g1ZfM/BdiJwAmX1XqJNhPC29KZk0/73fw
fZBpx5yjiBqhjPvDuOt6bJWLTNlNobYrFZ1R2K68vglQIHQL
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:24 2025 by rpki-client