Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: v73+UyFWhudDew4+gypjcVwK0G+YkWx0Jcftsn0VU1c=
Subject key identifier: 42:28:F0:64:EC:2B:D2:B7:86:8D:D7:12:63:4E:BA:D0:88:C7:04:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 037FC37F03DB5BBA8790C8C6F524032B0595BC40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Wed 05 Mar 2025 17:21:00 +0000
ROA not before: Wed 05 Mar 2025 17:21:00 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:7f:c3:7f:03:db:5b:ba:87:90:c8:c6:f5:24:03:2b:05:95:bc:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:21:00 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:71:51:4b:d0:ca:33:46:c9:f9:7f:b1:24:80:
45:41:e9:32:59:1f:16:f5:d0:a6:d3:f2:5e:a0:89:
dd:fd:64:93:84:07:cc:2e:f0:8a:6d:0e:48:44:26:
97:19:55:0e:c7:86:b1:4c:03:0d:81:64:28:96:0d:
2d:0b:ac:c9:74:19:8b:57:ad:eb:e5:af:67:bf:bd:
e6:82:1a:a1:e0:d5:75:f3:8f:21:6e:52:d0:c4:6f:
1a:31:32:17:2d:3b:60:64:78:51:db:6c:65:3b:55:
c6:89:77:f4:7a:15:75:57:b8:1b:d7:4c:8c:61:aa:
b3:4f:4a:c2:66:1b:f6:67:fb:70:52:78:dc:57:31:
43:2d:a9:d1:6b:44:e4:a0:f8:f7:b8:6e:4a:9f:31:
54:70:01:3c:73:b1:70:41:2a:70:f3:9d:59:4a:d5:
a3:9a:4a:cd:b0:b2:17:58:99:0c:be:e3:75:aa:63:
da:ff:1c:ce:1e:38:84:50:a3:a7:9e:5c:82:49:58:
6c:f1:bf:3c:6b:4b:55:0f:65:ce:39:16:76:88:ff:
a0:52:f0:be:18:66:2d:5b:8c:a2:5a:42:db:7c:bc:
11:b3:8f:c2:9c:70:c8:b1:f9:cd:44:ae:e1:76:60:
83:33:19:1c:fc:69:a9:7d:6e:98:22:39:f9:d3:3c:
de:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:28:F0:64:EC:2B:D2:B7:86:8D:D7:12:63:4E:BA:D0:88:C7:04:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
57:2e:e0:2e:59:df:0e:2f:3b:5a:a7:43:5f:df:4d:88:0f:91:
e8:25:e1:df:00:4f:28:45:4e:1a:0b:38:3b:cf:da:ef:bf:e2:
fe:d1:03:ed:6b:a7:bf:93:10:a0:c9:c1:19:df:65:18:2e:e9:
60:75:d6:42:b9:c1:21:1b:4c:cc:01:42:5c:f3:7e:a1:b4:39:
76:a7:dc:d1:ee:f7:b7:84:ee:02:ae:a9:7d:ee:59:9c:21:a1:
6e:57:e2:c1:69:9c:05:2e:9c:ee:cb:42:3a:d3:3c:30:a3:13:
5c:8c:ce:99:1a:a4:a8:ce:2b:72:52:cd:91:4f:e9:42:55:2c:
ad:8a:09:08:f7:fd:a7:10:59:91:68:d3:d1:95:8f:f1:9b:ed:
b6:e9:2f:5e:d0:f3:81:19:60:bf:c2:19:b6:12:f5:92:5c:38:
cb:dc:ab:61:bc:64:30:4f:bd:04:45:f7:07:e4:ab:02:e0:f7:
5a:1d:ba:ce:2d:53:72:4b:7e:6c:95:21:0c:a1:4d:01:4d:89:
f8:d9:87:9c:6a:e5:76:69:c0:7c:ea:19:4f:82:48:23:cc:f8:
e6:ef:a1:75:bb:29:36:a3:de:1c:c8:c2:87:5d:b3:5e:da:bf:
33:a3:94:cf:61:35:a3:7d:b5:8a:0f:ff:31:74:b8:98:31:18:
e8:3e:0f:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA3/DfwPbW7qHkMjG9SQDKwWVvEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIxMDBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjMTFhNTJlM2JmNmMxMzk0ODI5N2M3NjFkNGFlNWYyZDA5M2FkN2M1OTM1
ZWE1OWUyNmQzYWM3YjVhMmU5ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5xUUvQyjNGyfl/sSSARUHpMlkfFvXQptPyXqCJ3f1kk4QHzC7wim0OSEQm
lxlVDseGsUwDDYFkKJYNLQusyXQZi1et6+WvZ7+95oIaoeDVdfOPIW5S0MRvGjEy
Fy07YGR4UdtsZTtVxol39HoVdVe4G9dMjGGqs09KwmYb9mf7cFJ43FcxQy2p0WtE
5KD497huSp8xVHABPHOxcEEqcPOdWUrVo5pKzbCyF1iZDL7jdapj2v8czh44hFCj
p55cgklYbPG/PGtLVQ9lzjkWdoj/oFLwvhhmLVuMolpC23y8EbOPwpxwyLH5zUSu
4XZggzMZHPxpqX1umCI5+dM83oECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCKPBk
7CvSt4aN1xJjTrrQiMcEujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQBXLuAuWd8OLztap0Nf302ID5HoJeHfAE8oRU4a
Czg7z9rvv+L+0QPta6e/kxCgycEZ32UYLulgddZCucEhG0zMAUJc836htDl2p9zR
7ve3hO4Crql97lmcIaFuV+LBaZwFLpzuy0I60zwwoxNcjM6ZGqSozityUs2RT+lC
VSytigkI9/2nEFmRaNPRlY/xm+226S9e0POBGWC/whm2EvWSXDjL3KthvGQwT70E
RfcH5KsC4PdaHbrOLVNyS35slSEMoU0BTYn42YecauV2acB86hlPgkgjzPjm76F1
uyk2o94cyMKHXbNe2r8zo5TPYTWjfbWKD/8xdLiYMRjoPg/z
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:00 2025 by rpki-client