Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
File: be610cc2-170e-494b-b1f3-db73bc5ff027.roa (raw, json)
Hash identifier: RvDqlN1wbrNSuBthKUvk4+udfSuIO9VhoIVXN5jCXdk=
Subject key identifier: 54:00:F4:8D:1F:9D:66:5C:F5:1B:F2:AB:FB:48:AC:D4:E0:4A:4B:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DB3F263874AFD1C6AF6CF2C3D156B15BC2C58EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
Signing time: Wed 05 Mar 2025 16:20:50 +0000
ROA not before: Wed 05 Mar 2025 16:20:50 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b3:f2:63:87:4a:fd:1c:6a:f6:cf:2c:3d:15:6b:15:bc:2c:58:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:20:50 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8b:da:43:ec:7c:a9:0e:63:57:2d:5d:ee:5c:
07:c3:cc:ed:3f:5f:41:3a:97:2e:21:c5:fb:cc:f9:
b6:e5:04:f2:ce:45:10:25:e7:30:c9:60:6d:94:37:
7a:82:2d:61:6b:8f:70:58:4d:40:a6:20:65:f0:1e:
9f:eb:36:55:03:2f:ff:fb:9a:be:63:e5:47:56:fd:
bb:e8:c9:3e:3b:f9:ac:0b:72:fb:03:aa:dd:1d:23:
18:e0:32:b7:6f:d7:e0:ce:af:f8:ec:5a:55:04:f0:
2e:01:16:a4:c2:b7:d7:2d:76:b6:4d:36:3e:c0:f4:
b9:50:d7:18:30:e0:9f:5a:8a:a1:b1:2b:a6:6c:c5:
2a:30:80:83:2c:ec:45:42:ca:26:b2:f3:9a:f1:3c:
01:b4:60:71:ef:cd:90:c5:c2:38:76:8e:42:31:d7:
8c:e2:3f:f3:a0:d8:fa:6b:2b:62:8e:68:1a:04:9f:
10:29:0b:d4:99:97:28:8f:71:e6:58:6b:38:eb:e2:
fd:e4:f7:64:00:a9:80:4a:c4:b9:72:66:17:80:f9:
cd:a8:bb:2b:28:fb:98:4c:7d:cb:70:56:ad:61:f6:
64:1c:14:86:8d:ec:47:15:55:15:57:d9:b8:29:94:
33:81:93:c8:83:11:d5:8a:32:2f:4e:31:02:f8:f0:
b9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:00:F4:8D:1F:9D:66:5C:F5:1B:F2:AB:FB:48:AC:D4:E0:4A:4B:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6080::/48
Signature Algorithm: sha256WithRSAEncryption
8e:ee:32:c3:39:19:59:5d:71:d6:d4:59:42:05:5a:2f:78:74:
f4:09:9e:2b:4f:c4:aa:e2:75:9c:7f:16:41:26:01:4b:a3:1d:
e2:80:67:76:f1:c6:9e:99:cb:8b:fb:20:6f:02:3a:72:73:3e:
0f:1e:f0:80:16:4d:c2:78:8e:c1:75:e6:ad:09:99:36:0c:d6:
b2:63:d6:32:25:d7:ea:a2:aa:75:2b:5a:f7:7a:af:24:a7:c6:
fa:d4:db:c5:08:b7:44:8e:6d:25:a4:44:d7:ab:f5:1b:1a:c0:
6c:ea:73:26:0b:11:86:f1:77:98:6f:17:e8:9e:91:e4:a3:4b:
2b:93:51:27:e2:9c:d4:2b:40:7c:4f:53:67:6d:9c:f7:99:77:
2b:a7:97:af:e4:e1:5e:9e:2c:94:29:96:e0:6d:86:40:37:a6:
05:a5:c7:52:20:2e:49:d4:24:9b:4f:b4:26:b6:3c:b7:e4:4b:
23:ca:a6:f2:12:52:bb:ae:83:8e:6e:65:62:32:92:3c:59:cc:
0a:d8:f7:3a:5d:d9:c3:b3:e3:2c:2d:1c:60:66:55:f3:ef:b1:
b6:a9:37:ca:12:eb:06:d2:6c:11:79:29:d7:3d:aa:94:92:9a:
b9:29:3d:83:12:1e:f4:5b:1d:bf:fc:10:ef:51:31:ff:d8:b7:
62:0d:1d:36
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTbPyY4dK/Rxq9s8sPRVrFbwsWOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjIwNTBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5OGIyODQyN2UwMDFkY2JkOWFhMTY2OGYyYmNmNDNlMzBjY2UzY2I1OTVj
ZDBkZjIxODQ4YWM5YzVkMzZkZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCL2kPsfKkOY1ctXe5cB8PM7T9fQTqXLiHF+8z5tuUE8s5FECXnMMlgbZQ3
eoItYWuPcFhNQKYgZfAen+s2VQMv//uavmPlR1b9u+jJPjv5rAty+wOq3R0jGOAy
t2/X4M6v+OxaVQTwLgEWpMK31y12tk02PsD0uVDXGDDgn1qKobErpmzFKjCAgyzs
RULKJrLzmvE8AbRgce/NkMXCOHaOQjHXjOI/86DY+msrYo5oGgSfECkL1JmXKI9x
5lhrOOvi/eT3ZACpgErEuXJmF4D5zai7Kyj7mEx9y3BWrWH2ZBwUho3sRxVVFVfZ
uCmUM4GTyIMR1YoyL04xAvjwuSkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUAPSN
H51mXPUb8qv7SKzU4EpLZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MTBjYzItMTcwZS00OTRiLWIxZjMtZGI3M2JjNWZmMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
gDANBgkqhkiG9w0BAQsFAAOCAQEAju4ywzkZWV1x1tRZQgVaL3h09AmeK0/EquJ1
nH8WQSYBS6Md4oBndvHGnpnLi/sgbwI6cnM+Dx7wgBZNwniOwXXmrQmZNgzWsmPW
MiXX6qKqdSta93qvJKfG+tTbxQi3RI5tJaRE16v1GxrAbOpzJgsRhvF3mG8X6J6R
5KNLK5NRJ+Kc1CtAfE9TZ22c95l3K6eXr+ThXp4slCmW4G2GQDemBaXHUiAuSdQk
m0+0JrY8t+RLI8qm8hJSu66Djm5lYjKSPFnMCtj3Ol3Zw7PjLC0cYGZV8++xtqk3
yhLrBtJsEXkp1z2qlJKauSk9gxIe9Fsdv/wQ71Ex/9i3Yg0dNg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:53 2025 by rpki-client