Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c0520c80-698f-4538-b32e-e9663caeb979.roa
File: c0520c80-698f-4538-b32e-e9663caeb979.roa (raw, json)
Hash identifier: clNlIiRPRyzkOpth1lHQS8hxsN8nFspOK3/+dQ32kXM=
Subject key identifier: 54:BA:7D:DA:C8:68:6A:0B:EC:3E:FF:62:FB:21:82:C2:96:77:70:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 508EB4B45F1D41010727C942B8A9898C6759A4CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c0520c80-698f-4538-b32e-e9663caeb979.roa
Signing time: Wed 05 Mar 2025 16:10:07 +0000
ROA not before: Wed 05 Mar 2025 16:10:07 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8050::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8e:b4:b4:5f:1d:41:01:07:27:c9:42:b8:a9:89:8c:67:59:a4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:10:07 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:f9:8b:85:6a:e1:b6:4c:83:94:b1:14:34:
93:e8:7e:90:47:16:cf:22:15:83:63:9f:77:a8:b7:
3a:84:8f:12:6b:34:50:63:bf:66:2c:a4:6b:54:20:
98:c7:ca:5c:d5:a5:96:a5:f3:10:ed:8a:73:2c:29:
53:f0:b8:3b:9d:eb:bf:21:0f:c7:e0:7f:b9:73:15:
d3:a5:e3:97:82:fc:6f:9a:a7:51:b4:b0:2d:7b:30:
e4:3f:39:53:e1:47:a0:05:da:52:60:73:03:e1:e4:
b4:43:f0:13:ca:9b:b0:fc:cc:ea:1e:98:e8:11:16:
35:28:12:b8:40:c6:fe:cd:61:ae:58:16:92:26:20:
ae:d8:2f:95:1c:e8:66:c5:2b:3d:44:d8:4d:c6:50:
ad:87:1e:90:df:ed:c7:60:79:99:81:97:c9:18:b0:
8b:71:2f:74:4c:c9:b6:a3:24:e6:3a:c0:a6:98:4a:
7b:d7:37:80:44:17:21:93:0a:4e:77:6c:72:19:74:
d4:89:da:09:58:05:91:1d:74:0f:04:ef:43:44:3b:
fc:ba:33:da:7c:52:43:93:f8:71:fa:1c:2f:3e:40:
e6:85:98:43:a5:2b:c0:1b:6b:c7:54:f2:e9:6e:bb:
c6:75:60:8b:2d:dc:17:7d:24:44:4a:97:2d:d9:51:
5e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BA:7D:DA:C8:68:6A:0B:EC:3E:FF:62:FB:21:82:C2:96:77:70:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c0520c80-698f-4538-b32e-e9663caeb979.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8050::/48
Signature Algorithm: sha256WithRSAEncryption
89:a9:8f:35:98:e7:c7:85:fa:30:7e:06:08:6c:15:63:cc:7a:
5f:93:fc:d8:54:28:2c:05:d0:a0:95:cd:5c:f7:18:9f:cc:36:
bd:41:bd:b8:0b:5f:cf:d5:79:ab:3e:3a:0b:45:b2:08:cc:04:
40:e8:6e:fd:f0:ee:94:8a:28:e1:10:08:c5:d3:3c:f4:91:ec:
d3:1e:1e:c4:9b:2c:a6:fe:1a:8c:52:c3:2b:ec:4b:25:2c:0f:
db:c1:f8:ea:18:81:0c:5c:5f:32:02:09:56:91:09:62:66:dc:
63:e3:bb:bc:d8:18:d2:1d:62:8e:c8:9d:4d:39:b4:64:24:e4:
b2:90:0d:f0:ee:22:69:26:ea:a8:37:9d:ba:3d:2a:45:b0:f3:
42:7d:21:db:4a:d3:f6:e7:9f:e1:80:28:65:04:94:cd:15:17:
b5:cf:db:d3:39:2f:1c:8f:ed:54:1c:f9:77:4d:f5:ee:95:98:
9a:ae:1e:cd:13:f3:f1:af:e8:1c:de:04:21:74:f7:36:45:93:
a0:79:70:ff:07:86:d2:06:35:fc:4d:15:b1:a7:5a:6d:52:32:
9e:00:dc:f7:4e:62:d1:08:b9:c2:82:be:58:66:74:42:12:94:
51:75:bb:1c:1c:29:e8:90:00:7c:ce:51:71:67:24:86:a5:07:
0c:9a:eb:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUI60tF8dQQEHJ8lCuKmJjGdZpMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjEwMDdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YTg5YzkyZGM3NDljMGI4ZTM5NTcwNjUzZTJmNTgyZDM4YjU0OTI0ZDA0
MTg2NzQ2OTA0ZGY3NmIzZDZkYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf++YuFauG2TIOUsRQ0k+h+kEcWzyIVg2Ofd6i3OoSPEms0UGO/Ziyka1Qg
mMfKXNWllqXzEO2KcywpU/C4O53rvyEPx+B/uXMV06Xjl4L8b5qnUbSwLXsw5D85
U+FHoAXaUmBzA+HktEPwE8qbsPzM6h6Y6BEWNSgSuEDG/s1hrlgWkiYgrtgvlRzo
ZsUrPUTYTcZQrYcekN/tx2B5mYGXyRiwi3EvdEzJtqMk5jrApphKe9c3gEQXIZMK
Tndschl01InaCVgFkR10DwTvQ0Q7/Loz2nxSQ5P4cfocLz5A5oWYQ6UrwBtrx1Ty
6W67xnVgiy3cF30kREqXLdlRXhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUun3a
yGhqC+w+/2L7IYLClndwijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzA1MjBjODAtNjk4Zi00NTM4LWIzMmUtZTk2NjNjYWViOTc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
UDANBgkqhkiG9w0BAQsFAAOCAQEAiamPNZjnx4X6MH4GCGwVY8x6X5P82FQoLAXQ
oJXNXPcYn8w2vUG9uAtfz9V5qz46C0WyCMwEQOhu/fDulIoo4RAIxdM89JHs0x4e
xJsspv4ajFLDK+xLJSwP28H46hiBDFxfMgIJVpEJYmbcY+O7vNgY0h1ijsidTTm0
ZCTkspAN8O4iaSbqqDeduj0qRbDzQn0h20rT9uef4YAoZQSUzRUXtc/b0zkvHI/t
VBz5d0317pWYmq4ezRPz8a/oHN4EIXT3NkWToHlw/weG0gY1/E0VsadabVIyngDc
905i0Qi5woK+WGZ0QhKUUXW7HBwp6JAAfM5RcWckhqUHDJrrOQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:50 2025 by rpki-client