Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3c943d5-fc37-4c49-9dba-128c8e280c32.roa
File: c3c943d5-fc37-4c49-9dba-128c8e280c32.roa (raw, json)
Hash identifier: VSuMMhpvZRU+M3ncJwjhMuq5xFK22dadtdBd/ZZIKgw=
Subject key identifier: D4:77:9E:41:9A:F7:44:39:05:A3:0E:7B:89:E0:17:1B:01:47:AD:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28C2FF102128251DF3477266BB99CE67A4E918AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3c943d5-fc37-4c49-9dba-128c8e280c32.roa
Signing time: Wed 05 Mar 2025 17:20:25 +0000
ROA not before: Wed 05 Mar 2025 17:20:25 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:c2:ff:10:21:28:25:1d:f3:47:72:66:bb:99:ce:67:a4:e9:18:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:20:25 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:13:03:a0:6f:da:ed:7a:4e:b5:2c:d1:ed:b5:
6c:81:78:eb:e3:9e:f4:b3:10:bb:21:9b:1d:ea:ed:
d5:95:54:02:59:e4:3e:0d:83:c0:3f:6d:5c:ed:37:
34:48:70:97:cf:7c:f5:a8:dc:d4:3c:1d:ff:2e:ed:
25:b0:d1:87:a7:40:7d:1c:8d:15:53:d9:e2:cc:d1:
e1:8c:12:03:ac:e8:5f:c7:0e:5c:fe:32:80:b7:5f:
7d:ff:fd:b2:48:db:be:44:50:1c:21:cd:28:34:d8:
b8:b2:55:a9:77:bb:5d:7f:c2:19:8b:9e:d6:a3:d4:
19:77:65:48:ac:0d:b8:4e:1b:72:3a:f1:f2:48:da:
93:07:96:cb:7b:7c:31:73:8b:de:af:70:16:19:34:
0d:cb:24:54:95:c5:47:e2:d7:73:4c:4d:39:9c:ad:
2a:74:cd:62:c6:ad:88:71:5d:15:d4:6e:42:b2:67:
19:d6:ac:14:7a:9a:a7:94:c2:ed:d8:dc:83:27:b0:
1a:a5:7e:8e:c4:ab:47:30:10:50:ad:0e:4a:7e:1d:
43:7c:9f:9f:b6:b8:dd:ca:88:b9:4e:5e:d1:b1:69:
3a:5e:bc:04:fb:10:95:f3:af:22:a9:32:16:77:12:
45:25:18:ea:5a:36:ec:4b:54:bd:70:6f:93:a0:b5:
6f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:77:9E:41:9A:F7:44:39:05:A3:0E:7B:89:E0:17:1B:01:47:AD:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3c943d5-fc37-4c49-9dba-128c8e280c32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5040::/46
Signature Algorithm: sha256WithRSAEncryption
3c:63:77:08:26:a8:7f:4e:c5:18:53:4f:dc:fd:72:ba:d0:92:
cc:98:78:d6:b1:54:a6:58:9b:5a:7a:d6:1f:98:20:ac:0e:b3:
d8:96:21:34:9f:50:17:d8:cd:d1:9a:e5:78:a1:80:bb:e0:b2:
54:1c:16:9e:81:5c:fa:16:16:7b:c3:9a:0e:0d:57:59:b4:63:
c7:7e:a2:b1:f7:8c:d5:7c:fd:cc:1b:46:c5:b6:7d:9c:99:a5:
06:8f:ad:54:93:a9:15:4a:a7:b5:61:f6:a8:60:62:61:62:af:
ac:19:ed:3b:b4:5d:6f:ab:9d:f6:92:d1:5b:91:cd:bd:9f:a9:
f5:df:a1:60:3f:f7:14:8c:af:ad:2f:de:5b:cb:ea:6e:91:aa:
a6:38:58:fc:67:d3:94:0c:05:0c:5b:12:a8:27:cf:66:7d:28:
91:dd:ea:56:8c:7f:ba:07:4f:23:c6:40:12:e2:eb:80:f3:6a:
31:1f:9f:85:06:d8:50:e9:ae:d9:61:89:23:04:67:ff:66:83:
5f:32:d9:f8:12:9f:37:21:15:3a:73:02:37:77:34:52:c5:03:
e4:22:07:1b:56:c7:55:d7:a8:18:c7:cc:e0:57:75:f1:32:dd:
20:d1:3e:b7:85:a4:e3:55:2c:42:aa:c6:e3:f9:9a:31:ef:84:
ef:06:ee:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKML/ECEoJR3zR3Jmu5nOZ6TpGK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzIwMjVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDczZDc0YzU1YzcyZmI5YTc3OGEyNWRiNjU2YTEzMWRhZmRiNGVkYzZhNTk0
NzIzOTEwNzY2NzRhZmM2OWIwNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgTA6Bv2u16TrUs0e21bIF46+Oe9LMQuyGbHert1ZVUAlnkPg2DwD9tXO03
NEhwl8989ajc1Dwd/y7tJbDRh6dAfRyNFVPZ4szR4YwSA6zoX8cOXP4ygLdfff/9
skjbvkRQHCHNKDTYuLJVqXe7XX/CGYue1qPUGXdlSKwNuE4bcjrx8kjakweWy3t8
MXOL3q9wFhk0DcskVJXFR+LXc0xNOZytKnTNYsatiHFdFdRuQrJnGdasFHqap5TC
7djcgyewGqV+jsSrRzAQUK0OSn4dQ3yfn7a43cqIuU5e0bFpOl68BPsQlfOvIqky
FncSRSUY6lo27EtUvXBvk6C1b00CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUd55B
mvdEOQWjDnuJ4BcbAUetczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNjOTQzZDUtZmMzNy00YzQ5LTlkYmEtMTI4YzhlMjgwYzMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAPGN3CCaof07FGFNP3P1yutCSzJh41rFUplib
WnrWH5ggrA6z2JYhNJ9QF9jN0ZrleKGAu+CyVBwWnoFc+hYWe8OaDg1XWbRjx36i
sfeM1Xz9zBtGxbZ9nJmlBo+tVJOpFUqntWH2qGBiYWKvrBntO7Rdb6ud9pLRW5HN
vZ+p9d+hYD/3FIyvrS/eW8vqbpGqpjhY/GfTlAwFDFsSqCfPZn0okd3qVox/ugdP
I8ZAEuLrgPNqMR+fhQbYUOmu2WGJIwRn/2aDXzLZ+BKfNyEVOnMCN3c0UsUD5CIH
G1bHVdeoGMfM4Fd18TLdINE+t4Wk41UsQqrG4/maMe+E7wbu3A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:56 2025 by rpki-client