Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json)
Hash identifier: 6areRxzrDEnAQLsp0hjVB2xN7UT2qDqByPZmAgW/dA0=
Subject key identifier: 2B:CB:2B:37:54:57:93:42:1C:04:7B:3A:62:A8:DD:AB:49:B3:D7:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C8B058D957EC0ED2EDACE24540F9C31863E1848
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
Signing time: Wed 05 Mar 2025 16:51:02 +0000
ROA not before: Wed 05 Mar 2025 16:51:02 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8b:05:8d:95:7e:c0:ed:2e:da:ce:24:54:0f:9c:31:86:3e:18:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:51:02 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:98:fa:3c:66:4e:8d:04:2a:78:84:33:55:12:
db:62:e8:67:1a:5c:13:a6:84:db:8c:96:5a:c9:4f:
46:1b:bc:8d:a3:e3:32:a7:8c:15:77:77:41:11:4b:
6d:d2:2e:1a:8d:65:24:95:43:d5:75:a1:4d:f7:21:
69:ca:90:16:65:52:5f:5d:71:49:07:3a:f2:c1:51:
85:b8:00:af:d1:b6:ee:2c:1e:43:74:d4:da:4a:2f:
79:26:ea:07:0a:a5:77:89:b1:17:be:98:3c:c0:58:
d1:1e:0c:1e:a5:4f:d1:6a:9f:32:87:54:10:a4:f8:
82:85:ea:60:61:f2:88:cf:26:78:3d:9d:00:1d:a3:
9c:e8:0f:c4:7a:60:df:f9:66:ef:18:77:9f:20:e6:
55:11:1c:20:5d:92:94:f5:2f:66:04:39:2b:37:2a:
f4:39:ea:80:db:36:8d:5d:3d:ae:65:16:64:72:ca:
a0:b9:78:af:ff:42:69:2f:fb:37:70:83:25:ed:35:
f6:00:19:77:19:f1:58:df:de:02:89:31:fc:ef:be:
4f:1c:5a:27:e6:4f:f3:b2:5b:c5:bb:e9:f8:e9:68:
45:46:9b:fd:6e:b9:a9:a5:e5:53:e1:50:9c:61:5c:
94:f5:e8:30:27:cf:3e:27:53:2f:fb:4e:df:e1:b9:
fc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CB:2B:37:54:57:93:42:1C:04:7B:3A:62:A8:DD:AB:49:B3:D7:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:34:0c:75:19:46:39:ec:9d:d5:c8:b0:06:8f:58:7d:ed:98:
ca:3e:e9:c0:8d:2b:52:22:99:38:1e:a3:e2:ea:f2:11:1c:2a:
c4:a9:cf:41:1a:92:86:95:e2:96:61:78:6e:7e:81:0d:ef:38:
f2:1f:75:d3:56:7e:48:ec:b3:f3:de:f2:36:3c:d9:e0:dd:09:
69:fb:97:31:c2:10:b0:90:08:88:0d:98:1e:37:cf:b7:e0:ed:
bf:53:2a:87:12:2c:f4:c5:5e:5a:da:69:f3:c3:9b:b7:b3:13:
20:bc:f6:2e:76:32:45:5a:31:78:57:37:39:ce:61:9f:20:0b:
df:38:b5:65:a9:55:64:e2:c6:08:18:b9:c0:a6:62:4f:ed:1e:
52:98:e5:14:5b:dc:af:73:eb:32:da:04:19:95:f2:eb:65:59:
9b:e6:e5:f6:08:1f:df:78:3f:8d:ce:15:97:bf:f8:44:d4:3e:
bf:7f:47:d3:db:1a:a5:2f:0c:4c:ca:47:74:c0:78:5d:b4:3b:
0b:e3:98:fd:fc:73:d5:1c:6e:06:83:bd:48:9c:08:ba:11:9c:
c9:4a:d2:4c:f5:18:48:ee:fc:a6:12:49:3c:2e:b9:77:11:ff:
60:ef:c7:2d:f5:ce:9a:76:d4:5e:68:04:6e:af:28:86:5b:ea:
96:79:e4:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXIsFjZV+wO0u2s4kVA+cMYY+GEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjUxMDJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MWZkZTRlZTQyOTU5NWFkZjg3Y2YzNmJlY2Y4YWYzOTYzMDFlM2I1YzM3
YmU4Y2Q5ODEwMzBlZTMxNWQxODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWY+jxmTo0EKniEM1US22LoZxpcE6aE24yWWslPRhu8jaPjMqeMFXd3QRFL
bdIuGo1lJJVD1XWhTfchacqQFmVSX11xSQc68sFRhbgAr9G27iweQ3TU2koveSbq
Bwqld4mxF76YPMBY0R4MHqVP0WqfModUEKT4goXqYGHyiM8meD2dAB2jnOgPxHpg
3/lm7xh3nyDmVREcIF2SlPUvZgQ5Kzcq9DnqgNs2jV09rmUWZHLKoLl4r/9CaS/7
N3CDJe019gAZdxnxWN/eAokx/O++TxxaJ+ZP87Jbxbvp+OloRUab/W65qaXlU+FQ
nGFclPXoMCfPPidTL/tO3+G5/AkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQryys3
VFeTQhwEezpiqN2rSbPX/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCfNAx1GUY57J3VyLAGj1h97ZjKPunAjStSIpk4
HqPi6vIRHCrEqc9BGpKGleKWYXhufoEN7zjyH3XTVn5I7LPz3vI2PNng3Qlp+5cx
whCwkAiIDZgeN8+34O2/UyqHEiz0xV5a2mnzw5u3sxMgvPYudjJFWjF4Vzc5zmGf
IAvfOLVlqVVk4sYIGLnApmJP7R5SmOUUW9yvc+sy2gQZlfLrZVmb5uX2CB/feD+N
zhWXv/hE1D6/f0fT2xqlLwxMykd0wHhdtDsL45j9/HPVHG4Gg71InAi6EZzJStJM
9RhI7vymEkk8Lrl3Ef9g78ct9c6adtReaARuryiGW+qWeeSf
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:41 2025 by rpki-client