Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: 9Oq5iV13QN/JBDk9Xmmkiw73Oc712oT2TnAvcO52t1M=
Subject key identifier: 16:9E:58:F2:FB:56:6A:75:AE:B5:60:25:D8:E1:1B:36:94:6A:C5:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50567D71A5D764C99C4A151695D761AE9D75CB7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Wed 05 Mar 2025 17:00:27 +0000
ROA not before: Wed 05 Mar 2025 17:00:27 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:56:7d:71:a5:d7:64:c9:9c:4a:15:16:95:d7:61:ae:9d:75:cb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:00:27 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:93:07:46:7d:25:db:8c:5e:41:04:93:d6:5b:
15:d8:70:91:e5:e3:10:0f:8a:1f:f4:8e:05:66:36:
05:6d:a1:ec:3a:c6:16:3f:3a:b9:eb:b6:a2:6b:25:
24:94:91:c8:fd:6e:55:18:9d:60:b2:d0:02:ef:cb:
22:1f:eb:54:d0:61:b1:b8:fa:7a:2a:ca:4d:c8:7c:
3a:0d:ee:8b:fb:84:6a:04:8f:86:bb:11:e2:75:b9:
58:d0:4f:a7:43:51:ae:32:fe:a7:e1:97:e7:e9:d3:
6a:2d:e5:15:ba:16:f3:2e:21:5c:f5:98:a6:de:06:
08:0c:31:49:27:6a:56:1a:90:cd:12:73:13:42:f4:
08:cc:c0:38:bc:bf:bc:ee:d1:2e:0d:c5:8e:42:19:
8f:be:cd:98:b5:13:e6:9a:3a:96:9a:b6:dc:0c:77:
42:4b:e0:7a:74:d2:6c:60:ae:07:b1:ef:04:47:b3:
89:76:10:9c:f5:22:36:f4:b7:11:b8:ff:3c:da:cc:
89:fe:7a:31:ca:6a:47:b5:30:6d:6e:e4:08:71:35:
f6:10:27:13:f8:3c:79:51:ea:97:ca:0f:16:e0:07:
c5:4b:32:13:ae:ed:b1:fb:da:01:75:db:ac:18:a1:
bf:60:63:2f:b0:a3:db:06:89:c9:35:cc:9e:5f:88:
d6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9E:58:F2:FB:56:6A:75:AE:B5:60:25:D8:E1:1B:36:94:6A:C5:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
3a:bf:79:85:d8:1d:ed:8e:80:bb:c5:42:bb:c4:41:c6:07:9f:
cf:27:ac:db:e0:24:02:5f:8e:13:06:b6:70:76:47:87:4f:d9:
7a:98:fe:7d:79:02:eb:19:55:60:4c:68:a5:0a:1f:41:d2:de:
0c:8e:92:d0:f4:7a:d7:b0:3e:6f:14:29:d5:59:df:f1:f2:02:
1c:93:eb:8e:bb:c1:41:05:a6:ff:e2:7c:0d:f2:22:22:42:eb:
27:24:7a:5a:a3:3e:ec:7b:2b:56:55:aa:0b:1a:dd:92:05:1c:
b1:90:bd:fc:8d:94:50:f9:6c:ac:13:e5:78:b9:b3:b9:71:f3:
70:49:b3:08:f6:22:cb:52:7e:cb:fe:f9:59:30:ae:9f:18:4b:
03:21:f0:54:9e:66:98:e7:bb:94:68:cf:54:16:67:b9:89:17:
69:28:bc:6a:33:6b:fb:d9:32:73:b1:3a:a6:19:e8:78:e7:54:
36:b4:0e:47:fe:89:d9:8b:74:19:52:1b:cc:62:46:76:cf:6c:
7c:3a:40:ed:02:85:4b:60:ad:75:0c:84:fd:96:81:94:77:1f:
e3:c9:84:51:2c:43:8d:95:aa:03:f2:f6:62:61:a5:dc:b5:37:
2a:3a:51:51:e0:bf:26:c1:3e:0e:2c:97:08:48:fb:30:0c:16:
e5:b1:a0:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUFZ9caXXZMmcShUWlddhrp11y30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzAwMjdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNWJiNTQxYzI1M2Y3ODkwYzU3NmRkOGI2NDRmODI2YmQ3YzFlYTc2N2Fh
NGZiYTM2MmEwNWEzN2U3N2JkYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyTB0Z9JduMXkEEk9ZbFdhwkeXjEA+KH/SOBWY2BW2h7DrGFj86ueu2omsl
JJSRyP1uVRidYLLQAu/LIh/rVNBhsbj6eirKTch8Og3ui/uEagSPhrsR4nW5WNBP
p0NRrjL+p+GX5+nTai3lFboW8y4hXPWYpt4GCAwxSSdqVhqQzRJzE0L0CMzAOLy/
vO7RLg3FjkIZj77NmLUT5po6lpq23Ax3QkvgenTSbGCuB7HvBEeziXYQnPUiNvS3
Ebj/PNrMif56McpqR7UwbW7kCHE19hAnE/g8eVHql8oPFuAHxUsyE67tsfvaAXXb
rBihv2BjL7Cj2waJyTXMnl+I1o0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWnljy
+1Zqda61YCXY4Rs2lGrFdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAOr95hdgd7Y6Au8VCu8RBxgefzyes2+AkAl+O
Ewa2cHZHh0/Zepj+fXkC6xlVYExopQofQdLeDI6S0PR617A+bxQp1Vnf8fICHJPr
jrvBQQWm/+J8DfIiIkLrJyR6WqM+7HsrVlWqCxrdkgUcsZC9/I2UUPlsrBPleLmz
uXHzcEmzCPYiy1J+y/75WTCunxhLAyHwVJ5mmOe7lGjPVBZnuYkXaSi8ajNr+9ky
c7E6phnoeOdUNrQOR/6J2Yt0GVIbzGJGds9sfDpA7QKFS2CtdQyE/ZaBlHcf48mE
USxDjZWqA/L2YmGl3LU3KjpRUeC/JsE+DiyXCEj7MAwW5bGgvA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:34 2025 by rpki-client