Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
File: cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa (raw, json)
Hash identifier: O3+GC9TuX3yCm4S1gII5JJ6iUFWUO3Vieppf0CpYRQs=
Subject key identifier: 34:95:37:13:6C:74:D7:D6:2A:1B:C9:25:46:48:F0:58:95:B6:88:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A4108ACDCC2763D4C83A44DDDB8A6F6AB350E2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
Signing time: Mon 24 Mar 2025 19:30:21 +0000
ROA not before: Mon 24 Mar 2025 19:30:21 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:41:08:ac:dc:c2:76:3d:4c:83:a4:4d:dd:b8:a6:f6:ab:35:0e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 24 19:30:21 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:31:ea:78:69:e5:78:3c:63:98:1e:13:e4:4a:
f5:a6:d6:11:67:cb:79:36:80:bf:cd:9d:21:9d:7d:
63:13:8e:df:e1:74:04:9d:7f:26:65:88:4d:dc:b6:
4b:63:c6:18:6e:58:ad:41:e0:01:cd:fc:f1:b6:63:
e6:1b:b3:b4:fe:cf:18:5f:a3:2b:f5:e4:51:93:e6:
e0:cc:b0:52:93:8d:e1:c7:f3:54:cd:86:9e:b6:b3:
7a:cb:e7:91:cd:34:eb:60:ce:af:41:8c:e3:2d:0d:
df:b7:3c:53:09:bd:fd:81:1f:f6:99:d8:a5:84:72:
b0:25:be:3c:b4:dc:4b:41:ef:2b:21:fe:93:cd:65:
83:46:67:1c:34:06:d1:1b:df:43:ba:5f:59:3d:48:
86:cf:26:12:82:bd:fe:39:e0:62:ad:01:b9:5e:3f:
23:17:49:28:e3:49:71:69:63:66:35:39:3c:3e:04:
43:f2:27:a0:8e:47:4d:ac:db:6c:31:2f:d1:28:a5:
62:a8:6c:5f:9d:61:0c:f9:10:ce:f6:db:f9:f9:1a:
dd:b3:a6:96:23:c1:fb:49:b4:10:a1:29:48:c6:bb:
b2:b2:76:76:69:da:ae:ac:72:c7:cc:89:2b:ee:ed:
7b:a7:f1:00:77:0a:5b:95:f2:b2:b1:71:ca:fd:3a:
5c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:95:37:13:6C:74:D7:D6:2A:1B:C9:25:46:48:F0:58:95:B6:88:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/48
Signature Algorithm: sha256WithRSAEncryption
a8:4c:20:c6:f4:55:47:08:d5:44:b3:ac:77:40:ce:dc:cb:d8:
0e:14:a4:8d:c7:d2:dc:0c:90:24:31:6d:04:97:45:6e:da:b0:
2e:1c:45:23:40:94:37:3c:6a:60:4c:95:5f:84:38:3f:08:89:
f7:17:03:d9:04:37:23:7e:04:de:0b:c8:02:7f:72:19:83:f1:
26:75:79:f6:8c:0a:28:2e:99:59:45:74:88:5b:ae:7a:52:de:
f3:4f:be:13:aa:9f:4f:7c:e2:08:d7:e9:e0:3b:fc:e9:88:d3:
9f:ad:81:de:7b:47:26:f8:ef:06:61:75:89:83:47:96:d8:9b:
6c:64:60:fd:da:09:18:76:d9:55:05:e5:09:12:2e:bf:ea:08:
fd:7c:65:4f:09:c6:50:94:43:21:ca:77:ed:f1:87:63:8b:bc:
6d:1a:3f:96:d5:7c:e6:12:11:07:90:05:4b:52:78:c1:14:fe:
20:ff:ad:c8:16:34:94:b4:cf:a0:22:7f:5d:b8:6c:12:a1:1f:
09:55:63:b1:3e:ce:47:8e:06:88:e1:10:0a:ea:4b:4c:5f:0f:
16:af:bc:4c:b6:a7:c1:90:9a:90:98:4a:ad:13:e3:43:c1:34:
50:ee:8e:7f:ae:1a:8f:f4:88:5b:01:de:71:3c:1d:c7:80:bd:
5f:9f:8b:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKkEIrNzCdj1Mg6RN3bim9qs1Di8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjQxOTMwMjFaFw0yNTA0MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZDdkZmRjMzExMDAxNGQzNTZkMjRhMmNhOTU3YjY2YmNmZDc3NzdjODdk
ZGM0NDg0MDY1MzE2YmQ4ZGZlNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0x6nhp5Xg8Y5geE+RK9abWEWfLeTaAv82dIZ19YxOO3+F0BJ1/JmWITdy2
S2PGGG5YrUHgAc388bZj5huztP7PGF+jK/XkUZPm4MywUpON4cfzVM2Gnrazesvn
kc0062DOr0GM4y0N37c8Uwm9/YEf9pnYpYRysCW+PLTcS0HvKyH+k81lg0ZnHDQG
0RvfQ7pfWT1Ihs8mEoK9/jngYq0BuV4/IxdJKONJcWljZjU5PD4EQ/InoI5HTazb
bDEv0SilYqhsX51hDPkQzvbb+fka3bOmliPB+0m0EKEpSMa7srJ2dmnarqxyx8yJ
K+7te6fxAHcKW5XysrFxyv06XL0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ0lTcT
bHTX1iobySVGSPBYlbaIODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3OGI3MTQtY2U2Yy00YTlkLWE3MmUtZDMwYTM0NzBmMDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAqEwgxvRVRwjVRLOsd0DO3MvYDhSkjcfS3AyQ
JDFtBJdFbtqwLhxFI0CUNzxqYEyVX4Q4PwiJ9xcD2QQ3I34E3gvIAn9yGYPxJnV5
9owKKC6ZWUV0iFuuelLe80++E6qfT3ziCNfp4Dv86YjTn62B3ntHJvjvBmF1iYNH
ltibbGRg/doJGHbZVQXlCRIuv+oI/XxlTwnGUJRDIcp37fGHY4u8bRo/ltV85hIR
B5AFS1J4wRT+IP+tyBY0lLTPoCJ/XbhsEqEfCVVjsT7OR44GiOEQCupLTF8PFq+8
TLanwZCakJhKrRPjQ8E0UO6Of64aj/SIWwHecTwdx4C9X5+LGA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:56 2025 by rpki-client