Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: 7DtXJA8jh7wv2uzgcVRZKn/fW61vWoLScD1A/ksJYdM=
Subject key identifier: A1:C4:CC:C5:C9:39:F7:00:1A:2A:AD:1D:A3:94:77:6B:46:93:48:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30C49803E3547F0647AC45F0A9A02EF04507D06C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Wed 05 Mar 2025 17:31:46 +0000
ROA not before: Wed 05 Mar 2025 17:31:46 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:c4:98:03:e3:54:7f:06:47:ac:45:f0:a9:a0:2e:f0:45:07:d0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:31:46 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a3:a5:0c:49:a6:39:22:b2:a0:4c:66:26:19:
58:1a:7a:62:4d:27:29:c1:5f:a7:d7:af:4a:c8:c0:
92:47:ac:ee:7e:53:3e:64:cb:ea:f2:ad:61:c5:05:
3f:05:c1:07:ed:b0:df:ef:07:f3:15:1f:32:26:30:
18:10:82:e5:0a:02:98:93:06:d4:b2:d7:22:8f:02:
d8:72:e1:d4:05:47:5e:a4:fd:1b:7b:92:e1:ab:84:
62:35:5f:dc:b6:3c:19:a7:d4:1d:02:5f:3e:4d:f0:
5a:bb:bf:e9:bf:25:98:b3:1e:1a:02:d2:7b:5b:10:
b3:16:cf:41:9c:cb:2e:74:1d:f9:d2:f4:a2:3c:ab:
7d:90:b2:3a:0e:f0:e8:41:df:4d:f0:53:3c:8a:76:
db:37:0c:b1:a4:70:db:f9:cc:06:d4:a5:e9:f9:ba:
b5:c8:de:af:d0:1d:94:cc:70:e9:7d:07:50:aa:9c:
b5:12:ce:40:c3:be:af:1f:34:d1:d1:15:53:bb:c8:
fc:ed:10:0f:1c:22:60:0a:5e:44:42:cf:df:5a:2b:
0c:0d:a2:10:50:d6:1e:54:2d:29:51:79:75:b1:1f:
76:66:39:ba:da:46:cf:5d:7a:ff:86:1e:31:e9:f2:
27:e2:14:a8:b6:0f:be:5d:ce:40:f9:1e:df:cc:51:
16:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C4:CC:C5:C9:39:F7:00:1A:2A:AD:1D:A3:94:77:6B:46:93:48:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
b7:3d:3a:8f:47:da:bb:d0:47:e1:05:7c:ca:aa:ff:12:8d:0d:
f9:2c:0e:68:28:ee:5a:43:df:ca:f7:af:fd:0c:d6:03:c8:28:
97:1d:78:12:17:fa:4d:af:20:73:68:4a:69:10:24:95:44:4b:
cb:4d:4a:b6:4e:b9:ed:cb:4c:d4:48:d4:2f:d3:45:55:cc:bf:
ff:6b:82:93:9d:1d:85:16:db:2b:ca:bb:c2:b0:6b:2d:d8:53:
94:5b:07:7b:eb:43:77:b8:f2:d1:7d:da:bc:4c:f0:3d:d6:bd:
a6:c4:fe:af:af:b1:07:f2:0d:ee:c7:56:76:3c:ef:15:1e:29:
77:b3:01:fa:06:5b:fa:44:db:4a:a4:80:6a:69:9a:64:35:b2:
62:f9:a3:01:c4:0e:d6:49:9d:f1:c6:c8:b2:36:b2:61:eb:23:
a5:cb:bf:df:8c:ee:f5:bb:cc:80:e2:c9:5c:b8:6b:78:76:e8:
97:71:0f:5c:1d:57:c4:f8:fc:88:1a:dd:3d:3b:94:81:fb:7e:
81:29:e9:e1:22:ec:62:c8:f1:9c:b9:78:22:63:dd:a8:c6:8c:
5c:90:e3:73:c1:34:51:ef:fb:a6:e0:fe:69:8a:40:30:ed:63:
80:2e:69:f5:2e:a3:43:f8:04:ff:38:db:c1:b5:00:1a:fd:b5:
22:2d:7e:3d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUMMSYA+NUfwZHrEXwqaAu8EUH0GwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzMxNDZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZjY0ZTAyYWY1NzhjNDg4YzI2NmI5ODFjYzRkODU1YmFjOTM3ODUwMWYy
Njg2OGZkYjEyYmIzNjg3YjRiMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALijpQxJpjkisqBMZiYZWBp6Yk0nKcFfp9evSsjAkkes7n5TPmTL6vKtYcUF
PwXBB+2w3+8H8xUfMiYwGBCC5QoCmJMG1LLXIo8C2HLh1AVHXqT9G3uS4auEYjVf
3LY8GafUHQJfPk3wWru/6b8lmLMeGgLSe1sQsxbPQZzLLnQd+dL0ojyrfZCyOg7w
6EHfTfBTPIp22zcMsaRw2/nMBtSl6fm6tcjer9AdlMxw6X0HUKqctRLOQMO+rx80
0dEVU7vI/O0QDxwiYApeRELP31orDA2iEFDWHlQtKVF5dbEfdmY5utpGz116/4Ye
MenyJ+IUqLYPvl3OQPke38xRFvMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBShxMzF
yTn3ABoqrR2jlHdrRpNIJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBALc9Oo9H2rvQR+EFfMqq/xKNDfksDmgo7lpD38r3
r/0M1gPIKJcdeBIX+k2vIHNoSmkQJJVES8tNSrZOue3LTNRI1C/TRVXMv/9rgpOd
HYUW2yvKu8Kway3YU5RbB3vrQ3e48tF92rxM8D3WvabE/q+vsQfyDe7HVnY87xUe
KXezAfoGW/pE20qkgGppmmQ1smL5owHEDtZJnfHGyLI2smHrI6XLv9+M7vW7zIDi
yVy4a3h26JdxD1wdV8T4/Iga3T07lIH7foEp6eEi7GLI8Zy5eCJj3ajGjFyQ43PB
NFHv+6bg/mmKQDDtY4AuafUuo0P4BP8428G1ABr9tSItfj0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:26 2025 by rpki-client