Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa
File: d7bd85bf-2af2-46a0-91d6-f945e7063231.roa (raw, json)
Hash identifier: rjLZJTpqoqqEwjCeuSsf+AibBW0z0IKYeRZwDWq3Dgo=
Subject key identifier: 74:2A:2F:2F:42:C8:C5:04:09:CE:56:91:29:6C:B5:3C:30:E3:AA:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4568D8E01775BAB5C3A4BE0594FDB0667E0C5AF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa
Signing time: Wed 05 Mar 2025 16:40:07 +0000
ROA not before: Wed 05 Mar 2025 16:40:07 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:68:d8:e0:17:75:ba:b5:c3:a4:be:05:94:fd:b0:66:7e:0c:5a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:40:07 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:11:92:54:12:f8:27:fd:b8:c9:48:b6:91:40:
bb:10:c2:90:04:5e:01:12:8c:10:80:92:39:17:21:
50:28:86:7f:80:99:2f:bf:57:49:7c:21:cd:16:c5:
24:0c:13:5c:4f:12:f7:ac:a0:2f:59:a7:e1:d2:7c:
6f:60:d6:d8:51:cc:9d:38:c1:64:51:2c:b8:9c:c7:
62:0f:8f:1c:93:91:e5:1e:03:57:f3:92:3c:5c:ac:
a5:24:b2:83:46:05:03:b5:0c:14:9e:1b:46:f4:f5:
09:67:51:ac:ef:af:16:81:01:c2:32:56:0b:97:c0:
3e:2d:2d:1c:22:86:fa:46:ae:d7:cd:fe:e5:57:53:
84:21:a4:96:1b:d5:e9:18:44:d7:0b:b7:e8:9a:08:
f6:73:9d:3e:54:fb:ea:a8:25:e8:ff:d7:ce:c2:de:
0e:bd:03:b2:c7:60:0f:6c:55:22:27:a8:e6:4d:ce:
8c:c3:81:a3:49:8b:98:3c:19:5c:31:a4:fb:19:47:
f3:4f:b4:93:70:3a:0d:2f:37:0d:73:da:28:6c:19:
ea:59:d7:e2:1b:1e:88:fd:67:2c:73:26:8e:54:bf:
bb:42:de:f1:aa:29:7d:af:da:d8:26:aa:c9:ec:04:
da:85:ea:ab:7c:46:0d:96:8d:19:6b:f6:db:f0:8c:
c1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2A:2F:2F:42:C8:C5:04:09:CE:56:91:29:6C:B5:3C:30:E3:AA:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c080::/48
Signature Algorithm: sha256WithRSAEncryption
7f:60:0a:8c:26:83:6f:b1:92:30:f9:a4:d6:c5:31:db:fe:e5:
28:05:19:2c:86:38:e3:ec:5b:ae:65:5c:21:08:69:f8:58:ee:
31:d5:82:d7:79:86:82:be:91:cc:c4:f4:0f:d3:18:4a:8c:1e:
0f:88:69:cf:1e:96:b6:8e:f0:f6:88:c4:c9:88:5a:81:63:51:
fe:00:e4:23:69:ba:f9:e2:16:4e:4b:99:b5:9e:65:f2:0f:e1:
64:7c:91:29:8e:df:3b:69:74:16:de:2e:bc:62:43:be:bc:6d:
32:a2:59:a9:44:bf:d4:f8:5a:fc:a1:65:a0:82:15:de:24:d2:
36:50:4a:a8:28:7a:3d:b6:fd:f9:37:0e:fe:db:dd:e6:a4:c5:
21:6b:0f:90:b9:25:78:e0:9f:f1:46:7f:88:94:f5:35:9c:5c:
54:a9:9c:11:95:3d:ba:39:f5:21:3b:61:5d:03:eb:bf:a2:35:
4c:a9:27:df:e9:14:98:6e:ee:1a:50:86:9e:6d:01:ce:e0:b0:
8a:97:af:b3:e4:4d:0e:47:f3:1e:a8:93:c1:de:c8:c0:18:a5:
c1:ab:fd:ba:9c:e9:eb:96:f4:45:66:24:4f:8a:ff:48:d2:fc:
12:6e:66:34:e5:09:5f:69:95:8a:72:98:50:2b:20:21:fb:98:
3c:c4:f5:2d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURWjY4Bd1urXDpL4FlP2wZn4MWvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjQwMDdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlZjA5OGViZGU2ZDNkMjM3ZDExMTEwNDIyN2Y4OWI4Y2RmOThlMTBjMDMy
NzQ5YjY3MjU0ZWNkOTU2ZTJkY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYRklQS+Cf9uMlItpFAuxDCkAReARKMEICSORchUCiGf4CZL79XSXwhzRbF
JAwTXE8S96ygL1mn4dJ8b2DW2FHMnTjBZFEsuJzHYg+PHJOR5R4DV/OSPFyspSSy
g0YFA7UMFJ4bRvT1CWdRrO+vFoEBwjJWC5fAPi0tHCKG+kau183+5VdThCGklhvV
6RhE1wu36JoI9nOdPlT76qgl6P/XzsLeDr0DssdgD2xVIieo5k3OjMOBo0mLmDwZ
XDGk+xlH80+0k3A6DS83DXPaKGwZ6lnX4hseiP1nLHMmjlS/u0Le8aopfa/a2Caq
yewE2oXqq3xGDZaNGWv22/CMwfUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0Ki8v
QsjFBAnOVpEpbLU8MOOqcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiZDg1YmYtMmFmMi00NmEwLTkxZDYtZjk0NWU3MDYzMjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
gDANBgkqhkiG9w0BAQsFAAOCAQEAf2AKjCaDb7GSMPmk1sUx2/7lKAUZLIY44+xb
rmVcIQhp+FjuMdWC13mGgr6RzMT0D9MYSoweD4hpzx6Wto7w9ojEyYhagWNR/gDk
I2m6+eIWTkuZtZ5l8g/hZHyRKY7fO2l0Ft4uvGJDvrxtMqJZqUS/1Pha/KFloIIV
3iTSNlBKqCh6Pbb9+TcO/tvd5qTFIWsPkLkleOCf8UZ/iJT1NZxcVKmcEZU9ujn1
ITthXQPrv6I1TKkn3+kUmG7uGlCGnm0BzuCwipevs+RNDkfzHqiTwd7IwBilwav9
upzp65b0RWYkT4r/SNL8Em5mNOUJX2mVinKYUCsgIfuYPMT1LQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:11 2025 by rpki-client