Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: YmEywct27zeT4z3RFw9vjryX2ojNe4lmNHMk6SrhCT0=
Subject key identifier: 58:C1:34:AE:8A:EF:3E:89:CE:59:E5:E7:4D:3E:31:70:2E:09:94:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 355980EF966B883C5E92A217A6A3460647000E4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Wed 05 Mar 2025 16:50:08 +0000
ROA not before: Wed 05 Mar 2025 16:50:08 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:59:80:ef:96:6b:88:3c:5e:92:a2:17:a6:a3:46:06:47:00:0e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:50:08 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:7d:4e:04:7f:50:b1:99:29:96:15:db:9f:
7d:8b:05:b8:a8:d5:2e:12:12:0d:17:8d:c6:d6:cc:
89:f3:a3:50:04:17:67:81:29:bc:91:70:41:7d:a5:
1d:46:98:a5:a8:e2:a3:6d:72:af:ac:88:99:2d:72:
ba:60:0f:ef:44:54:9e:a6:7e:bb:46:01:28:67:ef:
aa:fa:96:dd:10:a8:46:20:90:9c:ee:b7:a6:c6:02:
a2:10:48:ab:0c:80:10:05:da:73:ab:49:2b:e3:41:
38:9d:ce:cc:d5:88:e8:9b:aa:57:1d:53:df:62:a0:
1c:77:bc:9b:04:ef:38:b0:2d:8a:a1:0c:5a:81:9f:
02:f1:56:43:d7:86:20:34:81:d4:56:fb:bd:49:99:
ad:7f:b6:69:36:e1:7a:32:7f:f2:5b:0d:c5:2d:f5:
de:6e:fd:19:a8:32:c1:35:35:06:91:10:55:f9:a2:
0f:83:35:58:5d:c7:58:06:d7:af:04:fa:44:e4:a8:
88:60:86:a2:55:7c:d2:5a:46:1e:20:50:cd:f2:64:
27:54:db:49:7f:6b:65:81:83:06:f6:49:4a:48:3e:
b2:1a:f7:74:f7:e3:81:57:be:9c:ee:ff:f1:14:09:
34:50:d9:37:e8:8d:10:47:82:a2:bb:8d:c5:77:a6:
03:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C1:34:AE:8A:EF:3E:89:CE:59:E5:E7:4D:3E:31:70:2E:09:94:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
44:4b:0e:d4:a3:55:0c:fe:fd:4c:92:48:70:59:f6:49:db:8d:
9d:50:51:bf:01:e4:8e:45:9e:da:71:ea:b9:cd:3e:dd:e7:71:
1d:f4:95:3d:87:1e:c8:5d:8e:1f:de:c7:71:b0:b9:35:32:dc:
2d:8d:35:e7:45:96:03:d8:e7:ea:70:79:78:e0:f0:e0:2c:3d:
b6:9e:c5:e1:8d:13:70:99:c8:dd:ba:c5:ce:8c:d8:f5:b7:8e:
ad:78:5e:1a:27:e3:17:68:7c:30:64:46:0e:81:28:c5:4a:92:
3b:92:15:44:ef:e4:45:d2:6b:2e:ad:d5:55:b8:1e:c1:d5:ce:
45:c3:fc:a1:bd:9d:a5:bf:b5:34:89:2f:59:68:c2:8e:94:bc:
1c:47:e5:79:92:af:a2:e7:7c:c2:9c:6d:bd:de:52:e5:f7:2f:
d8:39:29:f8:3f:7e:8b:e5:f9:27:13:a8:d2:75:3e:aa:5d:78:
63:aa:b2:8f:a4:f5:a4:db:8e:88:05:be:3f:6b:9c:fe:7a:c9:
cc:8c:79:b6:40:b5:4e:10:9f:22:d9:17:5d:44:e9:58:58:b6:
56:3b:5d:f4:54:4e:54:19:5b:16:ce:fe:d0:c6:4a:de:8f:ab:
57:09:e4:ad:36:30:b5:36:aa:bd:45:77:06:ce:51:bd:e0:10:
81:01:39:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNVmA75ZriDxekqIXpqNGBkcADk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjUwMDhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmOTRjZTkwYmZkYzQwZDc0ZTJhNzI5MmYyMTE1NzY2OWFjN2FiOTQ5MDE2
ZTU3YTkxMDNiZWJlZWNlZGMzODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1mfU4Ef1CxmSmWFduffYsFuKjVLhISDReNxtbMifOjUAQXZ4EpvJFwQX2l
HUaYpajio21yr6yImS1yumAP70RUnqZ+u0YBKGfvqvqW3RCoRiCQnO63psYCohBI
qwyAEAXac6tJK+NBOJ3OzNWI6JuqVx1T32KgHHe8mwTvOLAtiqEMWoGfAvFWQ9eG
IDSB1Fb7vUmZrX+2aTbhejJ/8lsNxS313m79GagywTU1BpEQVfmiD4M1WF3HWAbX
rwT6ROSoiGCGolV80lpGHiBQzfJkJ1TbSX9rZYGDBvZJSkg+shr3dPfjgVe+nO7/
8RQJNFDZN+iNEEeCoruNxXemA40CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYwTSu
iu8+ic5Z5edNPjFwLgmUNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEAREsO1KNVDP79TJJIcFn2SduNnVBRvwHkjkWe
2nHquc0+3edxHfSVPYceyF2OH97HcbC5NTLcLY0150WWA9jn6nB5eODw4Cw9tp7F
4Y0TcJnI3brFzozY9beOrXheGifjF2h8MGRGDoEoxUqSO5IVRO/kRdJrLq3VVbge
wdXORcP8ob2dpb+1NIkvWWjCjpS8HEfleZKvoud8wpxtvd5S5fcv2Dkp+D9+i+X5
JxOo0nU+ql14Y6qyj6T1pNuOiAW+P2uc/nrJzIx5tkC1ThCfItkXXUTpWFi2Vjtd
9FROVBlbFs7+0MZK3o+rVwnkrTYwtTaqvUV3Bs5RveAQgQE5qQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:34 2025 by rpki-client