Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: 3r2jo7dQBkqzlMvAM/wyHEzc6JQNCngo5mzREwLi+Z0=
Subject key identifier: C7:B7:6D:0C:48:E2:12:A7:C6:6E:79:81:3E:E0:AD:E9:C4:44:55:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3853DBC9A94720F7B69245429DC2ACFBB20CCB69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Wed 05 Mar 2025 16:30:41 +0000
ROA not before: Wed 05 Mar 2025 16:30:41 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:53:db:c9:a9:47:20:f7:b6:92:45:42:9d:c2:ac:fb:b2:0c:cb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:30:41 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ca:51:af:76:b1:7b:74:c3:5b:04:9c:51:72:
50:c1:82:b9:e8:bb:39:e6:73:4a:08:f9:13:51:c6:
e0:c8:d9:6b:c9:55:e0:ea:27:73:7c:a5:13:f7:eb:
99:9f:50:6d:6c:a3:2b:ca:86:09:16:1c:36:24:bd:
ae:f0:35:21:b6:20:8a:af:2d:46:f8:13:48:f6:f7:
67:4e:6c:1f:a3:58:a3:68:57:1b:6b:ef:59:11:26:
e5:3b:f2:46:05:1b:22:13:36:25:4b:27:e2:f2:ab:
82:03:40:9c:1d:2e:f1:46:a0:7e:12:82:a4:5e:65:
5d:e8:ce:8b:7f:62:20:b8:b8:5a:2a:3f:71:89:1a:
6d:c7:45:76:d7:a9:c8:d3:ac:76:c8:fa:99:5f:87:
9d:81:01:3c:c0:80:7a:ab:ca:f3:d1:b0:5e:05:c1:
53:e8:a5:30:2d:49:ee:5e:b9:f8:20:97:af:cd:7a:
96:59:3c:36:34:f1:ea:09:21:e2:d6:8a:2b:51:52:
c5:25:64:29:47:9f:c9:09:ff:cd:de:d9:90:8b:4c:
19:56:ff:c2:7f:58:8c:fd:94:27:79:6a:0e:4e:10:
e1:32:b7:31:16:f0:90:79:6b:31:e0:ee:59:36:c6:
58:de:0b:20:51:a5:d0:01:68:fb:90:bc:7b:e6:1e:
19:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B7:6D:0C:48:E2:12:A7:C6:6E:79:81:3E:E0:AD:E9:C4:44:55:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
bf:06:1b:92:c9:81:2d:e3:6b:8e:f6:4e:a9:a0:e6:f0:ac:89:
fe:9a:7f:97:60:e8:bd:58:14:69:5e:ad:9a:44:e5:7e:0f:31:
9c:72:99:51:3b:6c:01:37:ce:cc:1e:f2:cc:fb:3e:2b:40:b7:
4e:cb:a7:fc:e3:d5:07:3f:0f:b0:fe:93:97:df:16:b4:a0:c4:
3e:80:b2:c8:64:c2:c0:a4:50:87:a5:e6:74:a5:39:f4:79:b6:
ec:44:98:9a:05:66:cb:07:f6:ad:60:4a:89:51:25:45:9a:ce:
10:fe:a6:f7:a9:57:bb:69:84:70:b5:9f:b4:e8:3c:ff:6c:df:
42:64:e3:f9:fe:a2:b0:6a:b8:40:7d:f2:a5:72:1e:4f:c5:94:
73:58:05:e4:35:69:55:58:3a:4a:25:ed:07:63:73:42:26:ae:
21:ba:9a:b6:2a:5e:6a:49:f4:1f:7c:1a:6c:36:b3:53:14:c9:
61:97:a2:f3:a9:39:2c:7c:a7:72:4e:96:15:f2:43:64:1f:3b:
93:25:03:74:41:dc:45:00:68:1c:38:dd:aa:94:c5:cb:a6:93:
9c:2c:66:03:0f:8c:77:c3:99:03:a7:0a:9e:91:77:65:ab:c3:
fc:02:1f:d1:da:d6:fd:d6:a8:9f:5e:28:5d:4e:9e:de:4a:af:
17:5f:94:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOFPbyalHIPe2kkVCncKs+7IMy2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjMwNDFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2NDU5ODdmZjkzMTYwZWQ3ZWI3ZDE5NjdiYWYzNzVkNjUyNjhmNGZkZmJl
YjJkMzMwYTVhOWFkZmVjMDFjYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTKUa92sXt0w1sEnFFyUMGCuei7OeZzSgj5E1HG4MjZa8lV4Oonc3ylE/fr
mZ9QbWyjK8qGCRYcNiS9rvA1IbYgiq8tRvgTSPb3Z05sH6NYo2hXG2vvWREm5Tvy
RgUbIhM2JUsn4vKrggNAnB0u8UagfhKCpF5lXejOi39iILi4Wio/cYkabcdFdtep
yNOsdsj6mV+HnYEBPMCAeqvK89GwXgXBU+ilMC1J7l65+CCXr816llk8NjTx6gkh
4taKK1FSxSVkKUefyQn/zd7ZkItMGVb/wn9YjP2UJ3lqDk4Q4TK3MRbwkHlrMeDu
WTbGWN4LIFGl0AFo+5C8e+YeGXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHt20M
SOISp8ZueYE+4K3pxERV9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQC/BhuSyYEt42uO9k6poObwrIn+mn+XYOi9WBRp
Xq2aROV+DzGccplRO2wBN87MHvLM+z4rQLdOy6f849UHPw+w/pOX3xa0oMQ+gLLI
ZMLApFCHpeZ0pTn0ebbsRJiaBWbLB/atYEqJUSVFms4Q/qb3qVe7aYRwtZ+06Dz/
bN9CZOP5/qKwarhAffKlch5PxZRzWAXkNWlVWDpKJe0HY3NCJq4hupq2Kl5qSfQf
fBpsNrNTFMlhl6LzqTksfKdyTpYV8kNkHzuTJQN0QdxFAGgcON2qlMXLppOcLGYD
D4x3w5kDpwqekXdlq8P8Ah/R2tb91qifXihdTp7eSq8XX5T6
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:09 2025 by rpki-client