Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: 6cPurFYfetx5zMyeGmpEJOk6BWkFfVXN0tbUJpxMbdg=
Subject key identifier: B9:97:0F:AE:93:8A:8A:30:16:EE:E6:5D:0A:05:6D:EE:0F:DC:A7:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07FE091BE63AD05260EE76B174D14CF8214CC8A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Mon 24 Mar 2025 19:30:27 +0000
ROA not before: Mon 24 Mar 2025 19:30:27 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fe:09:1b:e6:3a:d0:52:60:ee:76:b1:74:d1:4c:f8:21:4c:c8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 24 19:30:27 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:f0:82:89:24:3a:01:64:aa:16:69:4b:3c:
7a:fa:ca:9b:3c:46:73:62:44:78:91:7b:ab:dc:58:
bc:c6:90:6d:5b:8a:4d:a4:bb:92:00:75:f4:30:3b:
c4:11:59:7d:f3:f6:0b:e3:9b:77:15:19:cd:f1:a9:
91:50:7c:45:9f:0f:7b:a9:0d:ba:4b:ae:7b:a6:39:
37:52:44:f5:2c:f3:1e:61:97:b3:e0:f4:28:4a:ea:
71:7e:7d:8f:7c:f2:2c:ac:f0:22:e2:08:45:fc:e7:
63:76:b2:65:7b:5b:30:9d:24:15:df:f6:0c:40:17:
12:a3:84:92:8e:7a:fe:60:b4:bc:80:ce:e2:41:0f:
91:fd:6c:5f:45:e0:eb:9d:3e:29:8e:f8:96:e8:c2:
c2:0e:90:e2:99:21:b0:42:8e:ef:08:20:f7:38:7b:
f6:9f:74:53:83:6f:40:9b:10:64:ba:af:a0:69:cb:
d8:c2:16:34:bd:97:5c:7c:6a:38:25:07:51:16:df:
e4:4b:97:f1:c7:b7:ca:d6:6c:d0:b8:d0:6d:da:40:
26:52:49:6b:e7:aa:ac:03:04:70:e1:b8:cf:f6:01:
67:e7:5d:0f:20:d6:35:a2:1a:2c:fd:ec:a7:60:a4:
f8:06:79:10:91:1d:09:42:89:93:45:e4:23:42:51:
19:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:97:0F:AE:93:8A:8A:30:16:EE:E6:5D:0A:05:6D:EE:0F:DC:A7:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
97:22:be:f2:95:5a:97:f4:e6:89:4e:1d:23:ba:e3:4f:72:0a:
a0:43:85:3a:c9:37:2a:d4:fd:6d:d6:49:7e:36:08:c8:18:cb:
6d:27:eb:11:9f:f3:f3:a2:e3:76:23:2a:51:77:a6:e1:bf:a2:
b2:dc:3f:ca:85:4d:96:7b:8c:93:c9:f7:7c:d2:2d:00:f6:f1:
95:f8:03:f9:3b:f0:1d:ea:3d:85:31:be:df:89:e8:e5:70:18:
3b:f1:53:9b:6a:c3:3d:cd:d3:43:a4:73:1f:47:d4:a3:15:3e:
5b:23:97:4b:3e:b4:ba:ac:11:4f:2b:d0:8d:77:03:f7:49:7b:
25:10:ed:77:3b:50:34:bc:7b:f7:42:a3:47:a9:ab:3d:bc:5d:
99:c2:6c:4d:1d:86:7a:b5:35:f1:a8:94:d3:6a:ea:ef:74:aa:
b5:11:0a:65:6a:09:be:c7:24:da:64:73:8e:cf:12:b4:bf:ef:
6b:0c:9b:51:b1:5b:88:6a:69:3c:d5:33:77:79:60:84:cd:09:
0a:8c:b1:22:9f:32:2a:7d:28:73:e7:7e:82:8c:bc:f7:85:59:
74:6a:96:29:f6:be:f6:4a:d8:e4:85:b8:2d:85:8c:d4:d8:2e:
49:62:0c:43:38:74:97:a7:18:b8:1f:14:a2:ca:50:5e:25:58:
da:77:ce:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB/4JG+Y60FJg7naxdNFM+CFMyKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjQxOTMwMjdaFw0yNTA0MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NDE0OWE2M2QzNzQ1MzVjOGJlM2UwM2ZhYzc4OWI1OTBkMGQ4NjNhYjBi
NzMwNzIxNTgxZThkOGU4N2ExNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXF8IKJJDoBZKoWaUs8evrKmzxGc2JEeJF7q9xYvMaQbVuKTaS7kgB19DA7
xBFZffP2C+ObdxUZzfGpkVB8RZ8Pe6kNukuue6Y5N1JE9SzzHmGXs+D0KErqcX59
j3zyLKzwIuIIRfznY3ayZXtbMJ0kFd/2DEAXEqOEko56/mC0vIDO4kEPkf1sX0Xg
650+KY74lujCwg6Q4pkhsEKO7wgg9zh79p90U4NvQJsQZLqvoGnL2MIWNL2XXHxq
OCUHURbf5EuX8ce3ytZs0LjQbdpAJlJJa+eqrAMEcOG4z/YBZ+ddDyDWNaIaLP3s
p2Ck+AZ5EJEdCUKJk0XkI0JRGWECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5lw+u
k4qKMBbu5l0KBW3uD9ynUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXIr7ylVqX9OaJTh0juuNPcgqgQ4U6yTcq1P1t
1kl+NgjIGMttJ+sRn/PzouN2IypRd6bhv6Ky3D/KhU2We4yTyfd80i0A9vGV+AP5
O/Ad6j2FMb7fiejlcBg78VObasM9zdNDpHMfR9SjFT5bI5dLPrS6rBFPK9CNdwP3
SXslEO13O1A0vHv3QqNHqas9vF2ZwmxNHYZ6tTXxqJTTaurvdKq1EQplagm+xyTa
ZHOOzxK0v+9rDJtRsVuIamk81TN3eWCEzQkKjLEinzIqfShz536CjLz3hVl0apYp
9r72StjkhbgthYzU2C5JYgxDOHSXpxi4HxSiylBeJVjad87u
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:18:17 2025 by rpki-client