Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: dAl/cZPVpetmQYOCSEdKc1C5puICdtzcIaWS9hCTf0w=
Subject key identifier: 1A:18:C2:E5:01:A4:EA:ED:DE:44:C7:46:FB:65:E0:B5:A5:59:26:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46616BAC6F739AB8CD4D42DFAF96DAEE51610C27
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Wed 05 Mar 2025 17:50:18 +0000
ROA not before: Wed 05 Mar 2025 17:50:18 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:61:6b:ac:6f:73:9a:b8:cd:4d:42:df:af:96:da:ee:51:61:0c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:50:18 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4d:cd:e3:9c:14:d8:36:36:d0:5c:81:e5:38:
48:da:fa:8b:63:e2:85:70:a2:e7:44:61:5d:84:1f:
0e:34:4f:05:ad:48:4e:d7:f3:f5:a0:34:b1:08:88:
37:d3:e1:cd:c0:9c:8d:50:43:b3:ff:b4:82:fb:7e:
59:9d:1a:1b:73:40:00:01:16:3c:a2:c4:a3:d1:da:
eb:41:b8:3a:70:f8:0c:42:04:26:94:b3:99:50:9d:
12:22:ef:51:78:ec:6e:08:91:27:34:03:1a:52:be:
8a:39:23:92:ad:4b:ea:bc:6f:de:24:61:9c:b8:6d:
0e:4c:04:b0:3c:7a:9d:ac:74:3c:39:15:37:70:a6:
80:54:ea:91:a6:d3:c6:49:1f:91:a4:06:53:3c:00:
4e:38:55:70:9e:6f:5f:f3:99:b3:cc:f8:aa:56:e1:
1a:e2:40:40:77:26:74:41:d2:61:13:6c:8a:10:7c:
0c:a8:83:0f:03:1d:97:56:bc:3b:07:9b:61:4f:73:
31:88:7a:3f:27:c1:31:21:57:d9:5d:e1:5b:95:6e:
43:e7:74:ff:a3:a6:6c:2d:c7:1b:33:12:ba:76:20:
b4:9a:85:d3:e9:bf:c5:09:ae:1f:16:ad:d7:7e:72:
b7:c0:ef:2d:38:7c:04:06:2b:23:37:50:43:4c:61:
be:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:18:C2:E5:01:A4:EA:ED:DE:44:C7:46:FB:65:E0:B5:A5:59:26:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
b5:f4:d6:4a:17:7c:68:49:39:ba:42:08:20:66:68:66:24:0b:
0b:f7:a0:78:7f:2e:53:e4:20:09:5c:a3:b2:6a:59:d2:ca:29:
f4:f8:19:6c:40:19:3c:f7:7c:66:01:c5:80:f2:b3:ea:bd:a8:
0e:8e:08:ac:6c:f4:cc:fc:45:45:20:ac:99:1b:65:fd:68:56:
58:ce:3b:d2:83:c9:ad:47:74:e3:39:f8:12:06:ac:aa:90:c3:
24:36:f4:f5:b4:d4:bf:6c:2e:30:1f:c0:45:0d:19:26:e3:bf:
ff:72:c5:fc:1b:a0:86:b9:4a:c7:90:99:32:77:71:8f:c8:60:
0f:bf:de:71:a8:67:eb:8e:34:f6:03:1b:8c:5d:24:b8:ed:f8:
32:13:bc:6b:48:44:19:dd:f1:8e:f1:97:57:b1:43:ee:24:af:
0a:65:17:b8:50:cb:52:9c:ca:01:ae:44:bc:74:d9:23:54:2c:
c6:26:23:6a:5e:11:74:c8:7f:31:83:1e:59:9d:db:af:c7:a8:
e9:46:d1:1d:ab:34:67:b7:1a:df:66:02:bc:46:e1:36:b5:e9:
52:f3:09:90:33:80:de:e0:e3:c8:e7:17:94:84:5b:84:6e:52:
55:15:25:bf:ad:c0:db:e6:1d:8b:c7:1c:d6:27:0a:c9:62:9c:
49:8e:c5:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURmFrrG9zmrjNTULfr5ba7lFhDCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzUwMThaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjZDRkOWUxYjg4NWNhMTAwYWIxOGU5Y2U3NTEzYzY5YjEzODJjNTBiYzRi
MGZlMmI3NjUwNmQyMTI1NDA1ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5NzeOcFNg2NtBcgeU4SNr6i2PihXCi50RhXYQfDjRPBa1ITtfz9aA0sQiI
N9PhzcCcjVBDs/+0gvt+WZ0aG3NAAAEWPKLEo9Ha60G4OnD4DEIEJpSzmVCdEiLv
UXjsbgiRJzQDGlK+ijkjkq1L6rxv3iRhnLhtDkwEsDx6nax0PDkVN3CmgFTqkabT
xkkfkaQGUzwATjhVcJ5vX/OZs8z4qlbhGuJAQHcmdEHSYRNsihB8DKiDDwMdl1a8
OwebYU9zMYh6PyfBMSFX2V3hW5VuQ+d0/6OmbC3HGzMSunYgtJqF0+m/xQmuHxat
135yt8DvLTh8BAYrIzdQQ0xhvpMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaGMLl
AaTq7d5Ex0b7ZeC1pVkmHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQC19NZKF3xoSTm6QgggZmhmJAsL96B4fy5T5CAJ
XKOyalnSyin0+BlsQBk893xmAcWA8rPqvagOjgisbPTM/EVFIKyZG2X9aFZYzjvS
g8mtR3TjOfgSBqyqkMMkNvT1tNS/bC4wH8BFDRkm47//csX8G6CGuUrHkJkyd3GP
yGAPv95xqGfrjjT2AxuMXSS47fgyE7xrSEQZ3fGO8ZdXsUPuJK8KZRe4UMtSnMoB
rkS8dNkjVCzGJiNqXhF0yH8xgx5Znduvx6jpRtEdqzRntxrfZgK8RuE2telS8wmQ
M4De4OPI5xeUhFuEblJVFSW/rcDb5h2LxxzWJwrJYpxJjsVO
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:40:59 2025 by rpki-client