Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
File: de6578a7-816f-468a-acf9-83781a3b3769.roa (raw, json)
Hash identifier: PX2gjvv3Ta74I7s4F/oz3U3kk0kP0keIXRcHoqTo4Tc=
Subject key identifier: 45:F9:AB:36:48:07:7A:D0:ED:D9:B3:56:6E:36:0E:09:AA:6E:AE:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01DA99BFEBB0DD84D114E2FE559EBDE2DCC7FF4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
Signing time: Wed 05 Mar 2025 16:40:55 +0000
ROA not before: Wed 05 Mar 2025 16:40:55 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:da:99:bf:eb:b0:dd:84:d1:14:e2:fe:55:9e:bd:e2:dc:c7:ff:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:40:55 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a6:a7:8f:7c:90:34:fd:35:57:a4:e2:cd:16:
25:7d:db:5d:d6:32:10:83:9e:b5:95:be:24:69:bd:
c7:5e:25:f4:e3:86:98:73:9a:31:7e:e2:85:08:c1:
a3:8a:da:4a:9d:70:7d:cf:3f:f8:22:e8:1e:fe:10:
5f:9c:4a:65:bd:11:74:59:62:20:e0:aa:ff:d3:c0:
bc:cd:e6:ce:a8:d2:69:c2:6c:81:39:89:33:fd:c9:
5f:e1:c6:40:36:21:6e:e3:ed:3a:80:77:a7:1d:05:
2a:dd:28:ac:ef:c9:d3:dd:23:20:99:9a:f0:c8:42:
46:b5:06:41:41:5c:3c:b0:6d:6b:8a:ad:05:ce:80:
92:05:15:ce:bf:d2:2d:f3:05:00:cd:35:60:b5:78:
42:91:4f:35:13:13:91:64:a3:dd:b8:05:58:39:13:
76:bc:0d:7e:e2:d4:eb:88:37:eb:c7:5b:cb:7d:ad:
ae:78:94:e8:eb:0b:3b:7e:5b:35:01:a8:65:e5:d1:
ad:6d:8f:77:8b:bd:67:26:6b:9e:b0:26:26:2b:5c:
87:c9:20:ba:0e:94:73:cd:db:3a:ff:12:58:c6:40:
13:7e:d1:21:a8:12:87:a1:2a:48:40:af:eb:da:0d:
15:7d:4c:ec:31:04:70:a3:a2:80:5c:87:68:ab:4b:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F9:AB:36:48:07:7A:D0:ED:D9:B3:56:6E:36:0E:09:AA:6E:AE:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
58:56:bc:c5:f5:45:e6:61:e8:c8:6c:00:b7:dd:12:1a:3a:8b:
1f:7d:6a:f6:0f:4c:83:8e:8c:83:68:68:b2:7c:54:b5:09:75:
79:63:60:06:ea:00:5c:b3:51:0c:3d:a2:47:44:33:51:e5:87:
90:02:dc:ac:4d:b1:24:44:ed:17:af:de:3b:14:98:dc:bf:56:
a1:1e:34:64:41:ba:f5:89:fa:06:64:7d:ef:13:64:72:26:91:
37:25:ef:ae:bf:f4:93:55:e6:7f:76:66:74:3d:8c:19:76:94:
08:a5:22:ac:ea:18:ff:c0:8c:57:3f:f8:8a:e7:f5:db:80:db:
0d:17:76:54:5b:45:d4:98:01:98:83:b9:0f:95:b5:cd:32:e3:
5b:93:cf:5f:04:8f:dd:35:56:9e:08:ed:31:c1:6e:1b:9d:08:
87:92:93:77:fd:59:68:a5:33:49:34:86:fb:4e:8d:39:d0:89:
64:87:be:1e:9f:15:af:44:af:94:b4:7a:54:46:fa:98:35:75:
22:29:5c:45:f3:99:11:d2:42:59:8e:08:33:2c:c8:bb:27:bd:
81:da:df:b0:86:75:43:8a:be:6c:3b:68:4e:e4:8b:8c:c7:ec:
bd:3d:d6:2b:1a:9b:46:5d:3e:96:5b:fc:1c:75:dd:91:26:d5:
c2:e0:eb:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAdqZv+uw3YTRFOL+VZ694tzH/0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjQwNTVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZGQyZTc2ZjBmNjhhZDA4OTBmMDg5YjM5YzdkMTdkMTUzZjg5YTdhODNi
NGRiYjMxNTc5YjcxODU4OGIyMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIimp498kDT9NVek4s0WJX3bXdYyEIOetZW+JGm9x14l9OOGmHOaMX7ihQjB
o4raSp1wfc8/+CLoHv4QX5xKZb0RdFliIOCq/9PAvM3mzqjSacJsgTmJM/3JX+HG
QDYhbuPtOoB3px0FKt0orO/J090jIJma8MhCRrUGQUFcPLBta4qtBc6AkgUVzr/S
LfMFAM01YLV4QpFPNRMTkWSj3bgFWDkTdrwNfuLU64g368dby32trniU6OsLO35b
NQGoZeXRrW2Pd4u9ZyZrnrAmJitch8kgug6Uc83bOv8SWMZAE37RIagSh6EqSECv
69oNFX1M7DEEcKOigFyHaKtLt6UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRF+as2
SAd60O3Zs1ZuNg4Jqm6uwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGU2NTc4YTctODE2Zi00NjhhLWFjZjktODM3ODFhM2IzNzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBYVrzF9UXmYejIbAC33RIaOosffWr2D0yDjoyD
aGiyfFS1CXV5Y2AG6gBcs1EMPaJHRDNR5YeQAtysTbEkRO0Xr947FJjcv1ahHjRk
Qbr1ifoGZH3vE2RyJpE3Je+uv/STVeZ/dmZ0PYwZdpQIpSKs6hj/wIxXP/iK5/Xb
gNsNF3ZUW0XUmAGYg7kPlbXNMuNbk89fBI/dNVaeCO0xwW4bnQiHkpN3/VlopTNJ
NIb7To050Ilkh74enxWvRK+UtHpURvqYNXUiKVxF85kR0kJZjggzLMi7J72B2t+w
hnVDir5sO2hO5IuMx+y9PdYrGptGXT6WW/wcdd2RJtXC4Oug
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:04 2025 by rpki-client