Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
File: e584cad3-b485-48b5-a920-636e55268d8b.roa (raw, json)
Hash identifier: tCi87xDQjh2AOT5izbOpuOlt/foqx2+LFJpP946QB98=
Subject key identifier: 2A:BD:C5:E7:74:BC:FE:23:2F:2B:FF:56:24:32:67:29:47:2F:BA:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CB84CDDED887E51B6297C4FEA4C0F58DA2FB8DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
Signing time: Wed 05 Mar 2025 16:30:13 +0000
ROA not before: Wed 05 Mar 2025 16:30:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:20c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:b8:4c:dd:ed:88:7e:51:b6:29:7c:4f:ea:4c:0f:58:da:2f:b8:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:30:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:20:be:57:af:95:7c:9a:64:a0:32:63:1b:fc:
60:d2:4b:1e:15:dc:5a:54:93:55:36:b9:b6:5c:b5:
81:71:dc:53:95:bd:86:ab:59:b9:5b:ed:27:1a:d9:
df:4e:00:b2:a5:e4:01:8e:b0:34:60:f0:35:5b:f2:
b9:2a:c0:31:1e:3a:9a:2b:76:65:ee:8b:20:9e:19:
72:5a:36:37:89:2b:f4:31:be:98:c3:76:82:1d:d9:
45:f8:56:13:16:b3:6d:73:19:6e:0e:6f:28:5a:f2:
79:2b:ce:3a:4f:e4:c9:de:b9:e8:dd:2f:70:db:29:
d0:42:91:05:53:fa:cb:15:3d:87:37:12:b5:bb:08:
08:d7:20:ea:23:cf:1a:4d:02:09:e8:e6:89:d2:d1:
9f:67:b5:d6:85:22:46:f9:5c:de:74:80:36:65:3f:
2c:01:16:e2:6f:0f:92:2a:79:b1:2f:d7:86:87:f6:
20:32:29:c0:1c:76:3e:ef:27:a5:fb:0b:f5:a6:55:
ae:dd:16:ad:b1:57:53:65:1b:df:ee:e5:fd:54:50:
78:ea:a8:08:6e:d6:85:0c:2d:c3:18:a5:5c:cc:f5:
0c:7c:01:fb:1f:31:4e:bb:d8:43:09:3f:34:14:e4:
11:c2:d9:4c:a7:00:b9:78:16:67:3d:d2:13:49:08:
e0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:C5:E7:74:BC:FE:23:2F:2B:FF:56:24:32:67:29:47:2F:BA:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
34:d0:1c:84:51:8e:e1:0a:b4:e7:8a:dd:b2:92:62:45:ed:6d:
74:5b:f6:e3:e0:1f:a9:ac:6d:24:b4:07:95:0d:80:43:44:97:
8f:6a:12:38:e0:82:76:5d:c1:c8:60:8f:e4:8b:f0:d1:83:7b:
f7:d4:94:a5:2a:81:1a:48:2f:a4:11:eb:c1:38:55:ea:b5:0f:
9d:a2:4d:92:da:a1:0a:8a:e8:ad:84:29:3d:f8:1b:52:2e:f3:
16:f7:65:f3:47:21:d8:3b:14:08:7f:68:89:e1:2b:8f:3d:18:
be:c2:66:20:66:28:93:65:88:e3:47:05:bc:4a:dd:96:f9:74:
e4:ae:7b:f1:51:bc:e7:b0:96:35:d8:95:98:33:93:3c:c4:a9:
eb:e7:15:24:0f:59:76:8c:0d:4c:96:a5:7c:d4:74:7c:ce:46:
a1:cc:5a:52:57:18:b9:34:5f:3a:09:07:78:c6:33:ad:d6:b2:
ac:f7:86:82:d5:c0:a5:7a:22:bb:c1:6a:2d:39:2e:28:ca:ee:
9a:8d:31:cd:11:5f:90:53:88:2b:0d:4d:8e:67:7c:cf:cb:c0:
70:ba:de:aa:ef:5c:88:89:77:79:d4:92:0d:a3:08:07:2d:86:
0c:15:d8:14:a3:a7:c7:02:ea:20:4f:07:e8:26:51:e2:d5:df:
e3:84:0b:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfLhM3e2IflG2KXxP6kwPWNovuN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjMwMTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkOWMzNDkzZGI3MTAwNDZhZjNkYmM1NDg2NzZmZmJiZTUzNDY5NTgyZTEx
YTAxMGY4NDRhYWQ5MGU2ZDNjMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsgvlevlXyaZKAyYxv8YNJLHhXcWlSTVTa5tly1gXHcU5W9hqtZuVvtJxrZ
304AsqXkAY6wNGDwNVvyuSrAMR46mit2Ze6LIJ4Zclo2N4kr9DG+mMN2gh3ZRfhW
ExazbXMZbg5vKFryeSvOOk/kyd656N0vcNsp0EKRBVP6yxU9hzcStbsICNcg6iPP
Gk0CCejmidLRn2e11oUiRvlc3nSANmU/LAEW4m8Pkip5sS/Xhof2IDIpwBx2Pu8n
pfsL9aZVrt0WrbFXU2Ub3+7l/VRQeOqoCG7WhQwtwxilXMz1DHwB+x8xTrvYQwk/
NBTkEcLZTKcAuXgWZz3SE0kI4PsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQqvcXn
dLz+Iy8r/1YkMmcpRy+6HjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU4NGNhZDMtYjQ4NS00OGI1LWE5MjAtNjM2ZTU1MjY4ZDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
wDANBgkqhkiG9w0BAQsFAAOCAQEANNAchFGO4Qq054rdspJiRe1tdFv24+Afqaxt
JLQHlQ2AQ0SXj2oSOOCCdl3ByGCP5Ivw0YN799SUpSqBGkgvpBHrwThV6rUPnaJN
ktqhCororYQpPfgbUi7zFvdl80ch2DsUCH9oieErjz0YvsJmIGYok2WI40cFvErd
lvl05K578VG857CWNdiVmDOTPMSp6+cVJA9ZdowNTJalfNR0fM5GocxaUlcYuTRf
OgkHeMYzrdayrPeGgtXApXoiu8FqLTkuKMrumo0xzRFfkFOIKw1Njmd8z8vAcLre
qu9ciIl3edSSDaMIBy2GDBXYFKOnxwLqIE8H6CZR4tXf44QLuA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:26 2025 by rpki-client