Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: hn9ZbvG1mvmbMquw8C7zgYKA0Cq5lM2jSg7IUWIt3tQ=
Subject key identifier: 06:7F:E5:3B:04:D7:C2:15:BD:AD:F2:F6:1F:E3:0C:C3:D4:51:9B:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D02CC6EFBD30C1C2B0D98E080161D72ABF24440
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Wed 05 Mar 2025 17:31:52 +0000
ROA not before: Wed 05 Mar 2025 17:31:52 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:02:cc:6e:fb:d3:0c:1c:2b:0d:98:e0:80:16:1d:72:ab:f2:44:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:31:52 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1f:5d:ce:9a:b5:a8:a4:a7:7a:23:ad:d9:c4:
50:e4:ec:6f:7f:44:07:f5:38:ff:7a:c2:b8:a9:4d:
ad:71:d6:9c:e2:85:bf:22:72:e8:e4:e0:10:f8:7b:
13:26:21:80:4c:cf:c9:1c:1d:14:77:1c:46:a3:54:
86:00:17:4a:33:84:aa:48:dc:da:b3:3f:8c:61:d0:
df:71:d2:45:f7:82:d9:8b:50:3b:12:b2:b5:4c:20:
29:99:92:e1:43:f8:d5:99:53:66:f7:66:d8:47:e2:
ac:65:5b:e4:b1:93:bd:61:49:2c:7e:09:5b:1b:df:
8a:89:75:63:b1:61:3e:21:1d:3a:27:e0:14:0e:24:
b0:3f:ec:c0:22:8d:f0:d6:9a:3e:9d:6e:b2:e0:58:
19:39:08:21:07:89:09:ac:20:75:16:f1:0b:48:74:
6d:6b:3b:a4:ff:04:11:4b:27:7e:13:df:03:6a:37:
b5:42:82:3c:13:db:e7:8f:f8:91:7d:eb:03:22:b2:
71:b6:28:ed:ad:f8:d4:49:31:ad:59:57:7b:94:2e:
43:eb:18:51:dc:c5:c5:3f:23:27:10:d1:8c:15:90:
17:46:e3:03:b8:4c:cf:ee:a0:d5:42:de:a9:09:3a:
31:7d:f5:96:03:cf:6f:ab:8a:9c:95:2a:3a:dc:34:
64:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7F:E5:3B:04:D7:C2:15:BD:AD:F2:F6:1F:E3:0C:C3:D4:51:9B:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:42:af:8b:4b:93:ec:8d:c9:1b:ad:96:b5:8b:40:0b:7a:97:
2c:17:f4:24:f7:2c:3d:08:eb:0a:bd:ae:1d:63:f0:4b:7f:96:
27:b5:ce:da:bc:e7:f6:d1:46:a3:c6:09:cb:b4:96:f4:9b:7c:
c2:66:f1:3e:ce:3a:1d:71:58:c1:d5:ef:1c:d9:86:38:9a:35:
9c:4e:fe:ec:56:c5:01:90:81:b0:a8:50:0b:24:13:5c:25:23:
7b:63:bf:6a:2f:b1:fa:bb:02:56:7f:f5:68:fc:16:5b:8a:c0:
4e:03:3b:0c:e8:5c:29:82:84:74:fa:6c:a3:8a:5d:3d:3a:92:
1c:3c:99:fe:0c:f4:f9:88:aa:a0:74:3b:22:96:d9:19:d4:43:
c3:a2:63:18:81:8d:38:9a:f3:3f:f9:5f:b1:cb:f3:c5:a7:88:
58:39:87:f0:98:8a:51:98:70:fb:d8:fa:29:15:25:1e:4d:42:
6a:b0:c0:b4:09:c2:4d:6a:b1:86:8c:6d:71:67:3b:8e:2e:27:
ae:48:53:a2:c5:c7:66:ee:c4:f1:f3:6d:33:43:e3:1c:39:ad:
cd:8f:aa:82:a4:33:76:d5:fd:48:bf:c7:55:06:ba:5d:7d:82:
51:41:a9:d0:0f:08:bf:8c:7b:32:ef:6d:89:6a:18:06:5d:28:
ab:ea:81:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXQLMbvvTDBwrDZjggBYdcqvyREAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzMxNTJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZDkxZGY2OGRjZDU0MjYwY2FhZTYyODQwY2E0OWUwNmQ4OGMwMGVlYmI3
N2ZkNjhiYmM2OWUzNzNmNzNkOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0fXc6ataikp3ojrdnEUOTsb39EB/U4/3rCuKlNrXHWnOKFvyJy6OTgEPh7
EyYhgEzPyRwdFHccRqNUhgAXSjOEqkjc2rM/jGHQ33HSRfeC2YtQOxKytUwgKZmS
4UP41ZlTZvdm2EfirGVb5LGTvWFJLH4JWxvfiol1Y7FhPiEdOifgFA4ksD/swCKN
8NaaPp1usuBYGTkIIQeJCawgdRbxC0h0bWs7pP8EEUsnfhPfA2o3tUKCPBPb54/4
kX3rAyKycbYo7a341EkxrVlXe5QuQ+sYUdzFxT8jJxDRjBWQF0bjA7hMz+6g1ULe
qQk6MX31lgPPb6uKnJUqOtw0ZFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGf+U7
BNfCFb2t8vYf4wzD1FGbijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqQq+LS5PsjckbrZa1i0ALepcsF/Qk9yw9COsK
va4dY/BLf5Yntc7avOf20UajxgnLtJb0m3zCZvE+zjodcVjB1e8c2YY4mjWcTv7s
VsUBkIGwqFALJBNcJSN7Y79qL7H6uwJWf/Vo/BZbisBOAzsM6FwpgoR0+myjil09
OpIcPJn+DPT5iKqgdDsiltkZ1EPDomMYgY04mvM/+V+xy/PFp4hYOYfwmIpRmHD7
2PopFSUeTUJqsMC0CcJNarGGjG1xZzuOLieuSFOixcdm7sTx820zQ+McOa3Nj6qC
pDN21f1Iv8dVBrpdfYJRQanQDwi/jHsy722JahgGXSir6oEi
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:31 2025 by rpki-client