Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
File: e875eadd-6478-4ac0-8792-06722aa80dd0.roa (raw, json)
Hash identifier: nPpiHZDSWgfgBpJb+Q7Gd2nqz3uyzN++GIpesWqs/vw=
Subject key identifier: 10:AF:71:D5:EC:DA:5A:AD:BE:68:CA:28:3C:C5:64:44:5B:E7:F1:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AFD0088B4A3D5D17520BAE560040B858A73A0EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
Signing time: Wed 05 Mar 2025 15:40:27 +0000
ROA not before: Wed 05 Mar 2025 15:40:27 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:20c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:fd:00:88:b4:a3:d5:d1:75:20:ba:e5:60:04:0b:85:8a:73:a0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 15:40:27 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:32:23:03:8d:3f:ae:29:9e:f9:17:5c:16:59:
cb:f7:46:d0:59:b0:8f:40:d5:8e:ca:85:9d:bd:25:
34:e9:1b:66:b6:34:00:24:7a:42:ba:6f:46:f4:6e:
23:81:05:fe:f9:d0:95:97:a6:68:d2:b9:de:dc:56:
a7:45:a6:d6:db:b4:a8:cc:d8:30:c3:92:97:91:bb:
23:33:a0:c9:8c:38:0d:b2:59:39:d9:58:9d:85:d3:
75:8a:59:11:f0:42:73:7c:5a:b2:20:84:7e:3f:2d:
d1:d9:39:af:13:38:56:9a:90:ec:d3:da:7b:c7:35:
4f:1a:85:c6:29:32:36:46:a0:71:3a:36:95:07:66:
aa:5c:ba:f6:6f:75:81:e5:8c:a0:27:47:51:7d:23:
2e:e2:99:5e:31:c0:53:09:48:75:4f:e7:c6:00:ed:
27:dc:eb:90:6a:21:e0:04:39:66:e0:8b:2b:72:5b:
1d:31:dc:06:28:62:cd:09:fd:cf:fc:8d:57:f3:fe:
4d:5c:43:e8:39:6d:5f:06:a6:73:86:45:17:4d:fc:
45:ae:12:7d:5a:85:11:bb:94:f4:20:fa:97:7e:3d:
48:31:04:93:a8:c7:b5:a9:b3:2a:1e:1b:c6:42:c5:
2e:77:a7:c4:a0:27:09:4b:2c:bf:b5:a9:9d:b2:7e:
8a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AF:71:D5:EC:DA:5A:AD:BE:68:CA:28:3C:C5:64:44:5B:E7:F1:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
b7:87:30:fb:4a:ea:d8:01:58:ca:95:94:94:e2:e4:f0:81:0c:
7a:78:c6:39:82:fa:a0:30:ce:1a:dd:bf:d5:ed:db:0b:7a:08:
e5:fa:5e:a1:16:28:91:79:ee:31:e6:02:77:b1:80:cf:fc:de:
c7:fe:8e:d2:b7:56:6f:e5:e9:be:61:c2:2f:9e:1d:b4:a0:c3:
1d:48:88:ad:50:e2:90:3c:bf:4a:bf:22:11:d0:71:ab:c7:3e:
9c:59:9c:30:8e:49:79:6f:bc:09:ac:41:22:d7:49:c4:8c:98:
e9:18:c2:cc:6f:bf:cf:eb:58:56:ee:f8:2b:90:3c:a4:d2:22:
03:30:5d:e5:40:aa:0b:cf:67:50:fb:f5:d1:a1:98:19:91:7f:
b8:52:20:8b:a9:0f:b0:1c:e5:e7:aa:30:35:cb:09:27:40:97:
49:fc:91:7b:e6:c8:9a:4b:8f:37:c6:e6:b4:bc:33:50:fc:cf:
2c:22:1e:9f:8f:22:31:ad:9b:c8:7b:df:75:4d:63:48:f5:b5:
a2:54:51:d2:a4:b5:9e:5d:df:0f:3e:b1:5d:10:e0:ec:ca:83:
65:5d:4c:6e:22:5b:01:d7:47:ad:cd:88:cb:35:6c:1f:6b:c9:
41:62:5b:c7:14:16:6d:1f:bd:09:18:10:70:e4:48:8c:84:d0:
84:bb:47:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKv0AiLSj1dF1ILrlYAQLhYpzoOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNTQwMjdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MmI5ZWRhOTc3OTExZTM1NzYyNTdmYmZjODMzZDA3MTMyYjM4OTlhODc1
ZDhhZDYxMDc2MjczY2Q5OGM0ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsyIwONP64pnvkXXBZZy/dG0Fmwj0DVjsqFnb0lNOkbZrY0ACR6QrpvRvRu
I4EF/vnQlZemaNK53txWp0Wm1tu0qMzYMMOSl5G7IzOgyYw4DbJZOdlYnYXTdYpZ
EfBCc3xasiCEfj8t0dk5rxM4VpqQ7NPae8c1TxqFxikyNkagcTo2lQdmqly69m91
geWMoCdHUX0jLuKZXjHAUwlIdU/nxgDtJ9zrkGoh4AQ5ZuCLK3JbHTHcBihizQn9
z/yNV/P+TVxD6DltXwamc4ZFF038Ra4SfVqFEbuU9CD6l349SDEEk6jHtamzKh4b
xkLFLnenxKAnCUssv7WpnbJ+ilECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQr3HV
7Nparb5oyig8xWREW+fxDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3NWVhZGQtNjQ3OC00YWMwLTg3OTItMDY3MjJhYTgwZGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
wDANBgkqhkiG9w0BAQsFAAOCAQEAt4cw+0rq2AFYypWUlOLk8IEMenjGOYL6oDDO
Gt2/1e3bC3oI5fpeoRYokXnuMeYCd7GAz/zex/6O0rdWb+XpvmHCL54dtKDDHUiI
rVDikDy/Sr8iEdBxq8c+nFmcMI5JeW+8CaxBItdJxIyY6RjCzG+/z+tYVu74K5A8
pNIiAzBd5UCqC89nUPv10aGYGZF/uFIgi6kPsBzl56owNcsJJ0CXSfyRe+bImkuP
N8bmtLwzUPzPLCIen48iMa2byHvfdU1jSPW1olRR0qS1nl3fDz6xXRDg7MqDZV1M
biJbAddHrc2IyzVsH2vJQWJbxxQWbR+9CRgQcORIjITQhLtHNA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:49:59 2025 by rpki-client