Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: VqUpl4wI8yvqsTZYzWRaQt7qbBp6ELFQYhB6y9kNry0=
Subject key identifier: B1:EE:68:1C:A5:66:8D:C3:CC:41:35:C3:AA:67:86:5F:28:73:23:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56E5162214D3506DA8A3D64837EE9038C55A4E3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Fri 14 Mar 2025 15:00:39 +0000
ROA not before: Fri 14 Mar 2025 15:00:39 +0000
ROA not after: Fri 18 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e5:16:22:14:d3:50:6d:a8:a3:d6:48:37:ee:90:38:c5:5a:4e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 14 15:00:39 2025 GMT
Not After : Apr 18 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b7:d7:af:d8:d2:81:25:3b:01:ec:f3:43:af:
d1:10:49:69:1d:d7:6b:88:b8:1e:9b:ea:38:71:54:
9d:51:df:48:43:08:9f:19:98:73:77:ce:0b:25:b8:
12:0b:cd:b3:1c:70:6c:7d:c6:2d:c4:ac:d0:9f:83:
2e:08:c3:2d:b4:e9:46:39:1a:23:4d:47:6f:5c:4c:
16:59:55:e9:b0:e2:51:e4:51:1f:ca:07:20:05:b5:
5e:f7:26:70:9f:91:a3:1f:a5:90:50:36:99:a9:a5:
77:eb:24:52:86:77:e3:b2:a5:63:b1:aa:ed:38:83:
dc:92:5d:a9:28:d6:a1:a2:2e:7f:58:1b:de:b3:80:
4c:37:96:c5:05:1b:59:72:82:3b:ef:34:e9:41:4c:
f8:7a:b8:4d:19:22:8d:35:b3:a8:aa:90:77:34:ad:
df:85:fa:f2:f9:4c:1f:54:4a:b1:86:ab:ce:0b:4a:
19:d3:50:b3:0d:7a:44:93:1c:18:da:0a:45:ce:13:
3b:7a:09:c2:4f:49:c0:12:7d:50:91:fd:7f:5e:87:
f0:d1:e6:7f:23:10:39:59:ba:ec:8c:03:d2:a6:ef:
3f:40:ef:89:ef:e5:85:54:d9:32:f8:50:fe:76:2d:
83:dd:b9:f0:f8:8e:58:d7:14:95:e9:46:87:3f:1d:
1d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EE:68:1C:A5:66:8D:C3:CC:41:35:C3:AA:67:86:5F:28:73:23:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
19:59:f9:5c:d7:1b:3f:3f:8e:cd:b3:d4:53:93:19:7c:df:15:
d0:7e:6e:e0:b1:a7:c6:80:57:ff:78:b6:87:76:51:a2:9e:f8:
33:8f:92:11:3d:08:64:0a:f1:22:c7:16:b5:79:36:ff:0f:e9:
28:6d:c6:7d:cb:d0:48:2e:e9:50:09:d9:6c:ac:e5:65:02:a4:
11:46:70:a3:09:1a:87:05:7a:2e:2a:b6:1b:41:3b:57:58:10:
0f:bf:3e:3d:d2:6a:07:14:d0:0f:ee:7f:37:d4:82:94:c4:4c:
1f:9d:0b:d6:a4:cc:cc:30:19:90:88:14:43:7b:1a:82:b6:78:
84:72:3d:57:ff:2d:ed:82:4e:65:9d:57:75:a2:9c:67:4d:be:
b6:c6:90:5f:90:1d:d6:f1:41:57:7c:42:45:ef:cf:6a:72:9a:
78:d0:e4:4c:16:7a:81:8f:7b:7e:9e:23:85:76:cb:18:db:2d:
e8:d6:18:f3:30:43:cc:c0:98:79:22:ef:da:e4:ea:b1:83:46:
58:03:01:ae:18:ad:71:8a:5c:94:0c:fd:d7:e8:cc:57:1b:cf:
6e:33:cf:27:2b:b7:8d:b3:80:74:4a:c4:84:c2:44:cc:6d:50:
bc:97:2d:4c:da:f0:84:75:9b:22:f3:f1:ae:a9:9e:90:7c:6b:
29:54:db:24
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVuUWIhTTUG2oo9ZIN+6QOMVaTj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTQxNTAwMzlaFw0yNTA0MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYmI5MmZmNjRjY2JmMTI3M2FmYTcxMWE4ZjU4MjE2ZGNiYzI5MjMxNjEw
Y2E4MDgyM2Y5ZDIwNDhjYWJmYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm316/Y0oElOwHs80Ov0RBJaR3Xa4i4HpvqOHFUnVHfSEMInxmYc3fOCyW4
EgvNsxxwbH3GLcSs0J+DLgjDLbTpRjkaI01Hb1xMFllV6bDiUeRRH8oHIAW1Xvcm
cJ+Rox+lkFA2mamld+skUoZ347KlY7Gq7TiD3JJdqSjWoaIuf1gb3rOATDeWxQUb
WXKCO+806UFM+Hq4TRkijTWzqKqQdzSt34X68vlMH1RKsYarzgtKGdNQsw16RJMc
GNoKRc4TO3oJwk9JwBJ9UJH9f16H8NHmfyMQOVm67IwD0qbvP0Dvie/lhVTZMvhQ
/nYtg9258PiOWNcUlelGhz8dHVsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSx7mgc
pWaNw8xBNcOqZ4ZfKHMj4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBABlZ+VzXGz8/js2z1FOTGXzfFdB+buCxp8aAV/94
tod2UaKe+DOPkhE9CGQK8SLHFrV5Nv8P6Shtxn3L0Egu6VAJ2Wys5WUCpBFGcKMJ
GocFei4qthtBO1dYEA+/Pj3SagcU0A/ufzfUgpTETB+dC9akzMwwGZCIFEN7GoK2
eIRyPVf/Le2CTmWdV3WinGdNvrbGkF+QHdbxQVd8QkXvz2pymnjQ5EwWeoGPe36e
I4V2yxjbLejWGPMwQ8zAmHki79rk6rGDRlgDAa4YrXGKXJQM/dfozFcbz24zzycr
t42zgHRKxITCRMxtULyXLUza8IR1myLz8a6pnpB8aylU2yQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:58 2025 by rpki-client