Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
File: f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa (raw, json)
Hash identifier: 7ODu6sXYqxYmKIHOppuXvezZJD0izw056kjR4J2jWAc=
Subject key identifier: E4:9F:CF:BC:E6:C8:9C:90:CD:07:B0:7C:4E:48:72:55:A7:ED:47:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19391EE2F0921FBFA27E05869D6F5403D7621AAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
Signing time: Wed 05 Mar 2025 16:10:13 +0000
ROA not before: Wed 05 Mar 2025 16:10:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:39:1e:e2:f0:92:1f:bf:a2:7e:05:86:9d:6f:54:03:d7:62:1a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 16:10:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:96:a3:1f:2f:a0:14:b3:ca:40:fd:c9:f6:15:
ca:d1:88:81:4d:03:7d:9b:f1:d1:ba:aa:30:4e:42:
6d:e1:5a:69:b0:fe:c1:77:aa:c6:6e:72:c7:6a:7a:
3a:6e:4d:31:4d:9f:4a:e4:63:9b:b5:56:6b:1e:68:
bd:97:3e:42:91:bb:11:45:ce:83:56:d0:60:a3:48:
15:6d:9b:b6:eb:8b:1f:b2:3e:89:6d:62:68:56:2d:
9d:58:5d:43:6a:5a:64:9e:a1:8f:c5:12:b4:26:b9:
c5:c2:83:77:fe:47:44:d9:eb:0d:fc:96:2a:fd:6f:
36:bc:64:dc:c5:b9:9c:cd:54:6e:49:26:9f:b5:f6:
74:3d:5c:7a:10:65:70:07:76:da:3b:20:87:a6:65:
23:e2:12:dd:cf:8d:d2:03:72:1a:c1:46:61:da:c4:
ae:f5:1a:4a:fa:62:50:5d:b1:74:69:07:33:0d:f2:
5e:90:08:18:87:86:9b:f7:8d:54:11:15:e9:8f:96:
5a:ce:bb:77:f8:6a:3d:79:70:24:54:48:8f:7d:b2:
00:a0:8c:bc:a5:f8:74:57:30:de:39:75:d4:a8:01:
a4:bb:4f:a1:06:08:1a:35:26:af:d2:0c:6b:14:bb:
30:a4:91:2d:1c:c4:45:f8:f3:66:6b:1e:69:08:f0:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9F:CF:BC:E6:C8:9C:90:CD:07:B0:7C:4E:48:72:55:A7:ED:47:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:9c:60:16:59:e3:d0:ab:24:e5:cc:ae:67:d9:ae:0c:59:bd:
03:d7:e6:49:ba:1b:db:4c:b0:a1:ed:3e:1a:6b:06:82:c1:f8:
90:22:f7:bc:ab:ac:5c:ae:11:f3:d0:a0:61:77:bb:ea:b6:b7:
4c:dd:b0:ff:63:d4:49:3a:dd:39:00:8b:ac:c3:15:38:96:9b:
82:2d:a4:80:88:ce:5f:87:c7:29:43:30:40:40:ca:1d:1f:00:
85:a6:67:05:8d:35:21:eb:de:9d:40:e1:ef:61:c2:06:5c:f6:
79:cc:fc:85:5f:15:e4:eb:0a:03:99:c9:2b:0a:ee:e6:2e:7a:
7d:38:2f:10:65:3f:06:29:39:b0:c7:15:f8:38:78:0b:37:8b:
cb:50:4a:fd:37:b2:dd:9e:11:7a:0f:d2:2d:3e:9e:fc:0a:1a:
d9:5d:71:5a:9a:ed:b4:3d:6a:f9:db:63:8b:23:14:50:00:13:
f3:9b:90:16:81:f1:3b:cb:5e:21:79:bb:ae:91:ec:02:63:23:
b3:db:83:b4:dd:8d:f9:8a:61:1b:04:9f:c0:f6:90:82:98:c9:
de:be:fa:34:a4:b6:ed:38:31:bd:f1:3a:d7:ef:c7:8d:fc:78:
84:37:37:dd:b6:80:bc:32:9a:ec:b7:00:bf:4f:66:90:4a:50:
24:ca:a8:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGTke4vCSH7+ifgWGnW9UA9diGqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNjEwMTNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjYmJlZThlOTJiZjg2NTZhZTE0ZGEwN2RjODE5OWM1YWU1NWViYjdjZjJm
NmI2NjUyNjFkN2NlYzVlMmNjNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+Wox8voBSzykD9yfYVytGIgU0DfZvx0bqqME5CbeFaabD+wXeqxm5yx2p6
Om5NMU2fSuRjm7VWax5ovZc+QpG7EUXOg1bQYKNIFW2btuuLH7I+iW1iaFYtnVhd
Q2paZJ6hj8UStCa5xcKDd/5HRNnrDfyWKv1vNrxk3MW5nM1Ubkkmn7X2dD1cehBl
cAd22jsgh6ZlI+IS3c+N0gNyGsFGYdrErvUaSvpiUF2xdGkHMw3yXpAIGIeGm/eN
VBEV6Y+WWs67d/hqPXlwJFRIj32yAKCMvKX4dFcw3jl11KgBpLtPoQYIGjUmr9IM
axS7MKSRLRzERfjzZmseaQjwR6ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkn8+8
5sickM0HsHxOSHJVp+1HHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5YTFjZTMtMzcyNi00ZDhkLThkM2EtYjJlYzA1MDljYzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQConGAWWePQqyTlzK5n2a4MWb0D1+ZJuhvbTLCh
7T4aawaCwfiQIve8q6xcrhHz0KBhd7vqtrdM3bD/Y9RJOt05AIuswxU4lpuCLaSA
iM5fh8cpQzBAQModHwCFpmcFjTUh696dQOHvYcIGXPZ5zPyFXxXk6woDmckrCu7m
Lnp9OC8QZT8GKTmwxxX4OHgLN4vLUEr9N7LdnhF6D9ItPp78ChrZXXFamu20PWr5
22OLIxRQABPzm5AWgfE7y14hebuukewCYyOz24O03Y35imEbBJ/A9pCCmMnevvo0
pLbtODG98TrX78eN/HiENzfdtoC8MprstwC/T2aQSlAkyqj0
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:27 2025 by rpki-client