Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
File: 4a3909fa-da3d-4cd8-918f-7755304d49d1.roa (raw, json)
Hash identifier: I96xMBMBkIjOlb0RDlAFoI7hVwgu38isRcIewe00Y94=
Subject key identifier: BB:7A:C8:7B:E8:5E:57:38:A8:59:2A:1C:4F:67:8B:A1:4E:B6:37:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77C98F2FE023800A99925E8CF7C5BD2B4292B238
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
Signing time: Sat 08 Mar 2025 00:30:42 +0000
ROA not before: Sat 08 Mar 2025 00:30:42 +0000
ROA not after: Sat 12 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:c9:8f:2f:e0:23:80:0a:99:92:5e:8c:f7:c5:bd:2b:42:92:b2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 8 00:30:42 2025 GMT
Not After : Apr 12 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e1:72:ae:da:af:f8:3f:18:35:ad:f1:6f:1e:
ec:4b:42:98:f9:51:f6:fe:4f:33:d8:84:1a:f0:be:
66:ac:f9:51:c3:0c:44:f6:ed:e3:c0:68:3f:2e:8c:
2c:f4:4f:1b:92:d3:35:e1:fa:3e:a9:5f:24:47:89:
1e:04:e6:90:06:68:a6:23:75:cd:1b:a0:eb:98:fd:
20:47:54:1c:26:d8:32:12:fb:67:93:32:2a:22:09:
ff:02:58:5d:da:f6:4b:3a:f1:25:82:e4:e4:49:0e:
8b:c0:5c:9a:73:c4:bd:68:59:61:87:f0:4c:89:7c:
76:2b:9a:a2:ee:52:b7:ae:2d:ea:62:68:3a:32:d6:
43:c7:3f:0a:ac:23:85:0e:d2:e5:da:0f:01:49:b3:
25:bb:72:13:14:60:53:fc:12:d2:4c:8c:06:16:8a:
12:e9:55:65:fa:52:0a:b5:1c:d3:ba:e0:8c:d7:2b:
d2:c9:2f:93:7c:51:d4:d9:e3:3c:5e:44:2b:c3:5a:
b9:8e:50:95:13:11:23:b9:33:95:cd:9a:6c:d7:a3:
f5:82:31:cd:c4:1f:17:dd:09:79:74:f9:9d:85:d8:
9d:a2:81:d8:ad:d8:43:01:c7:b3:ba:f9:cb:11:f2:
c2:ed:90:c0:d5:70:97:af:ba:02:50:d9:fb:fc:e6:
72:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7A:C8:7B:E8:5E:57:38:A8:59:2A:1C:4F:67:8B:A1:4E:B6:37:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
22:e6:74:27:a4:71:5d:e7:ea:c5:3c:aa:1f:d9:85:b0:a6:53:
e4:94:98:b4:4c:c7:2e:08:ff:ce:f7:28:18:25:96:fd:37:9a:
60:ec:2b:c1:d9:4e:5c:96:c1:93:38:0d:12:4d:a2:c4:fb:68:
3d:8e:3e:8c:26:b1:22:c8:c3:62:7b:b0:1c:bc:e7:3e:e6:99:
c8:96:9a:b4:51:89:cc:6e:c9:20:be:2b:c0:86:2b:b7:38:2f:
6e:81:96:f1:be:2f:43:a0:ac:0b:6e:e3:4f:44:7e:a9:b2:8f:
7a:8f:d4:75:36:27:13:4b:e0:0c:b4:76:61:49:43:5e:87:14:
cc:27:fe:ee:20:2d:1b:54:5d:7a:e0:4a:c5:54:94:47:74:28:
38:6b:e7:62:7d:3c:a4:36:59:e6:ae:8a:0d:25:0c:ae:89:e5:
cc:2a:ba:4b:eb:d6:0a:31:2f:b0:ea:15:4a:5e:05:11:5b:3a:
c5:94:75:d5:07:66:d8:53:be:b2:56:74:5e:e6:a9:db:ee:e7:
dc:9b:53:42:9f:d6:f2:2b:7c:47:88:fd:f8:66:e2:ce:a6:f7:
90:58:f4:9c:8e:f5:62:f6:ff:ee:72:1e:c5:24:33:65:fb:1c:
51:ad:c2:ac:31:a9:73:24:3f:61:a4:2d:87:f0:10:cc:0d:32:
57:35:41:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd8mPL+AjgAqZkl6M98W9K0KSsjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDgwMDMwNDJaFw0yNTA0MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZjY2OWQ3YTQ3MzgxZWUyYmYxNjI3NGEzZTEyMTQxZGYxZDZkYzJlZjE0
ZGNhNjAzMmQ1YzFkNmUwNjU5MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnhcq7ar/g/GDWt8W8e7EtCmPlR9v5PM9iEGvC+Zqz5UcMMRPbt48BoPy6M
LPRPG5LTNeH6PqlfJEeJHgTmkAZopiN1zRug65j9IEdUHCbYMhL7Z5MyKiIJ/wJY
Xdr2SzrxJYLk5EkOi8BcmnPEvWhZYYfwTIl8diuaou5St64t6mJoOjLWQ8c/Cqwj
hQ7S5doPAUmzJbtyExRgU/wS0kyMBhaKEulVZfpSCrUc07rgjNcr0skvk3xR1Nnj
PF5EK8NauY5QlRMRI7kzlc2abNej9YIxzcQfF90JeXT5nYXYnaKB2K3YQwHHs7r5
yxHywu2QwNVwl6+6AlDZ+/zmcl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7esh7
6F5XOKhZKhxPZ4uhTrY3YjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEzOTA5ZmEtZGEzZC00Y2Q4LTkxOGYtNzc1NTMwNGQ0OWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQAi5nQnpHFd5+rFPKof2YWwplPklJi0TMcuCP/O
9ygYJZb9N5pg7CvB2U5clsGTOA0STaLE+2g9jj6MJrEiyMNie7AcvOc+5pnIlpq0
UYnMbskgvivAhiu3OC9ugZbxvi9DoKwLbuNPRH6pso96j9R1NicTS+AMtHZhSUNe
hxTMJ/7uIC0bVF164ErFVJRHdCg4a+difTykNlnmrooNJQyuieXMKrpL69YKMS+w
6hVKXgURWzrFlHXVB2bYU76yVnRe5qnb7ufcm1NCn9byK3xHiP34ZuLOpveQWPSc
jvVi9v/uch7FJDNl+xxRrcKsMalzJD9hpC2H8BDMDTJXNUG3
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:22:43 2025 by rpki-client