Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: p5llkPOb7B7Ihjz/Av7aVjEwSAfO7CRha59yMilOkmo=
Subject key identifier: 35:7A:C4:42:75:7D:80:4D:0E:69:16:C6:74:FC:AF:A4:32:4B:0A:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D5AF64ADFD50F6F253427152C77E76A35C06E83
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Fri 21 Mar 2025 15:10:15 +0000
ROA not before: Fri 21 Mar 2025 15:10:15 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:5a:f6:4a:df:d5:0f:6f:25:34:27:15:2c:77:e7:6a:35:c0:6e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:10:15 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cd:a9:e9:ea:59:f4:6a:30:01:69:af:cc:58:
5d:ad:37:c3:f7:72:9a:19:fd:28:c4:34:14:cb:8e:
66:9b:c2:20:5a:15:7f:6e:f3:0a:83:92:90:0a:32:
3b:7b:9d:62:ec:e7:9d:92:f7:2b:2c:0c:ae:7d:fc:
7e:33:8a:2b:1b:af:a2:2e:59:d9:65:9b:b7:83:1d:
19:ab:83:84:29:bd:62:73:2e:9d:4e:26:33:e7:ad:
17:44:44:51:5b:e8:bc:e1:36:cb:ec:b4:6b:9d:0c:
9b:9f:d3:4a:e7:e0:45:4f:c7:7f:c3:c3:cd:0b:5f:
ed:ac:67:d2:de:1c:e4:d4:34:50:07:d8:d8:16:33:
cf:a9:60:cb:d3:97:85:b1:3f:d6:0b:8a:74:11:4d:
8d:69:37:82:ce:e7:e1:0e:c7:83:7d:f7:14:50:39:
8c:b5:9e:0d:a0:07:dd:31:aa:44:c3:13:43:2e:dc:
9e:be:33:69:99:f4:98:d8:0f:f4:1e:f1:00:85:15:
e4:8c:bd:cf:50:47:26:51:3c:6c:41:dd:a7:e4:a3:
6a:9a:0b:43:19:2a:12:00:22:cc:f7:8a:ec:83:70:
90:e4:4b:f5:da:68:4a:99:5e:07:6d:0a:a0:ce:31:
34:01:8a:1d:d6:c1:7e:53:08:40:b7:71:ca:5d:e8:
cc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7A:C4:42:75:7D:80:4D:0E:69:16:C6:74:FC:AF:A4:32:4B:0A:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:7c:16:56:cb:98:1c:35:64:86:bf:8a:bb:6c:59:3a:db:0b:
8a:dc:05:f5:04:c6:50:bf:9e:d1:13:f9:ab:4e:e4:60:35:76:
99:bf:7c:23:33:a5:73:8c:dc:31:2e:ac:74:3d:47:2c:a5:66:
07:06:ac:c7:a1:c4:36:45:56:23:b6:72:26:1b:e0:05:13:ca:
27:b6:6a:86:e2:c8:c4:0b:81:0c:35:ad:59:d8:71:2b:e4:47:
32:f2:dc:d0:93:d8:12:10:0c:53:94:b1:ca:c4:ce:0e:1b:b6:
d9:0a:4b:7a:cc:dc:65:f4:ca:ba:1b:86:07:44:d5:cf:26:76:
8e:8e:35:a3:33:69:d8:2a:75:28:9c:5b:d5:a5:18:d6:52:b1:
e1:fc:24:63:df:d7:97:d7:fb:52:d8:61:88:05:4e:f3:a9:42:
9a:06:3b:9f:96:01:7e:89:5b:b0:6f:f6:43:8c:c8:97:85:3f:
9f:b2:7d:0d:39:88:37:8f:05:7d:b0:2d:2c:89:d4:6d:82:26:
68:29:49:20:a1:9d:01:c7:03:37:7c:f7:54:b4:80:a9:00:e1:
b9:9a:b1:a4:8c:58:7d:8f:9c:30:fc:01:59:45:c5:27:78:43:
de:27:1a:ce:4a:e7:f0:de:c4:d5:70:f4:a7:c9:ce:87:56:63:
f0:df:a7:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDVr2St/VD28lNCcVLHfnajXAboMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTEwMTVaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMzZiMjVjYmVhMGZmOTI3MGMwZTE3NDQ4ZmFlMjVhYWZmZmJlMDk0Yjg4
N2U1MzU5NjM3NWU5YTM2ZTNhZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/NqenqWfRqMAFpr8xYXa03w/dymhn9KMQ0FMuOZpvCIFoVf27zCoOSkAoy
O3udYuznnZL3KywMrn38fjOKKxuvoi5Z2WWbt4MdGauDhCm9YnMunU4mM+etF0RE
UVvovOE2y+y0a50Mm5/TSufgRU/Hf8PDzQtf7axn0t4c5NQ0UAfY2BYzz6lgy9OX
hbE/1guKdBFNjWk3gs7n4Q7Hg333FFA5jLWeDaAH3TGqRMMTQy7cnr4zaZn0mNgP
9B7xAIUV5Iy9z1BHJlE8bEHdp+SjapoLQxkqEgAizPeK7INwkORL9dpoSpleB20K
oM4xNAGKHdbBflMIQLdxyl3ozAcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1esRC
dX2ATQ5pFsZ0/K+kMksKvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCmfBZWy5gcNWSGv4q7bFk62wuK3AX1BMZQv57R
E/mrTuRgNXaZv3wjM6VzjNwxLqx0PUcspWYHBqzHocQ2RVYjtnImG+AFE8ontmqG
4sjEC4EMNa1Z2HEr5Ecy8tzQk9gSEAxTlLHKxM4OG7bZCkt6zNxl9Mq6G4YHRNXP
JnaOjjWjM2nYKnUonFvVpRjWUrHh/CRj39eX1/tS2GGIBU7zqUKaBjuflgF+iVuw
b/ZDjMiXhT+fsn0NOYg3jwV9sC0sidRtgiZoKUkgoZ0BxwM3fPdUtICpAOG5mrGk
jFh9j5ww/AFZRcUneEPeJxrOSufw3sTVcPSnyc6HVmPw36fA
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:21:35 2025 by rpki-client