Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
File: 05a72d01-7790-4b75-991b-28806ee2dacf.roa (raw, json)
Hash identifier: o7ogiZ1lJIsbcEvUykpgBAbTJA1TgqfRnWNcYXm0M4g=
Subject key identifier: 68:5D:DC:7B:EF:29:1F:7D:00:85:E6:E7:38:D4:C0:47:AB:C5:16:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44C6FE02E3AE854BF05A5204AFA3B85AAAE7E5D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:c6:fe:02:e3:ae:85:4b:f0:5a:52:04:af:a3:b8:5a:aa:e7:e5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0ec2c08d08994690bba7b8d6471c5ecf480345b8f49680aaa1b028c7a310b561, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c7:77:c0:4b:77:47:99:97:a9:99:db:bc:c4:
54:0c:96:a9:56:a6:33:06:61:5f:6c:4b:22:50:de:
28:c3:7d:f0:94:f9:39:56:dd:ee:0d:a6:e1:b1:59:
a4:02:e7:4b:9e:79:b4:24:8d:ac:43:3a:da:f7:89:
45:17:69:a4:21:a8:e2:8b:ca:45:1e:5b:a8:89:10:
83:50:3d:b5:3d:f9:69:9d:cd:59:1b:04:ce:8b:4b:
eb:5d:a9:91:a0:1c:fb:03:cf:69:3c:57:38:ae:02:
fd:f8:26:43:ee:88:34:d3:6b:f3:f3:9e:0a:44:25:
5c:40:c1:30:67:0e:e8:a0:10:ab:28:53:37:8c:1e:
8c:45:69:69:47:66:1b:01:06:69:55:1c:20:42:8c:
3d:83:20:09:0a:81:6a:9e:00:96:c5:52:ee:fc:7e:
82:19:8e:72:dd:81:92:3c:8b:30:04:75:1f:df:67:
87:dd:19:3e:ec:aa:8f:5b:bd:f5:a0:cd:a3:1e:d2:
de:8e:f3:d5:84:1b:c2:50:fa:d3:9b:62:2b:70:b0:
0d:28:22:00:38:cf:35:0d:5a:65:73:ba:49:a6:25:
6d:31:ef:c1:88:65:0b:48:29:13:7d:8f:0e:a1:ee:
ab:78:64:b7:de:4c:78:f6:4e:dd:a7:70:1a:1e:06:
b7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5D:DC:7B:EF:29:1F:7D:00:85:E6:E7:38:D4:C0:47:AB:C5:16:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1040::/48
Signature Algorithm: sha256WithRSAEncryption
4b:8c:10:7e:ca:d1:32:36:22:a9:e1:8e:af:94:de:dc:8a:6a:
36:0c:ac:d8:c4:7c:38:4d:f8:27:b8:0e:e8:07:81:04:e5:04:
26:c6:1a:ae:0b:c0:dd:be:37:4e:a2:64:7f:a7:ea:24:4d:86:
82:f1:dc:4c:67:d4:02:8f:9b:05:01:f4:44:d5:f2:8e:5c:b3:
3f:da:3d:7a:65:50:bd:7e:53:fd:6d:2e:a1:61:70:75:b3:70:
dc:53:00:a4:43:5a:96:81:97:6a:07:9e:95:a5:18:1c:1a:f8:
86:79:71:cb:3d:c6:13:c6:ef:97:fa:93:7f:12:c1:a8:7e:52:
6a:0e:08:01:6e:b1:69:7d:66:b3:f7:d6:6a:c0:9c:51:99:6f:
bc:f4:a3:9f:b5:75:7d:5f:0e:d1:74:78:ef:1a:51:7b:1b:15:
01:e3:88:25:30:83:31:4a:65:38:ae:92:b0:b1:71:e3:a4:08:
00:52:bd:5e:3a:e2:83:cd:b5:f1:43:1a:0b:1a:00:ff:a2:db:
e4:90:35:ec:72:41:6e:15:e0:a2:90:76:90:8e:99:f6:21:d8:
89:e2:37:81:4d:5b:df:43:a7:79:5b:45:71:1e:5d:12:83:80:
b7:7f:4f:9b:3c:54:85:e8:0b:82:f5:9d:07:2e:89:e5:b8:09:
22:3d:11:99
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURMb+AuOuhUvwWlIEr6O4Wqrn5dUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYzJjMDhkMDg5OTQ2OTBiYmE3YjhkNjQ3MWM1ZWNmNDgwMzQ1YjhmNDk2
ODBhYWExYjAyOGM3YTMxMGI1NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7Hd8BLd0eZl6mZ27zEVAyWqVamMwZhX2xLIlDeKMN98JT5OVbd7g2m4bFZ
pALnS555tCSNrEM62veJRRdppCGo4ovKRR5bqIkQg1A9tT35aZ3NWRsEzotL612p
kaAc+wPPaTxXOK4C/fgmQ+6INNNr8/OeCkQlXEDBMGcO6KAQqyhTN4wejEVpaUdm
GwEGaVUcIEKMPYMgCQqBap4AlsVS7vx+ghmOct2BkjyLMAR1H99nh90ZPuyqj1u9
9aDNox7S3o7z1YQbwlD605tiK3CwDSgiADjPNQ1aZXO6SaYlbTHvwYhlC0gpE32P
DqHuq3hkt95MePZO3adwGh4Gt0cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoXdx7
7ykffQCF5uc41MBHq8UW3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVhNzJkMDEtNzc5MC00Yjc1LTk5MWItMjg4MDZlZTJkYWNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAS4wQfsrRMjYiqeGOr5Te3IpqNgys2MR8OE34
J7gO6AeBBOUEJsYargvA3b43TqJkf6fqJE2GgvHcTGfUAo+bBQH0RNXyjlyzP9o9
emVQvX5T/W0uoWFwdbNw3FMApENaloGXageelaUYHBr4hnlxyz3GE8bvl/qTfxLB
qH5Sag4IAW6xaX1ms/fWasCcUZlvvPSjn7V1fV8O0XR47xpRexsVAeOIJTCDMUpl
OK6SsLFx46QIAFK9Xjrig8218UMaCxoA/6Lb5JA17HJBbhXgopB2kI6Z9iHYieI3
gU1b30OneVtFcR5dEoOAt39PmzxUhegLgvWdBy6J5bgJIj0RmQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:11 2025 by rpki-client