Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
File: 06a4b0ee-b740-45a8-9574-79207837db5b.roa (raw, json)
Hash identifier: 8zh6SmgMsra/J53uezGgk8bbr0zZ8ckTeRdJUVGBuVM=
Subject key identifier: 72:D8:DF:45:A6:33:65:2F:04:50:1A:36:C7:75:26:39:A4:70:5D:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04BB5CCB84C3CC7E3EC3122E3B7529F8E959930C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a0c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:bb:5c:cb:84:c3:cc:7e:3e:c3:12:2e:3b:75:29:f8:e9:59:93:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=4e16df386efe1c7f1049c9b23d20c4d1303f5d600d9aa612cc99aff4077ef7f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:eb:dc:32:15:59:4a:49:50:0e:c1:d2:ca:d9:
65:a1:a5:6d:ba:ec:91:7b:e2:ed:7e:7b:81:a3:ad:
b5:a1:18:35:cc:58:70:78:90:b2:39:ec:70:4e:c2:
1f:f3:66:f2:21:aa:e5:7d:c0:e3:8d:2a:f3:85:78:
87:3c:cd:b1:5c:ea:b9:56:1b:55:b9:87:66:98:08:
30:4f:e4:a2:c0:00:b1:28:72:70:ba:13:b8:e5:c3:
30:4f:cf:cd:43:bc:ce:e7:9b:c5:42:35:3d:6f:79:
5c:37:54:85:0b:55:72:5d:5d:7b:7d:77:d9:80:95:
15:2c:7f:be:02:88:fd:a8:a0:6f:d1:f9:98:f8:2d:
ce:f1:a9:17:e3:99:33:d0:c0:21:2c:c5:97:ad:2a:
76:fd:a0:5e:98:14:64:53:cf:9e:57:e0:85:10:4d:
b4:ac:46:ca:8d:11:16:f8:35:ad:49:f6:d0:1c:7b:
ff:08:dc:41:1e:90:7c:de:79:87:1d:6d:1a:ee:e8:
35:9f:f2:65:12:2b:4d:39:95:e5:f0:45:f0:65:6d:
f0:9e:17:ea:9b:4b:3d:27:78:b8:bb:2c:db:15:90:
12:69:ac:0f:8d:ec:4b:92:87:b5:37:d2:fc:9d:0a:
31:33:f3:a4:dd:4e:28:73:c1:01:c6:50:7c:85:77:
b4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D8:DF:45:A6:33:65:2F:04:50:1A:36:C7:75:26:39:A4:70:5D:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
17:a7:00:5b:c1:d4:d4:5b:db:b3:91:98:47:7c:1c:c1:46:c7:
19:e7:6f:1a:f6:32:b2:97:12:25:d9:d9:84:0b:a2:fd:fc:da:
6c:6f:06:7a:41:19:f5:b8:f1:16:86:a8:9b:60:9a:85:a9:13:
51:0e:79:c9:8a:66:89:0d:81:c5:1a:1e:9a:27:6e:43:dd:58:
23:93:e9:49:63:b1:cb:aa:7f:4e:88:71:2f:85:5b:ae:4d:69:
c8:ed:bb:f7:f6:05:d1:48:94:db:8d:2c:cc:70:51:7c:6f:84:
6f:77:39:8e:e0:b4:52:3f:eb:7b:6b:ed:a9:1a:2d:5f:d1:97:
05:8f:09:60:04:db:bb:aa:d3:e9:d5:04:83:a3:db:79:5f:14:
1b:9d:4c:14:bd:78:3d:34:fe:3c:22:19:ee:0f:fc:e1:1f:3f:
50:e9:86:4f:b2:9f:78:ea:63:e5:43:d7:5b:80:2a:e0:9d:90:
92:de:a1:81:c3:19:3f:45:ca:8c:dd:ac:d6:71:4a:47:52:e7:
0d:67:e5:1d:f3:74:76:9c:0a:4b:38:a4:2f:bc:cc:c6:18:df:
50:78:7f:5d:72:11:8a:bf:86:d1:8e:16:9d:8f:91:8e:01:b8:
2a:0d:12:4e:34:d9:32:8b:80:b0:d4:29:9c:b0:70:dd:dd:f7:
5e:3a:6f:3b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBLtcy4TDzH4+wxIuO3Up+OlZkwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMTZkZjM4NmVmZTFjN2YxMDQ5YzliMjNkMjBjNGQxMzAzZjVkNjAwZDlh
YTYxMmNjOTlhZmY0MDc3ZWY3ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHr3DIVWUpJUA7B0srZZaGlbbrskXvi7X57gaOttaEYNcxYcHiQsjnscE7C
H/Nm8iGq5X3A440q84V4hzzNsVzquVYbVbmHZpgIME/kosAAsShycLoTuOXDME/P
zUO8zuebxUI1PW95XDdUhQtVcl1de3132YCVFSx/vgKI/aigb9H5mPgtzvGpF+OZ
M9DAISzFl60qdv2gXpgUZFPPnlfghRBNtKxGyo0RFvg1rUn20Bx7/wjcQR6QfN55
hx1tGu7oNZ/yZRIrTTmV5fBF8GVt8J4X6ptLPSd4uLss2xWQEmmsD43sS5KHtTfS
/J0KMTPzpN1OKHPBAcZQfIV3tDECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRy2N9F
pjNlLwRQGjbHdSY5pHBd2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZhNGIwZWUtYjc0MC00NWE4LTk1NzQtNzkyMDc4MzdkYjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
wDANBgkqhkiG9w0BAQsFAAOCAQEAF6cAW8HU1Fvbs5GYR3wcwUbHGedvGvYyspcS
JdnZhAui/fzabG8GekEZ9bjxFoaom2CahakTUQ55yYpmiQ2BxRoemiduQ91YI5Pp
SWOxy6p/TohxL4Vbrk1pyO279/YF0UiU240szHBRfG+Eb3c5juC0Uj/re2vtqRot
X9GXBY8JYATbu6rT6dUEg6PbeV8UG51MFL14PTT+PCIZ7g/84R8/UOmGT7KfeOpj
5UPXW4Aq4J2Qkt6hgcMZP0XKjN2s1nFKR1LnDWflHfN0dpwKSzikL7zMxhjfUHh/
XXIRir+G0Y4WnY+RjgG4Kg0STjTZMouAsNQpnLBw3d33XjpvOw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:45 2025 by rpki-client