Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
File: 06cf9d14-d513-496c-9a8e-a1898978658a.roa (raw, json)
Hash identifier: EqVZ+LTESisNbYmTTno09t5ts1JvRdgs8r+W9/VklAI=
Subject key identifier: 53:FC:C2:F1:B4:33:69:02:A0:10:F9:D5:55:3A:1B:3A:15:FE:93:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63C53485CC87A370AF685F73EF847A6E880F1E13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:c5:34:85:cc:87:a3:70:af:68:5f:73:ef:84:7a:6e:88:0f:1e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a50e2492b812d6b84f180013345a1e435f973c51ed6af8f49ce27644aa5bb857, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4c:f3:51:45:29:27:5f:77:2b:ec:d2:f4:b2:
a5:38:86:85:08:b2:e2:18:7b:a1:53:0a:34:38:79:
34:98:83:0b:b9:2d:65:66:2c:ba:9d:6a:7b:49:ee:
a6:f5:73:bd:8f:97:a8:12:89:65:6b:d6:7b:11:c6:
90:0e:6b:ec:c5:2a:ed:02:65:02:0c:27:3f:0b:e3:
78:3b:b4:59:6c:c3:e1:ae:d4:90:68:49:8e:8e:8d:
3e:bb:2b:bb:ad:41:9e:ba:bb:a6:64:87:9d:7e:db:
dc:b9:cf:6d:39:50:25:43:51:16:7e:63:31:1d:be:
c8:aa:f6:46:18:b4:e7:69:e8:98:c4:04:56:f9:3c:
f0:a1:d2:ae:1b:5a:a1:aa:8a:d9:01:08:8a:b6:8d:
9e:d4:f6:9d:f2:f6:02:f7:3d:c1:fe:8c:ca:9e:b4:
bf:73:b9:8b:75:92:e0:7b:c6:72:1f:eb:95:b2:a2:
1b:c7:24:8d:1b:29:93:b4:b2:88:d2:82:30:60:bb:
fb:d4:5a:cf:6e:a1:c3:1b:8f:f5:bc:3a:54:f4:4b:
83:6f:f3:e1:19:26:05:86:6f:85:37:30:be:b6:d9:
79:03:3f:7d:40:96:63:dc:51:07:17:67:78:7a:2a:
3b:01:5a:c4:ce:9a:8b:0e:a0:5d:09:25:a5:43:de:
b7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FC:C2:F1:B4:33:69:02:A0:10:F9:D5:55:3A:1B:3A:15:FE:93:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06cf9d14-d513-496c-9a8e-a1898978658a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8040::/46
Signature Algorithm: sha256WithRSAEncryption
4f:66:0c:7f:ef:24:bf:ff:b0:e1:fa:9a:32:09:bd:d9:52:2e:
c6:b0:73:4f:11:7b:ad:d5:9b:bd:cf:4b:c2:31:11:ce:83:7f:
fb:15:7a:7c:3f:5e:ea:bc:47:05:f0:e9:6e:20:3e:51:58:8a:
b4:41:76:6a:e2:aa:46:c0:20:db:d6:b2:62:a3:d6:66:bb:75:
5a:4f:e4:4e:c7:1f:c7:78:cc:a5:42:66:f9:ff:a3:b3:3e:c3:
aa:a7:3b:e4:39:87:fa:51:af:c5:95:5b:ad:fb:93:cb:d0:10:
7a:23:ab:68:5d:ab:dc:e8:67:53:d5:21:3a:4b:2a:b1:b4:3a:
0a:0f:0f:fa:be:b2:d5:02:d6:58:37:31:72:fe:36:42:e0:7d:
65:6b:7f:7d:75:4c:e8:2c:73:9c:6a:39:f3:0e:b7:a1:74:e4:
2b:70:18:af:23:af:2f:f8:f0:60:b8:07:d1:aa:37:6c:27:17:
0a:bb:9d:24:dd:2b:5a:91:5a:d9:0e:b4:03:ad:89:0e:4c:6e:
71:54:13:df:ed:d6:94:3a:5c:1f:be:19:8c:f5:a3:d4:f2:80:
02:87:46:56:62:36:9e:56:2f:8a:6c:58:c7:1b:25:08:28:a1:
9f:4c:71:0d:7c:40:70:dc:15:21:f0:a6:08:f6:b3:84:87:5f:
75:83:a3:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY8U0hcyHo3CvaF9z74R6bogPHhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MGUyNDkyYjgxMmQ2Yjg0ZjE4MDAxMzM0NWExZTQzNWY5NzNjNTFlZDZh
ZjhmNDljZTI3NjQ0YWE1YmI4NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJM81FFKSdfdyvs0vSypTiGhQiy4hh7oVMKNDh5NJiDC7ktZWYsup1qe0nu
pvVzvY+XqBKJZWvWexHGkA5r7MUq7QJlAgwnPwvjeDu0WWzD4a7UkGhJjo6NPrsr
u61Bnrq7pmSHnX7b3LnPbTlQJUNRFn5jMR2+yKr2Rhi052nomMQEVvk88KHSrhta
oaqK2QEIiraNntT2nfL2Avc9wf6Myp60v3O5i3WS4HvGch/rlbKiG8ckjRspk7Sy
iNKCMGC7+9Raz26hwxuP9bw6VPRLg2/z4RkmBYZvhTcwvrbZeQM/fUCWY9xRBxdn
eHoqOwFaxM6aiw6gXQklpUPetwMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRT/MLx
tDNpAqAQ+dVVOhs6Ff6TbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZjZjlkMTQtZDUxMy00OTZjLTlhOGUtYTE4OTg5Nzg2NThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
QDANBgkqhkiG9w0BAQsFAAOCAQEAT2YMf+8kv/+w4fqaMgm92VIuxrBzTxF7rdWb
vc9LwjERzoN/+xV6fD9e6rxHBfDpbiA+UViKtEF2auKqRsAg29ayYqPWZrt1Wk/k
Tscfx3jMpUJm+f+jsz7Dqqc75DmH+lGvxZVbrfuTy9AQeiOraF2r3OhnU9UhOksq
sbQ6Cg8P+r6y1QLWWDcxcv42QuB9ZWt/fXVM6CxznGo58w63oXTkK3AYryOvL/jw
YLgH0ao3bCcXCrudJN0rWpFa2Q60A62JDkxucVQT3+3WlDpcH74ZjPWj1PKAAodG
VmI2nlYvimxYxxslCCihn0xxDXxAcNwVIfCmCPazhIdfdYOjTg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:32 2025 by rpki-client