Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08648cfd-d5cb-4480-92d0-084369ff8b4d.roa
File: 08648cfd-d5cb-4480-92d0-084369ff8b4d.roa (raw, json)
Hash identifier: mwgh7mSvy+FfrlhCEXBAMRwTHeG9bBJSZwiZT09rnpk=
Subject key identifier: DE:D0:2E:A3:8A:C2:1D:8A:4E:70:99:0B:6E:C2:97:A7:BD:F1:71:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AE28AA058C41FF92C7B374AA1ABC8DBD268AE3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08648cfd-d5cb-4480-92d0-084369ff8b4d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:e2:8a:a0:58:c4:1f:f9:2c:7b:37:4a:a1:ab:c8:db:d2:68:ae:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=006de271a201d4db0ed908dad4614d247e2e1683e0f1b8ac2a77446b3d7104f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:e1:90:9c:ac:79:01:26:33:f7:51:19:1e:
b6:8d:c4:cd:ba:02:88:88:f2:5c:80:45:c5:02:dc:
3e:35:fd:44:e0:e5:7f:14:ad:c0:38:0d:70:8b:17:
07:e0:6c:6e:fa:e1:bd:ac:41:10:13:d4:64:8d:3b:
d1:74:68:b1:8b:e2:c9:c4:55:cd:52:ee:da:e5:49:
4e:9e:b3:6b:03:18:82:ab:11:32:dd:56:55:6e:fb:
c2:28:37:0b:68:52:de:62:09:5e:79:07:56:60:5f:
70:13:a6:ac:1c:2b:22:b5:e6:2e:1b:c0:25:7d:a8:
f7:53:41:e6:de:84:8b:03:2b:a6:cb:fb:58:6a:0b:
6d:a6:75:ef:c6:df:4b:da:56:72:f8:97:6f:05:b3:
10:14:e6:ed:5d:ed:57:35:e1:40:19:21:d7:94:9f:
fb:6d:56:93:9b:f3:de:9e:76:03:55:95:12:5e:a0:
7f:e5:71:6c:5f:d8:b3:64:1c:eb:56:84:b0:f8:73:
96:83:c0:b4:65:cb:05:b1:63:23:c5:33:99:54:6c:
fa:d6:13:dd:9f:25:e2:f1:b3:8c:74:9c:c1:e3:b6:
7c:80:02:8f:70:38:cd:f0:d4:ec:a4:00:e1:ce:3c:
b8:fa:62:d5:72:48:01:b1:9b:1c:09:51:16:be:cb:
39:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D0:2E:A3:8A:C2:1D:8A:4E:70:99:0B:6E:C2:97:A7:BD:F1:71:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08648cfd-d5cb-4480-92d0-084369ff8b4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1040::/46
Signature Algorithm: sha256WithRSAEncryption
49:4e:94:97:cf:33:db:b5:ed:91:d9:ac:0e:93:53:d9:80:f8:
71:5a:90:e0:df:30:82:65:f4:4f:35:4a:f6:36:8d:18:58:2b:
b7:43:9a:ba:3f:33:38:63:ad:a4:71:89:5c:81:bb:66:7e:60:
3e:d3:e3:26:bc:af:2b:4a:bf:b4:42:35:b7:03:92:25:ac:7e:
5f:e5:52:5e:cd:80:88:0f:94:77:44:a0:9b:77:b7:a7:81:2a:
3c:eb:60:fc:a8:65:bc:c9:85:01:39:7b:5d:39:c9:d4:f3:85:
1d:33:99:e6:ee:92:6e:5b:75:30:78:45:91:2f:54:f1:b9:26:
c8:74:49:b8:75:22:db:77:2b:08:69:6a:4e:69:32:f1:e8:a6:
d4:a3:5a:9e:78:91:5e:39:37:ff:72:27:5f:00:b1:36:01:a6:
5e:54:cd:16:8a:1c:ca:8b:73:5f:9e:0b:81:16:ab:60:72:f0:
4a:a6:1e:80:5c:85:3e:de:3c:d3:e3:0d:74:a8:3e:8e:ea:ba:
09:7d:f8:05:ed:0c:05:38:39:b3:e9:9d:47:b7:5b:bd:e7:e7:
4e:42:3f:d5:1a:b3:51:7b:53:04:55:42:5a:68:da:d5:61:f5:
6c:41:4d:77:cc:68:e4:53:3f:e0:33:6b:8b:d4:ff:91:6f:12:
af:90:56:67
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeuKKoFjEH/ksezdKoavI29Jorj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNmRlMjcxYTIwMWQ0ZGIwZWQ5MDhkYWQ0NjE0ZDI0N2UyZTE2ODNlMGYx
YjhhYzJhNzc0NDZiM2Q3MTA0ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFR4ZCcrHkBJjP3URketo3EzboCiIjyXIBFxQLcPjX9RODlfxStwDgNcIsX
B+BsbvrhvaxBEBPUZI070XRosYviycRVzVLu2uVJTp6zawMYgqsRMt1WVW77wig3
C2hS3mIJXnkHVmBfcBOmrBwrIrXmLhvAJX2o91NB5t6EiwMrpsv7WGoLbaZ178bf
S9pWcviXbwWzEBTm7V3tVzXhQBkh15Sf+21Wk5vz3p52A1WVEl6gf+VxbF/Ys2Qc
61aEsPhzloPAtGXLBbFjI8UzmVRs+tYT3Z8l4vGzjHScweO2fIACj3A4zfDU7KQA
4c48uPpi1XJIAbGbHAlRFr7LOVcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTe0C6j
isIdik5wmQtuwpenvfFxKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDg2NDhjZmQtZDVjYi00NDgwLTkyZDAtMDg0MzY5ZmY4YjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
QDANBgkqhkiG9w0BAQsFAAOCAQEASU6Ul88z27XtkdmsDpNT2YD4cVqQ4N8wgmX0
TzVK9jaNGFgrt0Oauj8zOGOtpHGJXIG7Zn5gPtPjJryvK0q/tEI1twOSJax+X+VS
Xs2AiA+Ud0Sgm3e3p4EqPOtg/KhlvMmFATl7XTnJ1POFHTOZ5u6Sblt1MHhFkS9U
8bkmyHRJuHUi23crCGlqTmky8eim1KNanniRXjk3/3InXwCxNgGmXlTNFoocyotz
X54LgRarYHLwSqYegFyFPt480+MNdKg+juq6CX34Be0MBTg5s+mdR7dbvefnTkI/
1RqzUXtTBFVCWmja1WH1bEFNd8xo5FM/4DNri9T/kW8Sr5BWZw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:39 2025 by rpki-client