Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09184572-5eb8-4abb-8e0f-53e9c90e9035.roa
File: 09184572-5eb8-4abb-8e0f-53e9c90e9035.roa (raw, json)
Hash identifier: 7YwcDeT2OC/MPI9Ul9xysYL5v4BdwxA2FVluZO2/1z8=
Subject key identifier: 2B:0F:EE:AA:97:04:68:87:77:84:05:B1:9E:B6:FD:D3:B3:FA:F7:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74010F222885FDC2236E802874899539226D04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09184572-5eb8-4abb-8e0f-53e9c90e9035.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:01:0f:22:28:85:fd:c2:23:6e:80:28:74:89:95:39:22:6d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=306b2433a6ea266537e316fe3328db53724e77e493fc7af5fbc877188a4f9c27, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:12:64:c2:ea:79:86:99:2e:f5:8f:44:a2:
a4:61:50:62:59:b2:cc:02:57:77:d6:aa:97:31:d7:
b0:78:31:9f:62:1e:d0:10:19:a0:18:14:77:3c:26:
dd:53:da:e3:bc:f0:12:80:c9:db:f5:f9:a1:d3:cd:
f6:25:ff:0e:c2:85:00:47:01:87:ff:00:4a:39:68:
04:60:d5:16:85:84:a8:97:57:2d:67:16:a8:57:e3:
17:23:d5:fc:42:f7:c7:58:33:b3:55:54:1e:af:40:
dc:45:79:81:46:c5:5b:06:10:ee:3d:dd:e5:96:11:
43:f5:7b:29:26:03:9f:be:f9:b8:51:35:6d:88:c1:
08:09:c7:48:bf:17:cf:fa:c7:2c:32:96:76:96:1c:
c4:19:1b:a4:11:ca:97:29:ac:93:72:59:27:cd:a1:
81:14:ac:28:a1:01:a3:03:6a:0a:fc:fd:d3:de:5d:
dd:ad:82:84:db:10:67:61:5d:e1:6d:5f:b9:1a:6b:
bc:6b:31:b6:2d:b5:5b:15:f6:98:64:e6:58:5d:06:
9d:8b:87:0b:63:1e:c5:15:e9:d7:7d:c0:88:fe:bd:
85:85:41:d0:97:69:b2:66:59:53:d5:23:60:34:52:
56:48:fd:3e:6b:bd:b1:40:f1:fb:fa:a8:48:cb:58:
9a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0F:EE:AA:97:04:68:87:77:84:05:B1:9E:B6:FD:D3:B3:FA:F7:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09184572-5eb8-4abb-8e0f-53e9c90e9035.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:c0:d6:3a:41:83:39:dc:b1:84:98:32:6b:82:d9:f5:0a:67:
07:08:3f:ba:60:9a:e1:d2:0d:c1:01:54:39:91:ef:ac:45:fc:
19:55:7e:10:95:14:5c:77:cd:1f:1b:35:fe:ee:d7:db:a9:cd:
26:16:fb:57:e5:51:41:7b:e6:2e:f1:1f:71:d8:db:4a:5f:47:
f6:56:95:41:1a:80:3b:d4:16:f7:51:e6:52:24:dc:38:c4:cc:
f7:73:ac:86:70:64:99:a0:39:31:5a:92:dc:6f:f8:9c:ae:ec:
07:23:25:93:c5:5e:e0:ef:4f:0c:d3:68:e3:d1:5f:7b:b4:aa:
62:b6:e2:c8:62:5c:34:f2:30:8f:29:8b:45:7c:a8:fe:d4:94:
0e:e4:5f:d7:8d:b5:46:ef:f2:24:82:95:1a:e5:7d:91:b8:c6:
c3:00:5e:78:8d:e7:dd:d2:e3:3d:7b:71:d4:65:73:9c:85:4b:
8b:af:45:ea:5d:5f:02:b6:5f:2f:2c:b8:21:25:71:ed:c5:f3:
32:21:18:77:59:c0:d5:be:05:63:93:69:2d:4f:a2:8c:97:4f:
b8:3f:c6:09:6c:a2:57:e8:21:91:67:5e:64:b0:91:63:7c:79:
f7:93:12:52:a0:9a:23:db:94:c1:46:00:06:cc:e3:d8:58:83:
7f:4d:ec:55
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITdAEPIiiF/cIjboAodImVOSJtBDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDEwODAwMDAwMFoXDTI1MDIxMjIzNTk1OVowejFJMEcGA1UE
BRNAMzA2YjI0MzNhNmVhMjY2NTM3ZTMxNmZlMzMyOGRiNTM3MjRlNzdlNDkzZmM3
YWY1ZmJjODc3MTg4YTRmOWMyNzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqyYSZMLqeYaZLvWPRKKkYVBiWbLMAld31qqXMdeweDGfYh7QEBmgGBR3PCbd
U9rjvPASgMnb9fmh0832Jf8OwoUARwGH/wBKOWgEYNUWhYSol1ctZxaoV+MXI9X8
QvfHWDOzVVQer0DcRXmBRsVbBhDuPd3llhFD9XspJgOfvvm4UTVtiMEICcdIvxfP
+scsMpZ2lhzEGRukEcqXKayTclknzaGBFKwooQGjA2oK/P3T3l3drYKE2xBnYV3h
bV+5Gmu8azG2LbVbFfaYZOZYXQadi4cLYx7FFenXfcCI/r2FhUHQl2myZllT1SNg
NFJWSP0+a72xQPH7+qhIy1iaCQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFCsP7qqX
BGiHd4QFsZ62/dOz+vdVMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8w
OTE4NDU3Mi01ZWI4LTRhYmItOGUwZi01M2U5YzkwZTkwMzUucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQdEAw
DQYJKoZIhvcNAQELBQADggEBAKLA1jpBgzncsYSYMmuC2fUKZwcIP7pgmuHSDcEB
VDmR76xF/BlVfhCVFFx3zR8bNf7u19upzSYW+1flUUF75i7xH3HY20pfR/ZWlUEa
gDvUFvdR5lIk3DjEzPdzrIZwZJmgOTFaktxv+Jyu7AcjJZPFXuDvTwzTaOPRX3u0
qmK24shiXDTyMI8pi0V8qP7UlA7kX9eNtUbv8iSClRrlfZG4xsMAXniN593S4z17
cdRlc5yFS4uvRepdXwK2Xy8suCElce3F8zIhGHdZwNW+BWOTaS1PooyXT7g/xgls
olfoIZFnXmSwkWN8efeTElKgmiPblMFGAAbM49hYg39N7FU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:58 2025 by rpki-client