Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json)
Hash identifier: Y7aqHqD0Xvid+03hnP0TeowzzD7dvDAyGXSo31e+TkM=
Subject key identifier: EC:54:11:23:EB:A2:B8:CC:30:62:15:ED:E7:2B:55:09:C3:CE:8B:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CC8C88BAF864C240A2D083DE67B26999BDF30E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:c8:c8:8b:af:86:4c:24:0a:2d:08:3d:e6:7b:26:99:9b:df:30:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d142769e8c52431fc295f3c3716bef9010f3c7b023ea4f634309c3a03489530a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ac:7f:26:78:fd:ed:b6:19:6b:57:63:70:1a:
72:a6:a7:10:5b:d1:b3:ea:df:c3:ec:07:1b:95:b3:
91:99:c1:83:46:94:0e:0b:89:b2:84:7e:ff:bf:fc:
6d:a3:f8:d5:f7:cb:ff:cd:a9:3f:6a:c4:55:9e:4d:
24:24:11:d2:7f:9e:42:70:71:39:08:b8:2e:f5:07:
08:e7:ad:99:f0:15:7c:9f:ca:1d:0d:db:00:23:d6:
44:5c:39:48:77:69:e9:c5:c5:c3:d5:eb:e3:c1:25:
f1:c8:de:56:d8:a3:51:25:4f:6d:3d:91:5c:bb:01:
70:4e:b7:de:37:07:73:f7:a9:ac:4d:3e:72:d4:64:
96:ab:3e:0e:54:49:e7:45:62:50:a6:9f:fc:95:97:
64:a4:01:02:53:3f:6d:04:b0:f6:06:f4:7a:74:59:
4e:df:d4:a3:18:e9:22:93:eb:5b:f9:fe:25:23:82:
57:75:07:9e:6b:05:56:26:39:24:20:78:d6:92:b7:
eb:14:dd:90:d6:f3:c0:8c:de:f6:16:de:76:5c:4d:
d6:b3:1f:8e:6f:88:45:96:fb:2e:22:c9:58:44:0a:
3f:8e:fd:07:b8:08:d6:7d:41:a1:70:13:23:9a:c3:
17:1d:df:99:bf:60:42:38:c2:b5:14:00:67:6f:bb:
72:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:54:11:23:EB:A2:B8:CC:30:62:15:ED:E7:2B:55:09:C3:CE:8B:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1080::/48
Signature Algorithm: sha256WithRSAEncryption
54:0d:97:a9:fc:b3:ed:35:78:41:5c:6a:4c:63:25:98:1f:f3:
94:9f:85:c1:17:4f:b2:53:b6:29:ca:6b:68:02:56:27:73:ba:
35:a3:a0:ff:f8:1b:e0:d7:40:fb:9d:b7:a4:d1:34:35:35:8a:
96:9c:15:8f:3f:75:26:65:38:b6:4f:95:db:b1:e2:b1:b6:3c:
bc:a5:76:7f:3f:38:c7:ff:d4:65:44:1f:bb:16:ea:bd:c6:55:
45:9c:c1:c0:80:2d:b1:12:9c:ad:c3:c5:9f:13:ef:2b:b1:a6:
62:5f:fc:97:7b:95:47:61:9f:96:8b:98:06:17:1c:d6:ab:85:
de:2c:a6:0d:66:e1:00:42:d1:54:04:5a:8c:37:7d:d2:ad:4b:
39:9e:88:7f:fa:9b:a7:53:4a:c9:7d:09:77:bd:68:d7:7f:12:
39:d7:88:bb:8d:cb:01:65:af:9c:c4:86:24:31:9f:94:5e:f8:
a0:b4:00:73:b1:8f:be:63:f7:0b:22:c3:26:36:b7:d2:c3:31:
18:25:f2:df:86:fb:c3:b7:e8:52:81:28:0e:0d:40:78:b2:ef:
8a:6f:71:49:f1:97:ea:91:97:0c:f7:72:90:80:9f:61:db:ec:
48:53:9d:89:b5:fd:3a:0d:3d:7b:87:e2:e4:06:9a:34:60:34:
49:61:45:f7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXMjIi6+GTCQKLQg95nsmmZvfMOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNDI3NjllOGM1MjQzMWZjMjk1ZjNjMzcxNmJlZjkwMTBmM2M3YjAyM2Vh
NGY2MzQzMDljM2EwMzQ4OTUzMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmsfyZ4/e22GWtXY3AacqanEFvRs+rfw+wHG5WzkZnBg0aUDguJsoR+/7/8
baP41ffL/82pP2rEVZ5NJCQR0n+eQnBxOQi4LvUHCOetmfAVfJ/KHQ3bACPWRFw5
SHdp6cXFw9Xr48El8cjeVtijUSVPbT2RXLsBcE633jcHc/eprE0+ctRklqs+DlRJ
50ViUKaf/JWXZKQBAlM/bQSw9gb0enRZTt/UoxjpIpPrW/n+JSOCV3UHnmsFViY5
JCB41pK36xTdkNbzwIze9hbedlxN1rMfjm+IRZb7LiLJWEQKP479B7gI1n1BoXAT
I5rDFx3fmb9gQjjCtRQAZ2+7csMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTsVBEj
66K4zDBiFe3nK1UJw86LVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAVA2Xqfyz7TV4QVxqTGMlmB/zlJ+FwRdPslO2
KcpraAJWJ3O6NaOg//gb4NdA+523pNE0NTWKlpwVjz91JmU4tk+V27HisbY8vKV2
fz84x//UZUQfuxbqvcZVRZzBwIAtsRKcrcPFnxPvK7GmYl/8l3uVR2GflouYBhcc
1quF3iymDWbhAELRVARajDd90q1LOZ6If/qbp1NKyX0Jd71o138SOdeIu43LAWWv
nMSGJDGflF74oLQAc7GPvmP3CyLDJja30sMxGCXy34b7w7foUoEoDg1AeLLvim9x
SfGX6pGXDPdykICfYdvsSFOdibX9Og09e4fi5AaaNGA0SWFF9w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:36 2025 by rpki-client