Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: lxY3cilybUtkUM/TT3uYpfCYAeVmxlAfNJYvuaKcwpY=
Subject key identifier: 5A:CD:AB:DB:38:E3:8D:CE:FB:26:53:E1:72:71:B5:9D:B6:5A:7B:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 163DB8A87C3C40B3C0C90E1A0273BFDF55CFF0B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:3d:b8:a8:7c:3c:40:b3:c0:c9:0e:1a:02:73:bf:df:55:cf:f0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=df5b7b86d2fd9ad7a517e0f0bbb725b8b693e1c4596e40b7d2ec30cb0f497fb7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:38:80:5a:9b:7b:9b:8e:53:62:a1:e1:eb:df:
d2:fd:aa:a1:aa:69:3d:91:57:2d:68:d6:76:13:96:
c7:e3:fb:31:5b:58:1f:26:35:95:87:4d:e7:d0:55:
55:0a:67:a2:f8:f0:c1:b6:29:76:0b:74:54:cc:89:
1e:aa:42:0d:b0:93:45:56:bd:82:72:9b:84:3f:e6:
12:d2:ad:02:52:83:a2:f0:3b:66:ea:05:f2:67:e8:
4b:bc:93:2b:cc:e9:a2:b4:e0:2c:be:8d:18:4f:83:
98:20:18:d8:28:e7:b3:67:d1:84:7e:84:3c:33:be:
ef:36:c2:19:71:34:df:69:d4:c6:75:9b:91:30:0d:
2a:a3:e1:f3:e6:40:75:d4:45:a2:a3:7b:1c:4f:23:
e4:1e:44:81:f8:fe:f9:0e:8e:3b:ba:27:68:d3:a9:
6f:68:c1:48:02:b9:43:6b:0c:23:5f:ea:8f:8b:8a:
29:6b:ac:28:0e:3b:3c:a6:5c:e2:9c:ed:2a:ca:72:
eb:9d:2f:d0:8a:64:67:e0:d6:df:a5:d6:4c:1d:e9:
b1:0d:3e:88:a4:1f:ef:d0:22:e4:28:00:a7:81:3f:
30:b4:21:da:f7:19:fb:9a:34:e7:78:f7:97:8b:ec:
54:64:a4:eb:8d:4f:bb:e3:e1:78:38:20:b2:e0:b0:
7a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CD:AB:DB:38:E3:8D:CE:FB:26:53:E1:72:71:B5:9D:B6:5A:7B:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
7a:ad:8a:78:b3:a6:11:60:e3:f4:ed:c1:af:d8:8c:8d:b2:cb:
53:c8:82:76:38:d1:f9:bb:43:6e:88:c5:06:74:30:f8:21:7f:
1a:ed:46:ea:76:7f:a0:e0:d7:42:cf:bf:a8:7e:75:14:32:9f:
56:24:80:6f:df:84:2f:29:d6:aa:1d:26:69:57:dc:e6:64:02:
67:bd:5f:17:f0:ee:1c:28:a2:ab:4e:0b:c4:8c:f2:04:ac:2c:
3b:0a:f3:f2:41:56:01:d1:4d:cc:ee:05:28:e4:29:72:da:2f:
09:22:5b:83:ff:da:81:4d:3e:40:e2:94:2e:8c:f9:81:2e:7f:
d2:f3:24:12:4b:7f:ac:e5:29:ee:50:2d:3a:f2:67:51:c6:23:
4f:31:25:1f:f5:13:e4:58:03:d3:d0:a6:9c:9b:ef:6d:b4:55:
11:1d:79:ac:31:e1:c8:5c:15:26:e8:36:04:2c:e1:8d:88:bf:
21:d2:f4:be:42:d6:80:5d:fc:73:7f:e6:e1:64:47:07:6d:ed:
46:72:cb:f2:04:4b:34:cb:6c:ab:e8:7d:1f:2a:15:19:7c:9f:
11:de:93:10:b6:19:13:ed:df:9c:27:fe:64:7c:ca:a8:92:1e:
51:b9:e3:d0:cd:d7:8a:d7:48:76:ef:49:cd:f5:6c:87:32:87:
10:2b:a6:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFj24qHw8QLPAyQ4aAnO/31XP8LkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmNWI3Yjg2ZDJmZDlhZDdhNTE3ZTBmMGJiYjcyNWI4YjY5M2UxYzQ1OTZl
NDBiN2QyZWMzMGNiMGY0OTdmYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ84gFqbe5uOU2Kh4evf0v2qoappPZFXLWjWdhOWx+P7MVtYHyY1lYdN59BV
VQpnovjwwbYpdgt0VMyJHqpCDbCTRVa9gnKbhD/mEtKtAlKDovA7ZuoF8mfoS7yT
K8zporTgLL6NGE+DmCAY2Cjns2fRhH6EPDO+7zbCGXE032nUxnWbkTANKqPh8+ZA
ddRFoqN7HE8j5B5Egfj++Q6OO7onaNOpb2jBSAK5Q2sMI1/qj4uKKWusKA47PKZc
4pztKspy650v0IpkZ+DW36XWTB3psQ0+iKQf79Ai5CgAp4E/MLQh2vcZ+5o053j3
l4vsVGSk641Pu+PheDggsuCwegMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRazavb
OOONzvsmU+FycbWdtlp7tTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAeq2KeLOmEWDj9O3Br9iMjbLLU8iCdjjR+btD
bojFBnQw+CF/Gu1G6nZ/oODXQs+/qH51FDKfViSAb9+ELynWqh0maVfc5mQCZ71f
F/DuHCiiq04LxIzyBKwsOwrz8kFWAdFNzO4FKOQpctovCSJbg//agU0+QOKULoz5
gS5/0vMkEkt/rOUp7lAtOvJnUcYjTzElH/UT5FgD09CmnJvvbbRVER15rDHhyFwV
Jug2BCzhjYi/IdL0vkLWgF38c3/m4WRHB23tRnLL8gRLNMtsq+h9HyoVGXyfEd6T
ELYZE+3fnCf+ZHzKqJIeUbnj0M3XitdIdu9JzfVshzKHECumuA==
-----END CERTIFICATE-----
Generated at Fri May 2 15:43:17 2025 by rpki-client