Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json)
Hash identifier: EJqdZ4vzLB788iwWgj8/yUVZzSR5w1Q7Tnp8H87KjL0=
Subject key identifier: 5F:AB:CD:19:96:D2:68:14:EB:F0:39:FD:E0:72:41:FC:E5:50:9C:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7863820A070CCA4BEB80D5706FC2231743F58B89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:800::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:63:82:0a:07:0c:ca:4b:eb:80:d5:70:6f:c2:23:17:43:f5:8b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=4482c62efc0bdeb85b58ddeb13dddd6c8a9f7b4199c1203dc7a206ab2e836d23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c1:ed:28:4b:4c:54:2c:47:4d:73:15:a2:28:
68:00:b2:d7:d8:8c:ab:d8:83:25:d0:c0:d0:99:98:
95:68:9e:3e:a3:35:ca:89:02:c9:11:99:d6:88:23:
51:5f:a3:c1:41:55:d2:15:06:41:ce:92:dd:2d:9e:
0a:68:ff:d8:28:ae:69:82:37:5a:d9:51:9c:f7:d1:
65:d9:43:f8:25:68:2f:4a:fb:6d:9a:51:5c:71:6b:
57:14:30:6b:01:09:bc:49:79:d9:6c:a2:22:b6:e3:
40:0d:80:4a:fb:68:33:58:b1:c2:90:d9:70:15:c5:
cb:0a:4a:d8:a7:e7:64:ba:56:0e:04:8e:63:30:aa:
06:6c:9a:64:eb:32:1f:f8:e7:2e:1f:a8:c8:6d:93:
43:0c:a5:84:e9:85:f8:d9:87:9a:d6:ca:4a:16:09:
08:7e:0b:a1:84:08:79:ed:eb:57:73:d2:68:75:ab:
25:57:ba:a1:c0:c2:96:a9:8a:fb:2c:ec:d2:ef:cd:
36:c4:f9:db:ff:f6:18:36:36:d5:ac:02:48:a1:e4:
5f:5c:0f:d9:5c:86:4c:99:4b:df:d2:a6:34:10:4a:
43:9e:2b:33:a6:62:29:b4:4f:8d:ca:45:75:46:c2:
98:dd:87:35:0d:ae:82:80:fe:3a:ee:03:a3:4c:16:
5c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AB:CD:19:96:D2:68:14:EB:F0:39:FD:E0:72:41:FC:E5:50:9C:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:800::/38
Signature Algorithm: sha256WithRSAEncryption
c4:da:00:b9:20:5f:11:c1:e1:5e:6f:b5:0b:20:a0:93:f1:df:
be:7c:ab:2b:3e:3b:d6:e0:65:bf:3f:f2:8b:96:0b:73:03:86:
84:98:09:f5:db:0d:4a:52:ec:31:48:c9:b8:0f:d5:dc:6f:e5:
11:88:df:db:7c:4c:04:c5:21:13:f8:18:c8:40:eb:2f:82:53:
02:ac:fe:f4:11:30:c3:fd:10:9a:f2:d0:4e:4a:66:ea:8c:4a:
2e:bd:88:6e:14:f5:dc:51:9f:57:72:39:37:53:cf:71:da:b7:
e5:1c:25:c1:6d:25:64:22:dc:d9:08:30:c4:18:7f:dc:95:60:
21:85:6c:42:70:10:bb:d2:cf:b7:9c:20:0d:7b:1c:41:27:2b:
db:73:29:a0:b7:df:23:2e:cf:1b:dc:0e:dc:40:74:be:32:0e:
78:12:c6:94:36:4b:cb:77:a4:26:f0:07:a0:cc:48:a7:0e:ff:
6d:96:75:d9:91:07:39:0e:8d:d1:1d:04:09:5d:82:a2:bc:d4:
a3:c7:00:c1:e5:03:a8:a0:bf:d5:bf:26:ea:45:5d:5a:94:65:
cf:ca:a7:23:e2:e4:02:cf:f2:36:33:d2:01:2f:41:f1:92:ad:
14:4e:8a:ac:6b:eb:85:7c:61:d9:1c:de:df:cc:1c:f3:ab:bb:
5f:92:96:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeGOCCgcMykvrgNVwb8IjF0P1i4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0ODJjNjJlZmMwYmRlYjg1YjU4ZGRlYjEzZGRkZDZjOGE5ZjdiNDE5OWMx
MjAzZGM3YTIwNmFiMmU4MzZkMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnB7ShLTFQsR01zFaIoaACy19iMq9iDJdDA0JmYlWiePqM1yokCyRGZ1ogj
UV+jwUFV0hUGQc6S3S2eCmj/2CiuaYI3WtlRnPfRZdlD+CVoL0r7bZpRXHFrVxQw
awEJvEl52WyiIrbjQA2ASvtoM1ixwpDZcBXFywpK2KfnZLpWDgSOYzCqBmyaZOsy
H/jnLh+oyG2TQwylhOmF+NmHmtbKShYJCH4LoYQIee3rV3PSaHWrJVe6ocDClqmK
+yzs0u/NNsT52//2GDY21awCSKHkX1wP2VyGTJlL39KmNBBKQ54rM6ZiKbRPjcpF
dUbCmN2HNQ2ugoD+Ou4Do0wWXKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfq80Z
ltJoFOvwOf3gckH85VCc4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI
MA0GCSqGSIb3DQEBCwUAA4IBAQDE2gC5IF8RweFeb7ULIKCT8d++fKsrPjvW4GW/
P/KLlgtzA4aEmAn12w1KUuwxSMm4D9Xcb+URiN/bfEwExSET+BjIQOsvglMCrP70
ETDD/RCa8tBOSmbqjEouvYhuFPXcUZ9Xcjk3U89x2rflHCXBbSVkItzZCDDEGH/c
lWAhhWxCcBC70s+3nCANexxBJyvbcymgt98jLs8b3A7cQHS+Mg54EsaUNkvLd6Qm
8AegzEinDv9tlnXZkQc5Do3RHQQJXYKivNSjxwDB5QOooL/VvybqRV1alGXPyqcj
4uQCz/I2M9IBL0Hxkq0UToqsa+uFfGHZHN7fzBzzq7tfkpYy
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:35 2025 by rpki-client