Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa
File: 10aa39be-4f99-4b39-b428-f034a0b57d69.roa (raw, json)
Hash identifier: v78kSMWkV8EvfCl5bKNxW9QhZ7I2VuyuU5P0rzEw8X4=
Subject key identifier: C0:0B:97:37:B3:34:46:7E:F8:B3:27:B8:C9:32:92:B5:46:AF:D0:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DE89324BB2EF8EA7172F83B6A686CF3F4AD1F41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:b000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:e8:93:24:bb:2e:f8:ea:71:72:f8:3b:6a:68:6c:f3:f4:ad:1f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=efb0ff119cbd87be9b731daeca745f3e837a94bc30a9c5ae5ae8a5e50831b185, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:6d:8b:38:81:d1:18:33:47:c7:fb:f6:db:
7f:44:0a:48:e7:51:f4:e2:fe:99:c3:7a:d4:49:70:
5d:cf:c0:de:72:0c:6b:dd:2f:8a:e7:92:cc:78:85:
bf:5b:66:a5:d6:86:ec:03:8e:eb:93:c0:17:b1:03:
82:98:bc:50:51:06:e7:fe:f8:ce:90:66:cb:50:f5:
19:84:12:af:16:55:36:46:ca:35:a5:ea:60:18:4d:
41:c9:0a:d5:98:8e:5f:37:fd:de:cb:0b:69:c4:89:
66:70:68:09:8e:19:d2:06:0c:21:ff:a0:e4:2b:6f:
dd:d5:08:cc:f4:6a:2f:45:00:86:ed:0d:17:3c:94:
bf:50:1c:25:b9:14:b7:c6:c0:70:c7:5b:a7:0d:f1:
e8:43:4f:00:7a:48:26:56:47:b1:66:44:6a:16:ac:
62:aa:02:bc:7e:48:4c:bf:0b:1d:11:68:c6:0e:0d:
15:06:fc:2c:c4:27:5a:ee:11:00:e4:7c:0f:33:a4:
79:9b:74:0a:3a:85:d9:69:b6:c7:ae:51:f1:9a:aa:
fa:3f:8e:f3:73:90:6a:b7:37:44:ca:8e:13:c7:e0:
2a:57:29:a6:eb:19:1b:af:06:62:98:f7:02:a7:5b:
7d:91:97:7c:91:a0:8d:31:a6:cf:48:15:41:b1:1d:
f7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0B:97:37:B3:34:46:7E:F8:B3:27:B8:C9:32:92:B5:46:AF:D0:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:b000::/40
Signature Algorithm: sha256WithRSAEncryption
28:23:59:54:fa:23:45:fb:0a:9a:46:41:7d:ff:82:c3:38:d6:
2c:6c:0a:20:ff:32:dd:93:b9:0c:68:24:dc:55:2b:b0:eb:61:
e0:a4:bf:e3:1c:15:ce:cb:b5:fd:61:65:41:b3:a4:e7:4c:b6:
e8:27:0c:de:7d:d3:6b:bb:de:4b:bc:3d:21:ac:6f:2e:62:58:
c5:4b:c4:fd:6d:93:67:27:ff:b3:9e:ed:d2:f1:0f:ef:12:68:
8e:b2:fc:06:4b:bb:ed:c1:4c:2d:4c:98:2f:69:10:a2:bc:34:
28:b9:27:66:6c:de:ac:6b:1f:0c:86:30:e8:9f:d6:a4:9d:47:
12:31:bc:35:12:12:3c:26:ae:25:91:72:af:e2:30:36:3b:0d:
53:2f:b6:3d:8b:21:fb:26:30:7a:a2:2b:01:5d:c7:c3:dd:45:
ea:a8:fe:4b:8d:dd:51:39:32:bc:d6:ae:51:e3:16:d9:8e:d6:
90:54:67:5d:5e:69:e2:46:a2:61:20:a6:38:08:62:6f:d7:b2:
da:05:b3:d5:fb:2c:c6:1e:da:87:f8:f8:e6:33:fd:9a:09:93:
93:6f:2c:b8:47:78:77:35:6a:5a:78:bf:2c:31:1f:c7:01:8a:
f4:9f:b9:f2:f0:35:14:24:0f:67:01:ca:1e:45:5b:39:42:e6:
1a:46:e5:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULeiTJLsu+Opxcvg7amhs8/StH0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmYjBmZjExOWNiZDg3YmU5YjczMWRhZWNhNzQ1ZjNlODM3YTk0YmMzMGE5
YzVhZTVhZThhNWU1MDgzMWIxODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNIbYs4gdEYM0fH+/bbf0QKSOdR9OL+mcN61ElwXc/A3nIMa90viueSzHiF
v1tmpdaG7AOO65PAF7EDgpi8UFEG5/74zpBmy1D1GYQSrxZVNkbKNaXqYBhNQckK
1ZiOXzf93ssLacSJZnBoCY4Z0gYMIf+g5Ctv3dUIzPRqL0UAhu0NFzyUv1AcJbkU
t8bAcMdbpw3x6ENPAHpIJlZHsWZEahasYqoCvH5ITL8LHRFoxg4NFQb8LMQnWu4R
AOR8DzOkeZt0CjqF2Wm2x65R8Zqq+j+O83OQarc3RMqOE8fgKlcppusZG68GYpj3
AqdbfZGXfJGgjTGmz0gVQbEd9zsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAC5c3
szRGfvizJ7jJMpK1Rq/QFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBhYTM5YmUtNGY5OS00YjM5LWI0MjgtZjAzNGEwYjU3ZDY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACw
MA0GCSqGSIb3DQEBCwUAA4IBAQAoI1lU+iNF+wqaRkF9/4LDONYsbAog/zLdk7kM
aCTcVSuw62HgpL/jHBXOy7X9YWVBs6TnTLboJwzefdNru95LvD0hrG8uYljFS8T9
bZNnJ/+znu3S8Q/vEmiOsvwGS7vtwUwtTJgvaRCivDQouSdmbN6sax8MhjDon9ak
nUcSMbw1EhI8Jq4lkXKv4jA2Ow1TL7Y9iyH7JjB6oisBXcfD3UXqqP5Ljd1ROTK8
1q5R4xbZjtaQVGddXmniRqJhIKY4CGJv17LaBbPV+yzGHtqH+PjmM/2aCZOTbyy4
R3h3NWpaeL8sMR/HAYr0n7ny8DUUJA9nAcoeRVs5QuYaRuUa
-----END CERTIFICATE-----
Generated at Fri May 2 16:39:05 2025 by rpki-client