Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa
File: 117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa (raw, json)
Hash identifier: VV9MJsd4K8T37IwTJcwuUgqdyhojnYF5J9/xhNo7954=
Subject key identifier: 4D:75:DF:02:52:49:1C:E5:8C:04:FA:D6:E2:17:D5:AF:7E:A2:94:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0658D1F983FF59519F82C4B377294D3071EFC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a0c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:58:d1:f9:83:ff:59:51:9f:82:c4:b3:77:29:4d:30:71:ef:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ea8cfd0b9796673d4d01159998c6d508cafd8472f42864defb3b8ba7f1184b96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a5:a4:b2:7d:c0:d4:77:21:f8:86:d1:8e:48:
6c:0d:f8:c8:e6:0f:31:c2:28:28:a2:b8:84:a2:11:
9e:10:84:00:4c:81:e4:02:77:9a:81:41:be:3d:ee:
e1:21:45:d6:6e:dd:1b:95:22:76:36:d4:24:35:85:
cb:5f:8c:25:77:a6:f1:29:b5:70:37:be:03:58:0b:
52:4a:ac:b2:d6:48:5f:85:4d:21:f3:9a:c2:72:b7:
23:46:70:d2:15:f1:fd:58:b2:ba:b2:d0:2a:e6:59:
d6:4b:f9:93:ac:f7:b4:12:8c:3a:30:6b:1e:bb:b3:
3b:fd:8d:b3:a6:20:69:19:5a:7e:c3:5a:62:7d:44:
ea:b1:1d:e3:04:b6:a5:3a:1b:95:fe:f3:3d:82:d5:
41:2a:70:7f:dc:27:aa:4d:b2:59:31:63:8a:aa:49:
11:a0:7d:6a:40:a6:b1:67:63:8e:61:95:33:9f:19:
9d:7e:ea:13:de:6a:10:7a:92:83:a1:9f:d4:7a:7f:
02:19:0e:98:b5:28:10:4c:40:f2:4c:b1:8d:cb:bb:
20:ee:0a:d8:75:4d:6b:68:57:d9:81:9b:91:de:8f:
38:f9:5f:70:95:c1:19:87:69:98:cb:45:59:bc:cd:
9f:f2:56:16:a7:39:b3:2b:75:5c:4f:c5:41:35:fe:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:75:DF:02:52:49:1C:E5:8C:04:FA:D6:E2:17:D5:AF:7E:A2:94:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
41:7c:a8:33:50:48:99:bd:dc:98:cb:49:1c:a4:36:dc:62:bc:
a2:ac:53:a2:9d:13:b0:c3:a7:67:ce:aa:ca:b4:9c:f9:9b:0b:
0b:b5:7e:ec:5c:1b:2a:e2:65:07:98:38:cd:4a:de:eb:9c:57:
a4:e1:0f:d3:bc:72:13:c1:d2:63:00:a9:9d:83:1c:f3:98:34:
ff:ff:49:98:65:b3:96:f6:9a:ff:15:21:1f:b1:ea:7d:5f:22:
0b:35:10:1f:e7:25:06:15:61:05:30:30:04:6b:fd:52:0d:2b:
94:95:81:79:a3:84:86:27:10:ce:4a:db:51:7c:28:45:18:89:
f5:f9:71:c5:74:c5:81:8f:7f:8b:6e:4e:1d:90:e8:60:8d:11:
62:d2:3c:64:6a:4f:06:1b:3f:60:e4:2d:f0:1f:d5:fd:f7:d2:
8f:71:a8:88:f6:94:96:80:bb:e6:36:06:4d:55:96:7d:99:1f:
c8:71:89:db:6c:14:7c:fd:79:f5:bc:93:fc:bc:f7:7d:2a:1a:
2f:46:30:3c:13:ef:b9:ca:07:2a:5a:28:63:63:15:87:18:1f:
b5:65:c3:73:fb:7d:af:40:92:0c:98:86:86:f4:63:51:b9:d8:
3c:0a:d2:7f:19:12:4a:cb:c6:a2:d6:ee:e0:8f:60:34:bf:2c:
4a:5b:fb:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITBljR+YP/WVGfgsSzdylNMHHvwjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDEwODAwMDAwMFoXDTI1MDIxMjIzNTk1OVowejFJMEcGA1UE
BRNAZWE4Y2ZkMGI5Nzk2NjczZDRkMDExNTk5OThjNmQ1MDhjYWZkODQ3MmY0Mjg2
NGRlZmIzYjhiYTdmMTE4NGI5NjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1KWksn3A1Hch+IbRjkhsDfjI5g8xwigooriEohGeEIQATIHkAneagUG+Pe7h
IUXWbt0blSJ2NtQkNYXLX4wld6bxKbVwN74DWAtSSqyy1khfhU0h85rCcrcjRnDS
FfH9WLK6stAq5lnWS/mTrPe0Eow6MGseu7M7/Y2zpiBpGVp+w1pifUTqsR3jBLal
OhuV/vM9gtVBKnB/3CeqTbJZMWOKqkkRoH1qQKaxZ2OOYZUznxmdfuoT3moQepKD
oZ/Uen8CGQ6YtSgQTEDyTLGNy7sg7grYdU1raFfZgZuR3o84+V9wlcEZh2mYy0VZ
vM2f8lYWpzmzK3VcT8VBNf505wIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFE113wJS
SRzljAT61uIX1a9+opSQMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8x
MTdmNmUyZS0yY2ZhLTRhYWYtOWE1Yy05N2QxOWYxZTI0ZGIucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgXQd6DA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBfKgzUEiZvdyYy0kcpDbcYryirFOinROww6dn
zqrKtJz5mwsLtX7sXBsq4mUHmDjNSt7rnFek4Q/TvHITwdJjAKmdgxzzmDT//0mY
ZbOW9pr/FSEfsep9XyILNRAf5yUGFWEFMDAEa/1SDSuUlYF5o4SGJxDOSttRfChF
GIn1+XHFdMWBj3+Lbk4dkOhgjRFi0jxkak8GGz9g5C3wH9X999KPcaiI9pSWgLvm
NgZNVZZ9mR/IcYnbbBR8/Xn1vJP8vPd9KhovRjA8E++5ygcqWihjYxWHGB+1ZcNz
+32vQJIMmIaG9GNRudg8CtJ/GRJKy8ai1u7gj2A0vyxKW/s5
-----END CERTIFICATE-----
Generated at Fri May 2 15:54:08 2025 by rpki-client