Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: eOTUQVjmDn9qBFjp/asHuUTgNd21JFQRqGdIiGX9baA=
Subject key identifier: C1:35:6C:88:B5:6B:32:E2:1A:4F:26:99:9E:82:7A:87:30:B0:83:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BDA01D557FD354E43EB92FA9497022B56434EC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:da:01:d5:57:fd:35:4e:43:eb:92:fa:94:97:02:2b:56:43:4e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=af68a7230807fe8d37d81b959feb5bfd1cef28b14250cf5636299f0e1c69adc7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:5a:d3:f2:80:f6:35:80:7c:ff:42:d4:99:
95:4a:80:16:3d:15:1b:42:ca:5f:ad:0a:94:67:4a:
bf:5e:9e:67:63:00:ac:f3:41:29:61:3f:92:4a:f1:
69:b3:72:8b:ec:70:d9:0a:35:34:9c:be:07:3b:9a:
08:00:a5:75:21:20:29:cc:1a:84:48:4d:89:9a:5a:
2e:89:93:e7:74:4d:d2:18:6c:ce:53:b6:02:b6:b4:
5d:0e:9a:04:b2:c7:d5:a3:24:ce:e2:3d:0b:4a:7a:
d3:dd:b9:f9:04:8c:dc:86:34:a3:ca:da:f9:04:01:
cb:b5:37:3d:7a:54:0c:ee:01:24:88:d6:11:8a:a0:
17:af:fd:2e:53:e7:07:c3:3a:bf:0c:e2:6f:54:22:
a7:98:9f:b2:77:4e:e3:66:eb:40:ea:e2:2e:8e:96:
c6:ef:68:0c:51:e7:43:64:a8:59:0a:a3:db:31:ff:
63:2c:cb:b9:1e:ba:70:4f:d7:fc:74:79:9a:0d:d3:
82:51:ef:4f:9b:e2:56:1e:cc:44:3f:81:18:ce:1b:
f0:81:25:17:b6:33:11:7f:63:ff:0e:01:03:b4:ff:
23:89:74:15:ea:38:7b:37:1f:e1:b1:1d:90:1f:10:
69:07:76:77:2f:32:b4:ab:ca:b0:e7:f1:6a:67:3d:
65:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:35:6C:88:B5:6B:32:E2:1A:4F:26:99:9E:82:7A:87:30:B0:83:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
30:f3:23:68:40:0c:b3:e7:44:50:fd:2a:f1:44:11:2d:bf:e6:
c5:c7:69:07:99:9f:e3:e3:6e:cb:39:f4:29:59:dd:8b:8e:0b:
2d:27:77:ef:d3:5c:93:e8:2e:66:b0:d6:98:d8:a7:4d:35:e1:
20:ff:9a:b5:65:e3:eb:24:e1:ba:ff:ff:5b:ee:b4:8b:de:d0:
10:2a:19:c9:76:e5:6e:a7:13:80:ad:1c:40:8f:71:3a:9a:86:
5a:82:2b:8e:2c:5e:1f:dd:7e:30:25:d6:3f:30:a7:2c:b6:4b:
41:6f:47:ff:ae:c1:66:f6:ec:c6:7d:e7:c9:cf:1b:6b:32:0b:
0b:4b:a4:38:d9:37:bc:fa:0e:8f:41:8a:8f:bf:4f:ae:51:c4:
a8:df:0b:c8:d6:00:67:be:7c:8a:37:7c:a7:70:13:0f:04:9f:
e2:11:ba:f7:66:34:ec:11:18:f9:67:75:5d:f2:9a:d7:df:17:
34:b9:a4:d0:1b:26:cb:8d:fa:86:01:13:0e:7e:51:a9:14:a7:
10:7a:ab:59:15:9b:b9:42:2c:89:34:bc:df:a8:4a:96:85:17:
cb:8b:d6:86:97:8a:5d:13:26:a1:79:c1:df:62:15:8d:41:ec:
3d:77:ba:92:87:5f:9c:55:70:d9:6f:a4:9d:29:8a:70:93:36:
d5:6a:07:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK9oB1Vf9NU5D65L6lJcCK1ZDTsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNjhhNzIzMDgwN2ZlOGQzN2Q4MWI5NTlmZWI1YmZkMWNlZjI4YjE0MjUw
Y2Y1NjM2Mjk5ZjBlMWM2OWFkYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6HWtPygPY1gHz/QtSZlUqAFj0VG0LKX60KlGdKv16eZ2MArPNBKWE/kkrx
abNyi+xw2Qo1NJy+BzuaCACldSEgKcwahEhNiZpaLomT53RN0hhszlO2Ara0XQ6a
BLLH1aMkzuI9C0p60925+QSM3IY0o8ra+QQBy7U3PXpUDO4BJIjWEYqgF6/9LlPn
B8M6vwzib1Qip5ifsndO42brQOriLo6Wxu9oDFHnQ2SoWQqj2zH/YyzLuR66cE/X
/HR5mg3TglHvT5viVh7MRD+BGM4b8IElF7YzEX9j/w4BA7T/I4l0Feo4ezcf4bEd
kB8QaQd2dy8ytKvKsOfxamc9ZW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBNWyI
tWsy4hpPJpmegnqHMLCDtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAw8yNoQAyz50RQ/SrxRBEtv+bFx2kHmZ/j427L
OfQpWd2LjgstJ3fv01yT6C5msNaY2KdNNeEg/5q1ZePrJOG6//9b7rSL3tAQKhnJ
duVupxOArRxAj3E6moZagiuOLF4f3X4wJdY/MKcstktBb0f/rsFm9uzGfefJzxtr
MgsLS6Q42Te8+g6PQYqPv0+uUcSo3wvI1gBnvnyKN3yncBMPBJ/iEbr3ZjTsERj5
Z3Vd8prX3xc0uaTQGybLjfqGARMOflGpFKcQeqtZFZu5QiyJNLzfqEqWhRfLi9aG
l4pdEyahecHfYhWNQew9d7qSh1+cVXDZb6SdKYpwkzbVagd3
-----END CERTIFICATE-----
Generated at Fri May 2 16:28:14 2025 by rpki-client