Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
File: 1214f6bc-ac91-4e1b-ac85-14db120d0303.roa (raw, json)
Hash identifier: AwOcz4bC7O2hhXOs1f8Ibl6MKLvgR2KaAUkEh6NlmF0=
Subject key identifier: 1B:32:AC:8C:49:4F:95:E4:01:04:C2:C2:F2:A0:EF:82:0E:8B:FE:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CC975C48C7569C96D31C9DFD5504F6E70B7432A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:c9:75:c4:8c:75:69:c9:6d:31:c9:df:d5:50:4f:6e:70:b7:43:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=aaa78802eb50dac6b766cdc6714e67d20ad62020000d91ebc06f26d5dce7ce43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:58:6c:92:0e:88:ca:65:85:61:fe:7a:4f:4b:
55:31:a0:fa:9c:9e:9a:2f:ff:ab:1c:9b:74:c1:70:
9a:86:27:57:73:24:f3:34:24:19:92:a7:a8:7b:4c:
eb:4d:05:f2:e1:82:7e:eb:28:50:82:1b:0e:83:e4:
7e:3d:8a:0f:fa:1b:ba:4f:31:de:44:ad:07:4e:3a:
73:b7:ee:d5:0d:af:35:c1:89:98:30:26:06:d4:7d:
87:74:b6:b8:1d:c4:31:34:78:95:e9:54:a9:14:94:
f8:d9:b9:35:a5:ee:ff:5f:f3:0b:01:55:c3:b1:b6:
d4:fc:64:ba:22:59:59:dd:33:fa:3a:2f:2a:06:2d:
95:9d:d3:ba:8e:22:67:0a:91:34:08:3c:9d:71:11:
cd:f4:71:84:a5:d3:15:f8:01:54:1b:00:9d:f0:6f:
35:c3:fc:c9:86:05:9b:55:bb:d1:88:d6:ec:b2:9d:
96:62:97:3f:d6:d6:54:76:a6:4d:0d:d8:c6:49:cb:
47:84:e2:12:c7:4d:e7:0e:0e:0f:99:40:9a:88:11:
aa:de:0d:80:25:39:fd:9a:f0:a5:4d:8b:c5:d2:b8:
60:3c:53:60:a4:a6:20:e5:92:a3:79:8e:c4:f2:c0:
1d:c4:47:09:20:ed:56:c6:58:76:4c:62:8d:74:dc:
b9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:32:AC:8C:49:4F:95:E4:01:04:C2:C2:F2:A0:EF:82:0E:8B:FE:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a080::/48
Signature Algorithm: sha256WithRSAEncryption
17:78:d6:4f:9c:cc:5a:2c:bf:75:41:0b:17:e6:3a:e7:b1:5e:
4b:58:4a:54:0e:0e:b7:7e:69:fe:62:f2:36:05:9e:80:d0:fa:
c0:03:f0:86:c8:61:cb:9d:63:1c:d0:3b:d1:8f:96:6d:b9:2d:
11:4e:bb:01:62:b2:08:c3:d9:7b:74:8d:be:f8:53:d5:fe:f8:
58:6a:7c:e2:7e:e7:1c:f3:47:c8:3b:a4:c5:cf:5e:20:d0:9e:
b1:ea:1c:05:78:63:ec:ca:95:b3:49:8c:57:92:96:55:09:49:
24:65:06:b8:07:82:a3:55:23:fc:97:49:52:22:09:06:cd:40:
23:27:03:af:2b:d9:93:9c:eb:47:04:3b:9c:07:09:4c:66:2c:
52:54:60:3f:51:60:a3:e9:4f:b9:7e:ba:36:de:8b:1a:75:f6:
7a:51:d3:8a:c0:c5:37:6e:11:0f:be:2f:75:c4:84:8c:23:8e:
fc:c8:7f:8c:8b:64:5b:80:2c:48:69:f3:68:1c:68:1f:b2:5f:
eb:0b:8c:fe:6a:44:f5:82:53:b8:49:c0:88:e2:9f:f0:5a:74:
e9:b2:97:d4:69:95:11:3d:06:d8:3e:e6:aa:63:26:e9:97:16:
fc:e4:8f:a1:7c:75:2c:3c:91:2e:d9:03:0a:ed:bd:b0:9b:dc:
d6:1f:cb:78
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPMl1xIx1acltMcnf1VBPbnC3QyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhYTc4ODAyZWI1MGRhYzZiNzY2Y2RjNjcxNGU2N2QyMGFkNjIwMjAwMDBk
OTFlYmMwNmYyNmQ1ZGNlN2NlNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdYbJIOiMplhWH+ek9LVTGg+pyemi//qxybdMFwmoYnV3Mk8zQkGZKnqHtM
600F8uGCfusoUIIbDoPkfj2KD/obuk8x3kStB046c7fu1Q2vNcGJmDAmBtR9h3S2
uB3EMTR4lelUqRSU+Nm5NaXu/1/zCwFVw7G21PxkuiJZWd0z+jovKgYtlZ3Tuo4i
ZwqRNAg8nXERzfRxhKXTFfgBVBsAnfBvNcP8yYYFm1W70YjW7LKdlmKXP9bWVHam
TQ3YxknLR4TiEsdN5w4OD5lAmogRqt4NgCU5/ZrwpU2LxdK4YDxTYKSmIOWSo3mO
xPLAHcRHCSDtVsZYdkxijXTcuX0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbMqyM
SU+V5AEEwsLyoO+CDov+7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIxNGY2YmMtYWM5MS00ZTFiLWFjODUtMTRkYjEyMGQwMzAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSg
gDANBgkqhkiG9w0BAQsFAAOCAQEAF3jWT5zMWiy/dUELF+Y657FeS1hKVA4Ot35p
/mLyNgWegND6wAPwhshhy51jHNA70Y+WbbktEU67AWKyCMPZe3SNvvhT1f74WGp8
4n7nHPNHyDukxc9eINCeseocBXhj7MqVs0mMV5KWVQlJJGUGuAeCo1Uj/JdJUiIJ
Bs1AIycDryvZk5zrRwQ7nAcJTGYsUlRgP1Fgo+lPuX66Nt6LGnX2elHTisDFN24R
D74vdcSEjCOO/Mh/jItkW4AsSGnzaBxoH7Jf6wuM/mpE9YJTuEnAiOKf8Fp06bKX
1GmVET0G2D7mqmMm6ZcW/OSPoXx1LDyRLtkDCu29sJvc1h/LeA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:01 2025 by rpki-client