Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
File: 14a1cb35-92d7-4bc2-854c-094a3829c73e.roa (raw, json)
Hash identifier: WUi7uqliXlfa8h54HSSrAkY7T75J9opLY7xsAfRs4iE=
Subject key identifier: A8:55:92:C9:4C:43:34:99:28:6C:CD:05:8E:FF:17:F4:7F:29:30:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 405A874399AA1B1FDCEE68F83C04B47038D056E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:5a:87:43:99:aa:1b:1f:dc:ee:68:f8:3c:04:b4:70:38:d0:56:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=72e81dbe586f72e81ca163e24b77ad5077829a9b957f7c8f633089cdc31ace93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d8:18:7b:be:0d:d0:24:09:cb:c8:b0:c4:28:
ac:11:94:c1:22:5a:c2:67:f2:29:6e:29:37:6d:1f:
b5:db:82:3c:41:3b:e6:eb:49:dc:8d:26:10:ea:4c:
c2:f4:d9:28:01:a6:18:36:9a:58:1b:2c:1b:bb:73:
80:25:cc:60:c3:b6:29:22:11:45:e0:30:a8:75:b5:
ca:8f:1f:0e:96:ba:63:69:b1:1c:d4:ab:90:27:f0:
dc:bf:b6:5f:b4:ad:5d:75:c4:02:74:bd:05:12:83:
6d:06:3e:8a:24:d3:3d:62:f8:d2:fd:04:fe:71:cc:
9c:01:38:97:d7:d4:47:95:6f:e8:f9:b4:f2:84:9d:
0d:8d:2a:d6:b2:3a:c0:c1:ed:25:5a:55:43:11:d7:
d8:2c:f7:7b:38:eb:9b:a2:b9:3a:ea:aa:67:32:68:
bd:bf:d3:63:9b:1f:a1:d0:d9:29:2f:8f:91:74:1d:
08:72:f7:57:08:ef:69:ee:66:f0:1d:ce:60:b0:36:
62:1f:51:63:f2:8a:a7:26:b0:de:71:c8:3b:03:fd:
83:36:0a:10:40:9a:dd:53:fa:e4:19:52:ab:dd:ae:
0f:b9:a7:7b:29:7b:a6:76:73:ee:78:ff:3d:f1:4d:
24:6e:e1:fb:bc:e8:2a:c4:c5:f4:99:76:2a:b6:fc:
22:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:55:92:C9:4C:43:34:99:28:6C:CD:05:8E:FF:17:F4:7F:29:30:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8040::/48
Signature Algorithm: sha256WithRSAEncryption
45:bd:1e:50:ef:5e:98:00:9d:83:cc:01:16:41:37:f9:6e:20:
c7:6e:4c:79:5d:96:55:7a:3a:fb:93:11:d5:a2:fe:91:a6:94:
24:0e:23:b9:c4:ab:2d:85:5d:e3:38:7f:dc:4f:e8:ff:9f:85:
fd:65:75:f4:b4:00:ab:74:6f:c9:ee:92:00:4b:20:6c:42:d6:
cc:ae:c5:5c:ea:47:be:8f:22:6d:86:34:df:79:43:36:88:e5:
37:c2:4c:1f:61:da:dc:cf:ff:56:6b:68:d8:a3:a0:dc:98:f7:
6e:be:56:d0:9b:c2:22:c6:a2:d0:e9:e6:40:ef:1d:b2:d0:94:
24:5e:d1:74:0c:bb:4d:18:80:19:6a:97:c9:64:26:93:2f:7b:
28:1d:47:8e:19:d0:28:bf:4e:21:71:b7:ea:47:ca:06:35:cb:
a6:d5:e5:6b:c8:fd:b1:f5:40:8f:62:17:f4:98:5b:30:4c:90:
3a:c8:ec:be:28:d8:74:19:43:8f:c6:25:fd:77:06:08:13:da:
68:e8:81:c9:c6:8a:e7:44:6f:9d:b5:11:b2:ba:b6:9a:fe:52:
84:2b:11:cf:b2:66:97:fd:b6:61:be:d2:04:5d:d3:de:37:de:
5c:df:85:94:b6:9a:e7:82:93:0b:79:9f:c1:a4:0f:cc:1f:28:
a4:ba:45:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQFqHQ5mqGx/c7mj4PAS0cDjQVuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZTgxZGJlNTg2ZjcyZTgxY2ExNjNlMjRiNzdhZDUwNzc4MjlhOWI5NTdm
N2M4ZjYzMzA4OWNkYzMxYWNlOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHYGHu+DdAkCcvIsMQorBGUwSJawmfyKW4pN20ftduCPEE75utJ3I0mEOpM
wvTZKAGmGDaaWBssG7tzgCXMYMO2KSIRReAwqHW1yo8fDpa6Y2mxHNSrkCfw3L+2
X7StXXXEAnS9BRKDbQY+iiTTPWL40v0E/nHMnAE4l9fUR5Vv6Pm08oSdDY0q1rI6
wMHtJVpVQxHX2Cz3ezjrm6K5OuqqZzJovb/TY5sfodDZKS+PkXQdCHL3Vwjvae5m
8B3OYLA2Yh9RY/KKpyaw3nHIOwP9gzYKEECa3VP65BlSq92uD7mneyl7pnZz7nj/
PfFNJG7h+7zoKsTF9Jl2Krb8IiUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSoVZLJ
TEM0mShszQWO/xf0fykw6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRhMWNiMzUtOTJkNy00YmMyLTg1NGMtMDk0YTM4MjljNzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
QDANBgkqhkiG9w0BAQsFAAOCAQEARb0eUO9emACdg8wBFkE3+W4gx25MeV2WVXo6
+5MR1aL+kaaUJA4jucSrLYVd4zh/3E/o/5+F/WV19LQAq3Rvye6SAEsgbELWzK7F
XOpHvo8ibYY033lDNojlN8JMH2Ha3M//Vmto2KOg3Jj3br5W0JvCIsai0OnmQO8d
stCUJF7RdAy7TRiAGWqXyWQmky97KB1HjhnQKL9OIXG36kfKBjXLptXla8j9sfVA
j2IX9JhbMEyQOsjsvijYdBlDj8Yl/XcGCBPaaOiBycaK50RvnbURsrq2mv5ShCsR
z7Jml/22Yb7SBF3T3jfeXN+FlLaa54KTC3mfwaQPzB8opLpFcQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:52 2025 by rpki-client