Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
File: 14c60b75-8947-47da-9c6d-7045cbbbea55.roa (raw, json)
Hash identifier: sdVJD/V8wFH4vgvsnqH6lu+ZPNYYFJ48JZlnZDeOAMs=
Subject key identifier: 7E:9D:BC:F9:88:B2:50:D8:14:80:E1:9A:29:F5:8A:4F:25:1D:18:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 011EBD4851BA986741F3172EA9FFF5DB6FBD0F9C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
Signing time: Fri 17 Jan 2025 00:00:00 +0000
ROA not before: Fri 17 Jan 2025 00:00:00 +0000
ROA not after: Fri 21 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:1e:bd:48:51:ba:98:67:41:f3:17:2e:a9:ff:f5:db:6f:bd:0f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 17 00:00:00 2025 GMT
Not After : Feb 21 23:59:59 2025 GMT
Subject: serialNumber=b4e4254b43fd07dbb0dc332d6c3a39a4ae11a6c1c5495d53f50aaadd418912f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:57:e7:86:46:97:fb:b5:62:35:57:1b:a0:
8d:18:1f:4c:62:60:94:70:33:17:6e:3f:d5:f7:77:
bc:7f:e3:f0:29:a9:2d:5b:f3:65:22:01:a2:cb:04:
d6:45:3d:e1:cb:15:0c:39:dc:8f:18:48:04:8f:a2:
94:d7:be:68:40:ac:ce:0c:5a:c3:56:bf:52:ea:ba:
8c:19:fe:68:f4:b0:aa:c8:c4:02:2c:00:2f:e8:09:
62:90:96:af:11:68:3b:eb:f3:d9:53:38:5c:1f:d2:
88:90:c6:00:d8:73:7e:e3:86:7a:33:bb:43:bc:2d:
b7:7f:21:3c:08:6a:32:26:33:60:1c:6b:03:81:27:
93:b9:f4:0c:12:0b:2e:ee:82:9e:8e:e3:11:c9:3a:
56:c3:67:9f:62:88:3f:8b:3c:71:c5:83:f1:d7:a0:
78:a0:9f:f5:7c:ae:1c:fa:a0:6d:82:b0:bb:3c:eb:
0d:b6:ab:6b:07:c2:20:b2:72:1c:5f:b8:af:a4:54:
41:11:29:f2:4f:e0:84:c8:ac:bb:7e:bc:25:2a:0e:
ef:7d:c6:10:bf:44:8f:0e:4f:c4:c1:dc:d0:18:3e:
fa:a9:e2:b3:8c:1b:be:ae:22:15:f4:ef:b4:f7:a5:
66:44:66:89:a4:ad:92:e2:29:f3:3d:6b:4d:9e:ce:
0f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:9D:BC:F9:88:B2:50:D8:14:80:E1:9A:29:F5:8A:4F:25:1D:18:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
35:b5:57:d8:c5:c2:5a:5f:69:b8:18:77:bd:f0:6f:16:e7:95:
7d:c7:67:00:a2:d8:37:31:ea:9c:79:08:82:b6:17:e1:28:95:
2b:b3:ab:c3:02:ad:a3:d0:22:bc:4e:95:ef:f7:94:79:30:89:
6a:3a:0d:e2:d2:91:99:1b:97:a0:26:7c:41:cc:ff:48:29:2e:
fb:8d:c3:c4:5f:4c:fd:4b:cd:77:06:6c:e6:4f:59:36:ac:b9:
9e:cd:b4:c7:dd:57:31:63:cc:05:94:9f:84:a9:00:b2:20:6b:
17:86:c8:56:78:48:d6:71:02:6c:43:06:d5:a2:b4:5b:e3:e1:
8d:47:10:7b:23:b9:dc:97:fc:cb:5d:e1:16:10:95:4c:06:2b:
00:56:9d:22:e0:d5:20:3d:d2:f7:bd:a6:08:83:92:27:c2:32:
c5:32:46:71:95:5a:bf:a0:48:dc:da:e9:af:c3:eb:8c:77:4c:
f4:c0:5d:1c:2b:24:49:c8:66:43:e0:54:17:e7:50:a9:97:8f:
75:0e:ba:d3:af:d5:f1:70:d3:d1:13:38:01:24:d2:2e:ff:51:
c1:5f:f3:14:8c:d8:b2:db:17:10:b6:d4:19:41:11:4c:77:3e:
f4:62:ec:f6:bd:0f:4a:0d:f0:8f:b6:62:0f:d5:30:30:57:55:
a9:a8:52:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAR69SFG6mGdB8xcuqf/122+9D5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTcwMDAwMDBaFw0yNTAyMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZTQyNTRiNDNmZDA3ZGJiMGRjMzMyZDZjM2EzOWE0YWUxMWE2YzFjNTQ5
NWQ1M2Y1MGFhYWRkNDE4OTEyZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8fV+eGRpf7tWI1VxugjRgfTGJglHAzF24/1fd3vH/j8CmpLVvzZSIBossE
1kU94csVDDncjxhIBI+ilNe+aECszgxaw1a/Uuq6jBn+aPSwqsjEAiwAL+gJYpCW
rxFoO+vz2VM4XB/SiJDGANhzfuOGejO7Q7wtt38hPAhqMiYzYBxrA4Enk7n0DBIL
Lu6Cno7jEck6VsNnn2KIP4s8ccWD8degeKCf9XyuHPqgbYKwuzzrDbarawfCILJy
HF+4r6RUQREp8k/ghMisu368JSoO733GEL9Ejw5PxMHc0Bg++qnis4wbvq4iFfTv
tPelZkRmiaStkuIp8z1rTZ7OD5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+nbz5
iLJQ2BSA4Zop9YpPJR0YJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRjNjBiNzUtODk0Ny00N2RhLTljNmQtNzA0NWNiYmJlYTU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA1tVfYxcJaX2m4GHe98G8W55V9x2cAotg3Meqc
eQiCthfhKJUrs6vDAq2j0CK8TpXv95R5MIlqOg3i0pGZG5egJnxBzP9IKS77jcPE
X0z9S813BmzmT1k2rLmezbTH3VcxY8wFlJ+EqQCyIGsXhshWeEjWcQJsQwbVorRb
4+GNRxB7I7ncl/zLXeEWEJVMBisAVp0i4NUgPdL3vaYIg5InwjLFMkZxlVq/oEjc
2umvw+uMd0z0wF0cKyRJyGZD4FQX51Cpl491DrrTr9XxcNPREzgBJNIu/1HBX/MU
jNiy2xcQttQZQRFMdz70Yuz2vQ9KDfCPtmIP1TAwV1WpqFLK
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:14 2025 by rpki-client