Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15a3a252-e83b-4245-9585-281ac1a7eb4a.roa
File: 15a3a252-e83b-4245-9585-281ac1a7eb4a.roa (raw, json)
Hash identifier: 97XSBG8MPWPUycFy7QOrk5YAPC56EZ7UrPSW2kCGatE=
Subject key identifier: BF:74:67:76:70:A3:A8:33:02:46:A5:E0:FE:0A:77:BA:A3:F5:FA:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C0F8F4381949D712E143AABCB5EACB267489C77
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15a3a252-e83b-4245-9585-281ac1a7eb4a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:40c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:0f:8f:43:81:94:9d:71:2e:14:3a:ab:cb:5e:ac:b2:67:48:9c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6c06dc55b82b78e19a66d27ab20c1805bd30216f98d7a0927340928fe017dff2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:17:c4:fe:77:9b:d7:10:f4:18:fa:f0:b9:3d:
8e:eb:03:c9:6c:26:04:f7:ec:17:84:9f:fa:7c:2f:
ca:ef:fd:9d:88:8f:f0:91:5b:2c:9d:8f:41:4f:b3:
33:15:bb:f4:cf:13:88:08:5b:10:03:7e:a0:28:de:
8b:7f:c3:e3:b9:eb:f1:ed:e5:9c:22:ef:bc:aa:67:
dc:25:a7:03:a4:5c:f9:8f:ca:ed:cc:2a:05:a0:fa:
ed:b2:e6:11:5a:78:1f:68:58:0e:93:03:e5:b0:a5:
a0:9e:4c:a0:14:fb:16:33:a6:58:4b:54:81:36:79:
01:c1:c3:2b:3e:3c:3d:e5:a2:26:95:a9:fc:86:c1:
62:20:b0:27:e8:4d:ff:11:d5:b5:bf:80:8d:0c:3b:
32:4e:40:bc:fc:d7:97:e1:29:85:7b:fd:30:ed:5d:
e1:37:41:92:43:98:66:a5:b4:52:42:1c:20:e3:c9:
d5:d5:e5:f9:2d:f5:de:dc:a6:1c:9c:16:23:aa:de:
41:2d:42:40:57:1c:a8:8a:2b:4f:19:4b:67:05:41:
be:9a:67:cb:a3:be:56:3c:65:e3:87:9e:f4:74:11:
dd:d6:36:0e:5d:6c:a0:c7:5b:9a:40:85:dd:94:4e:
1c:90:fd:36:3c:91:a7:b5:12:45:bc:df:af:67:c4:
7f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:74:67:76:70:A3:A8:33:02:46:A5:E0:FE:0A:77:BA:A3:F5:FA:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15a3a252-e83b-4245-9585-281ac1a7eb4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:84:05:5a:fe:0e:b2:fd:c8:33:11:7c:a2:0d:90:3e:7f:69:
b0:7f:0e:a9:aa:1a:b6:4c:b8:05:7c:bd:8c:f4:b4:c6:55:82:
e4:91:b6:ea:85:9a:5b:c9:98:c8:18:40:1e:66:20:c1:f5:1b:
83:de:f7:f7:81:59:d0:b0:0e:84:18:89:14:bb:f8:c6:c7:8e:
d6:f7:bd:18:cc:77:e6:8d:07:7d:04:86:d2:bc:72:de:48:20:
26:7c:02:e0:bf:b7:f3:92:4a:c6:6d:1e:38:35:6a:83:77:b9:
0f:5b:47:08:78:12:d6:c4:90:ea:f0:a3:85:94:00:70:50:82:
e5:a8:df:98:0d:ef:e8:0a:1b:ca:6e:c0:3e:a4:2e:66:f4:f4:
fe:ca:05:70:1f:8e:87:12:74:22:b1:15:83:51:05:45:e7:33:
57:c1:20:ef:e4:d7:20:82:1f:43:28:c3:b7:cd:b2:53:6b:5b:
7b:b3:e0:d3:9f:d7:4d:4b:4e:21:61:77:fb:c2:3f:35:02:32:
3e:f9:5f:1d:c9:d7:50:88:33:f1:9b:8e:3d:0b:1b:ea:46:98:
a9:0b:d1:d1:6a:f6:43:cb:4c:ca:db:31:17:dd:1c:40:2c:c3:
33:2f:f8:46:6f:4b:0e:e2:e9:29:1e:30:9b:cb:5c:03:65:36:
3e:04:b6:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULA+PQ4GUnXEuFDqry16ssmdInHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjMDZkYzU1YjgyYjc4ZTE5YTY2ZDI3YWIyMGMxODA1YmQzMDIxNmY5OGQ3
YTA5MjczNDA5MjhmZTAxN2RmZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYXxP53m9cQ9Bj68Lk9jusDyWwmBPfsF4Sf+nwvyu/9nYiP8JFbLJ2PQU+z
MxW79M8TiAhbEAN+oCjei3/D47nr8e3lnCLvvKpn3CWnA6Rc+Y/K7cwqBaD67bLm
EVp4H2hYDpMD5bCloJ5MoBT7FjOmWEtUgTZ5AcHDKz48PeWiJpWp/IbBYiCwJ+hN
/xHVtb+AjQw7Mk5AvPzXl+EphXv9MO1d4TdBkkOYZqW0UkIcIOPJ1dXl+S313tym
HJwWI6reQS1CQFccqIorTxlLZwVBvppny6O+Vjxl44ee9HQR3dY2Dl1soMdbmkCF
3ZROHJD9NjyRp7USRbzfr2fEf5cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/dGd2
cKOoMwJGpeD+Cne6o/X64DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVhM2EyNTItZTgzYi00MjQ1LTk1ODUtMjgxYWMxYTdlYjRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRA
wDANBgkqhkiG9w0BAQsFAAOCAQEAmYQFWv4Osv3IMxF8og2QPn9psH8Oqaoatky4
BXy9jPS0xlWC5JG26oWaW8mYyBhAHmYgwfUbg97394FZ0LAOhBiJFLv4xseO1ve9
GMx35o0HfQSG0rxy3kggJnwC4L+385JKxm0eODVqg3e5D1tHCHgS1sSQ6vCjhZQA
cFCC5ajfmA3v6Aobym7APqQuZvT0/soFcB+OhxJ0IrEVg1EFReczV8Eg7+TXIIIf
QyjDt82yU2tbe7Pg05/XTUtOIWF3+8I/NQIyPvlfHcnXUIgz8ZuOPQsb6kaYqQvR
0Wr2Q8tMytsxF90cQCzDMy/4Rm9LDuLpKR4wm8tcA2U2PgS2ZQ==
-----END CERTIFICATE-----
Generated at Fri May 2 20:19:55 2025 by rpki-client