Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
File: 15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa (raw, json)
Hash identifier: ZsEFyXPPC+7tjf8GmG17kLAP/wrADSALbHVRLGlRsJE=
Subject key identifier: 44:07:CA:B6:75:6B:52:F3:7A:B2:57:9D:79:5B:99:53:00:3E:21:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B96F984BEC8E935D056473FC9FCE94D1D7B4C7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:96:f9:84:be:c8:e9:35:d0:56:47:3f:c9:fc:e9:4d:1d:7b:4c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=fde042d33e96e877f1b9652e08ee8e3128f41aa58923afe8fac513e870c987ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:87:99:a5:a7:15:01:4c:39:47:40:fb:a5:0b:
d5:0f:ba:a7:61:35:64:64:eb:28:99:93:7e:dc:0a:
98:95:30:3e:23:09:9f:03:b9:77:8a:34:2e:cf:c7:
85:6b:a0:e5:2d:20:6b:2c:84:f2:7d:f0:8d:cc:81:
72:92:79:1b:f5:35:af:f2:9e:3c:ee:98:7f:0f:e3:
2a:7b:74:2f:a4:f2:44:e5:8e:17:ac:35:1e:b3:c1:
c3:96:be:b4:e6:bd:80:cc:e1:38:25:f8:1e:9c:21:
6f:a4:05:66:fc:25:0f:1b:56:d9:92:dd:c2:b1:f2:
ba:42:1a:ad:47:89:2a:62:5c:e1:ef:fc:b0:f8:e0:
1d:c1:3b:11:77:ad:c7:0e:dd:48:b9:93:d3:bd:fd:
08:3a:29:64:18:7c:8d:56:34:02:76:ba:a7:5a:0c:
31:34:86:68:77:c7:ba:67:d0:53:d1:c1:f5:4f:dc:
38:a1:3e:19:a0:1b:ea:15:8d:a2:31:23:85:89:08:
48:63:71:db:b2:5b:1e:8c:22:bd:a2:5b:a8:5c:43:
00:16:43:f9:02:be:a1:eb:92:2e:64:e9:d1:41:c0:
65:bf:d3:02:15:04:21:0b:e1:35:93:75:09:2e:f8:
a0:b0:cb:aa:72:7e:0d:00:b9:fa:96:07:10:33:17:
1f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:07:CA:B6:75:6B:52:F3:7A:B2:57:9D:79:5B:99:53:00:3E:21:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
32:7b:c4:a4:94:7e:de:0c:cc:1f:90:39:bf:a9:ee:43:9d:d3:
2f:27:bc:b5:c9:d7:96:3e:9e:ab:99:f4:ea:a9:0f:90:c4:e4:
f7:66:10:66:90:bc:e0:a6:3a:aa:94:de:2e:f6:ec:86:a4:1a:
a5:c7:bc:cf:1e:7c:1e:a3:0e:38:7d:78:1a:97:39:ba:36:d8:
58:45:db:70:eb:f7:0d:da:e1:36:a4:2b:25:9a:5e:6e:3b:8a:
d9:39:ce:79:7d:c6:a6:78:35:74:4f:91:50:fc:ba:46:fd:a5:
ce:20:8c:7a:31:dc:6c:5d:e2:f0:40:ee:0e:c9:9b:fb:7e:39:
eb:cf:e0:ea:b3:40:3b:a3:c9:a0:5e:7e:0e:c9:46:82:07:92:
dc:46:8d:e1:6a:8e:34:7f:c9:58:e9:d8:eb:ae:a7:ee:31:9b:
3c:c9:94:a4:ef:86:50:b7:10:2d:4d:dd:25:e3:db:89:95:aa:
b8:6e:77:63:70:7d:f3:bc:a0:02:ce:c6:8c:91:47:ed:98:b2:
2e:52:ae:74:bb:8a:fe:c3:0d:7a:ac:73:34:8b:85:1d:ef:5c:
1b:d5:bd:71:a4:6b:85:40:8c:43:10:9c:40:fd:a0:f6:ed:15:
44:73:ff:92:a8:d4:59:fa:7c:7c:cd:07:d3:72:eb:9c:23:26:
03:b7:a2:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe5b5hL7I6TXQVkc/yfzpTR17THowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkZTA0MmQzM2U5NmU4NzdmMWI5NjUyZTA4ZWU4ZTMxMjhmNDFhYTU4OTIz
YWZlOGZhYzUxM2U4NzBjOTg3YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOHmaWnFQFMOUdA+6UL1Q+6p2E1ZGTrKJmTftwKmJUwPiMJnwO5d4o0Ls/H
hWug5S0gayyE8n3wjcyBcpJ5G/U1r/KePO6Yfw/jKnt0L6TyROWOF6w1HrPBw5a+
tOa9gMzhOCX4Hpwhb6QFZvwlDxtW2ZLdwrHyukIarUeJKmJc4e/8sPjgHcE7EXet
xw7dSLmT0739CDopZBh8jVY0Ana6p1oMMTSGaHfHumfQU9HB9U/cOKE+GaAb6hWN
ojEjhYkISGNx27JbHowivaJbqFxDABZD+QK+oeuSLmTp0UHAZb/TAhUEIQvhNZN1
CS74oLDLqnJ+DQC5+pYHEDMXHz8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBREB8q2
dWtS83qyV515W5lTAD4hAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVkZTAwNGItY2QwZi00NGExLTk5YjEtNGUyZTcxZmYwN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
wDANBgkqhkiG9w0BAQsFAAOCAQEAMnvEpJR+3gzMH5A5v6nuQ53TLye8tcnXlj6e
q5n06qkPkMTk92YQZpC84KY6qpTeLvbshqQapce8zx58HqMOOH14Gpc5ujbYWEXb
cOv3DdrhNqQrJZpebjuK2TnOeX3Gpng1dE+RUPy6Rv2lziCMejHcbF3i8EDuDsmb
+34568/g6rNAO6PJoF5+DslGggeS3EaN4WqONH/JWOnY666n7jGbPMmUpO+GULcQ
LU3dJePbiZWquG53Y3B987ygAs7GjJFH7ZiyLlKudLuK/sMNeqxzNIuFHe9cG9W9
caRrhUCMQxCcQP2g9u0VRHP/kqjUWfp8fM0H03LrnCMmA7eiJA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:27 2025 by rpki-client