Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: IWblpnl8SFm9eMHsYZMfjLEQeWSNcDFoDN5bW8dzZiE=
Subject key identifier: 5E:01:42:6B:71:04:E1:E3:65:92:4B:B7:4F:A0:77:00:0F:5A:B7:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 130ADB394EBED0BA33516573667E294CC3D1B60F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:0a:db:39:4e:be:d0:ba:33:51:65:73:66:7e:29:4c:c3:d1:b6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=4dc3377f70b1ec0ce3354cb33e447d496e741974576a23125d410d8f6e4fecd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ea:66:61:87:79:c7:6e:30:c8:71:b0:d9:73:
d5:59:4f:54:48:9f:c5:64:c0:82:04:9b:f7:20:17:
e8:b3:55:2b:9f:eb:1c:d9:43:b0:26:45:6c:f6:43:
d6:bb:fe:c4:b0:f3:fc:2e:b5:b7:fd:7b:e1:ec:75:
8c:6c:01:28:08:a4:df:96:fd:32:86:2b:4c:28:2f:
e5:e7:3c:36:a6:7b:92:2a:46:2b:4a:05:3b:25:16:
da:7d:4b:3a:17:1f:19:63:74:c2:8f:4b:3b:e9:94:
d2:d8:a6:5b:97:35:10:5a:0c:5b:11:ea:ff:4b:6c:
16:5e:f4:14:ec:b2:2c:36:55:53:42:f1:94:0c:2c:
47:4a:fb:31:22:4d:76:25:75:06:c6:28:fe:10:ec:
6c:0c:07:c0:42:fd:3e:0b:7c:fc:1c:83:c8:9c:13:
9f:b3:37:d9:dd:f3:e3:eb:6a:95:dc:24:ce:db:7d:
99:f6:15:17:77:33:32:85:2b:d3:9c:9a:7e:25:a6:
ca:a0:93:c4:9f:34:c9:7a:32:20:62:0e:57:42:bf:
28:1c:b8:4c:75:ab:08:01:c5:7f:e6:a8:82:d4:e5:
bb:1f:81:35:28:02:75:ff:8f:dc:f7:7c:d9:87:40:
13:36:4a:62:ba:d3:44:ac:7b:66:6c:cd:e4:f2:a3:
bd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:01:42:6B:71:04:E1:E3:65:92:4B:B7:4F:A0:77:00:0F:5A:B7:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
72:b0:e0:8c:2c:a9:4e:31:85:67:3e:dd:d2:0f:f6:ea:19:1e:
f4:eb:51:67:7a:a8:67:d2:13:b7:23:a8:4b:f2:58:b9:b7:5e:
3e:ef:7b:2c:e5:32:38:64:da:d5:c9:13:20:c5:7f:b3:0c:56:
8b:63:b2:57:81:56:ae:3a:c9:b7:5f:77:25:c8:00:7e:10:2c:
07:b9:70:b7:f1:d7:b7:62:8f:89:bf:55:9b:9b:65:4b:03:a5:
cb:7b:0e:d4:ec:36:b0:11:d6:a9:14:11:47:16:60:23:e3:eb:
8c:cf:b8:ca:91:6e:78:0d:f1:fe:68:e2:c7:11:4e:7a:79:47:
7e:50:9a:ca:76:c6:03:4d:3a:83:ac:8f:13:13:f2:6b:43:bb:
0a:0a:b8:d2:47:6d:79:a8:78:9b:87:32:bc:48:09:d3:a9:af:
5d:fc:24:07:10:c7:71:52:40:89:0a:e9:47:92:34:32:31:f4:
10:9f:26:a3:c1:ec:9b:cd:01:c7:d6:99:14:e7:5b:7a:a9:45:
35:e4:ac:17:60:88:00:4a:5a:6d:e5:df:09:32:eb:0c:a5:1d:
7b:d4:dd:68:44:02:8f:8e:a8:d6:14:91:c1:01:04:e3:34:dc:
4b:1d:85:3f:18:83:ff:3b:3c:93:2a:fa:e2:de:f4:2d:0a:c4:
42:5e:d3:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEwrbOU6+0LozUWVzZn4pTMPRtg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkYzMzNzdmNzBiMWVjMGNlMzM1NGNiMzNlNDQ3ZDQ5NmU3NDE5NzQ1NzZh
MjMxMjVkNDEwZDhmNmU0ZmVjZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrqZmGHecduMMhxsNlz1VlPVEifxWTAggSb9yAX6LNVK5/rHNlDsCZFbPZD
1rv+xLDz/C61t/174ex1jGwBKAik35b9MoYrTCgv5ec8NqZ7kipGK0oFOyUW2n1L
OhcfGWN0wo9LO+mU0timW5c1EFoMWxHq/0tsFl70FOyyLDZVU0LxlAwsR0r7MSJN
diV1BsYo/hDsbAwHwEL9Pgt8/ByDyJwTn7M32d3z4+tqldwkztt9mfYVF3czMoUr
05yafiWmyqCTxJ80yXoyIGIOV0K/KBy4THWrCAHFf+aogtTlux+BNSgCdf+P3Pd8
2YdAEzZKYrrTRKx7ZmzN5PKjvQMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReAUJr
cQTh42WSS7dPoHcAD1q33DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBysOCMLKlOMYVnPt3SD/bqGR7061Fneqhn0hO3
I6hL8li5t14+73ss5TI4ZNrVyRMgxX+zDFaLY7JXgVauOsm3X3clyAB+ECwHuXC3
8de3Yo+Jv1Wbm2VLA6XLew7U7DawEdapFBFHFmAj4+uMz7jKkW54DfH+aOLHEU56
eUd+UJrKdsYDTTqDrI8TE/JrQ7sKCrjSR215qHibhzK8SAnTqa9d/CQHEMdxUkCJ
CulHkjQyMfQQnyajweybzQHH1pkU51t6qUU15KwXYIgASlpt5d8JMusMpR171N1o
RAKPjqjWFJHBAQTjNNxLHYU/GIP/OzyTKvri3vQtCsRCXtOL
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:21 2025 by rpki-client