Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
File: 1a31701b-6e08-4967-83cb-76ea10ffab6d.roa (raw, json)
Hash identifier: 6d2niqcz1Jihw1bJWgqMgskwTKkG2oSXZEdTfWgpg4M=
Subject key identifier: D5:71:6C:B7:B7:30:DB:D3:B0:5B:B3:6D:C7:BF:CF:4E:FE:A3:4B:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EC51D12A1CBE99A08A9F8BC0884DB72A96744AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:c5:1d:12:a1:cb:e9:9a:08:a9:f8:bc:08:84:db:72:a9:67:44:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=56a6671848608ea6c660ea6ecd0da5738840b35b81a8d50ca52f37d6c8b9eed8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e0:5a:6c:be:48:38:59:f0:4f:0d:ec:c5:e3:
d0:16:74:82:8c:ac:14:dc:ab:77:c7:b6:40:93:c1:
0b:49:bb:b9:7d:61:1a:f5:4c:7f:a2:38:2f:bd:76:
05:55:07:5a:e6:71:b7:f1:9d:95:59:b2:b8:38:67:
a3:50:7f:6d:c5:a9:a2:a9:cc:a3:3a:7c:bf:b3:e2:
7d:a4:c5:ce:49:26:0a:7f:e1:a4:a7:84:51:e4:41:
e4:d7:9e:f9:2f:3d:b6:ea:f9:6a:22:ce:fd:1a:8e:
9a:58:83:8c:ce:d1:f1:4f:79:29:ed:17:05:7b:dd:
78:f3:7a:84:c1:a8:55:35:46:86:5a:d3:45:7c:10:
34:9d:e0:94:6a:4b:53:54:7b:da:53:01:d7:f9:f3:
e1:aa:a8:fb:38:2a:1a:5b:55:1e:91:c0:1c:ce:31:
7e:0a:58:a3:d7:2a:4e:2d:a9:ff:76:64:5e:40:5e:
a9:ec:71:05:62:f8:e1:a1:d7:ef:40:b8:47:a8:12:
fd:77:14:b5:68:41:45:07:96:eb:2b:1b:b3:4a:0b:
ad:eb:f0:8e:8a:aa:cb:b3:55:65:d7:0a:cc:51:c1:
d8:20:76:a2:09:78:d2:f1:9d:3c:17:40:fb:8f:51:
29:79:f4:86:2d:8f:e1:d9:d6:9e:d4:7d:33:b9:cb:
0e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:71:6C:B7:B7:30:DB:D3:B0:5B:B3:6D:C7:BF:CF:4E:FE:A3:4B:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:95:ee:ec:af:7b:73:88:39:e7:b0:e9:d1:5e:10:47:0a:e6:
b6:5d:d7:3c:cb:a8:2a:77:a2:f4:02:d3:ad:8a:07:82:88:06:
a0:95:c5:df:c7:50:32:f7:f1:d8:3a:83:42:04:2e:01:9b:6a:
12:d4:52:bf:35:fb:8c:9e:cb:90:85:d5:65:34:27:c7:ea:7f:
46:84:b1:b9:13:d5:b3:0a:b6:d1:4f:18:be:72:41:24:2c:42:
71:1e:86:d8:d4:c7:c1:0d:5d:09:15:59:bf:e9:fe:8f:01:cb:
56:aa:a2:67:bb:e5:d0:62:c5:fd:31:d7:ab:ba:e5:ba:81:14:
7b:9f:e1:03:dd:e7:1d:3e:ca:9e:1d:ad:ee:68:09:61:6a:9d:
a4:14:b4:93:4c:d2:d8:0b:9f:7e:84:a2:11:2f:d1:a6:93:cd:
c3:0e:60:d3:d7:73:80:95:6c:40:d6:6a:19:85:8d:2a:4e:d4:
1e:79:b9:39:8d:d0:0f:b7:82:ca:59:6c:94:ca:9b:41:5a:53:
e8:87:17:25:00:53:68:5f:67:8c:8e:4b:ce:28:fa:64:89:44:
e7:e4:9c:49:3a:6b:31:bd:33:bd:fd:39:9f:ea:c8:c4:ed:b3:
c0:12:cb:ba:2a:af:a7:be:db:78:d0:52:d9:f4:cc:68:d2:eb:
57:c7:f1:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTsUdEqHL6ZoIqfi8CITbcqlnRKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2YTY2NzE4NDg2MDhlYTZjNjYwZWE2ZWNkMGRhNTczODg0MGIzNWI4MWE4
ZDUwY2E1MmYzN2Q2YzhiOWVlZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMngWmy+SDhZ8E8N7MXj0BZ0goysFNyrd8e2QJPBC0m7uX1hGvVMf6I4L712
BVUHWuZxt/GdlVmyuDhno1B/bcWpoqnMozp8v7PifaTFzkkmCn/hpKeEUeRB5Nee
+S89tur5aiLO/RqOmliDjM7R8U95Ke0XBXvdePN6hMGoVTVGhlrTRXwQNJ3glGpL
U1R72lMB1/nz4aqo+zgqGltVHpHAHM4xfgpYo9cqTi2p/3ZkXkBeqexxBWL44aHX
70C4R6gS/XcUtWhBRQeW6ysbs0oLrevwjoqqy7NVZdcKzFHB2CB2ogl40vGdPBdA
+49RKXn0hi2P4dnWntR9M7nLDssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVcWy3
tzDb07Bbs23Hv89O/qNLjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWEzMTcwMWItNmUwOC00OTY3LTgzY2ItNzZlYTEwZmZhYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWg
MA0GCSqGSIb3DQEBCwUAA4IBAQBqle7sr3tziDnnsOnRXhBHCua2Xdc8y6gqd6L0
AtOtigeCiAaglcXfx1Ay9/HYOoNCBC4Bm2oS1FK/NfuMnsuQhdVlNCfH6n9GhLG5
E9WzCrbRTxi+ckEkLEJxHobY1MfBDV0JFVm/6f6PActWqqJnu+XQYsX9MderuuW6
gRR7n+ED3ecdPsqeHa3uaAlhap2kFLSTTNLYC59+hKIRL9Gmk83DDmDT13OAlWxA
1moZhY0qTtQeebk5jdAPt4LKWWyUyptBWlPohxclAFNoX2eMjkvOKPpkiUTn5JxJ
OmsxvTO9/Tmf6sjE7bPAEsu6Kq+nvtt40FLZ9Mxo0utXx/GK
-----END CERTIFICATE-----
Generated at Fri May 2 15:22:05 2025 by rpki-client