Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json)
Hash identifier: dmGIJBErJLbplxDrqDGuBHO4UWZcBByVzkbIoYkOMyA=
Subject key identifier: 11:69:7F:4E:A4:2B:12:62:23:8D:5D:45:8A:C1:CA:3A:ED:CC:EF:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72EF4CB90E32FC0BF88750522B9594E46350D217
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ef:4c:b9:0e:32:fc:0b:f8:87:50:52:2b:95:94:e4:63:50:d2:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=2cda9ba9d3efaaa9ea4fed17ed69170fc41a904145a310e7f783b04dc778ec72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:52:85:6e:69:be:20:c0:f9:84:3a:71:2e:
bc:a5:9a:4c:e2:3c:74:54:f4:25:85:e9:8e:91:46:
ed:47:7f:3d:e0:96:64:bb:f0:6a:db:a4:f5:70:6e:
71:74:2f:fb:3a:86:67:a3:58:25:22:51:21:23:f8:
39:71:2c:2d:2b:f6:a5:63:c6:49:d5:9b:3d:6d:fe:
2f:b3:f0:ed:9b:a3:fb:4a:37:07:3c:b0:42:c1:1a:
7c:ae:a4:87:92:ff:08:ce:29:21:3d:65:bf:2f:6c:
b5:96:51:91:84:7b:dc:0f:94:8c:31:d2:66:4b:74:
be:01:df:47:79:a6:86:f4:cd:83:03:d3:02:1b:73:
a1:ef:ef:ff:35:8b:42:0f:7b:02:16:55:4e:ff:a8:
7e:d6:e0:3c:c7:65:c0:2c:31:06:2d:12:b6:2e:70:
6d:ea:2f:22:a0:20:57:23:22:b0:67:59:69:3c:64:
7b:85:6c:d8:dd:59:cd:9c:05:91:e3:e7:7f:da:31:
4b:6c:5d:fb:c7:68:c6:81:4c:1a:33:bb:7b:22:df:
16:14:90:36:4e:63:35:1c:e0:82:4e:6f:72:18:22:
29:98:16:dc:fb:0f:9e:e7:df:ef:fe:5b:82:07:fb:
8e:97:6b:87:0e:86:92:f1:cf:58:90:ff:d1:8a:47:
3c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:69:7F:4E:A4:2B:12:62:23:8D:5D:45:8A:C1:CA:3A:ED:CC:EF:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
42:2d:56:8a:60:fa:bb:1a:be:5f:2f:9c:eb:dc:65:18:bd:57:
34:bb:51:b7:c7:56:c9:18:c7:39:4c:8f:7d:32:ce:22:7b:23:
aa:5b:2b:97:f5:c1:cf:73:e2:80:1f:f0:0a:06:d6:e6:12:57:
75:51:b7:f9:98:84:a1:0a:4a:42:cf:eb:5e:26:68:2b:1f:0e:
2b:f0:8d:90:7d:99:bb:97:60:a1:9a:fb:7d:65:09:13:0f:38:
27:79:c7:fe:16:d3:fc:1f:98:d6:bc:c6:d2:23:3b:e9:da:db:
da:47:b4:76:ad:ef:7b:ba:d7:9f:38:c2:52:34:eb:33:b9:2a:
a7:21:ca:95:61:b1:bb:67:d0:13:f8:07:98:a1:20:13:d3:92:
0f:0d:9e:73:8b:73:2d:00:9f:f1:15:a8:f7:5e:62:ef:33:b1:
81:3f:1d:fd:e3:d2:f3:19:68:20:b5:a0:94:77:57:42:de:30:
5e:26:0b:f1:1a:5f:5b:2e:b5:c8:ef:cd:89:13:96:65:1b:3b:
41:63:88:2e:fb:82:d6:3a:ad:fc:b7:1a:83:32:23:db:7c:ef:
c0:52:d8:f9:b2:86:18:c1:9a:cb:1b:e5:49:be:df:1c:fd:28:
19:d4:81:48:83:b8:56:87:4c:d1:bd:af:ce:f4:4a:66:e4:59:
6d:b7:2f:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcu9MuQ4y/Av4h1BSK5WU5GNQ0hcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZGE5YmE5ZDNlZmFhYTllYTRmZWQxN2VkNjkxNzBmYzQxYTkwNDE0NWEz
MTBlN2Y3ODNiMDRkYzc3OGVjNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaIUoVuab4gwPmEOnEuvKWaTOI8dFT0JYXpjpFG7Ud/PeCWZLvwatuk9XBu
cXQv+zqGZ6NYJSJRISP4OXEsLSv2pWPGSdWbPW3+L7Pw7Zuj+0o3BzywQsEafK6k
h5L/CM4pIT1lvy9stZZRkYR73A+UjDHSZkt0vgHfR3mmhvTNgwPTAhtzoe/v/zWL
Qg97AhZVTv+oftbgPMdlwCwxBi0Sti5wbeovIqAgVyMisGdZaTxke4Vs2N1ZzZwF
kePnf9oxS2xd+8doxoFMGjO7eyLfFhSQNk5jNRzggk5vchgiKZgW3PsPnuff7/5b
ggf7jpdrhw6GkvHPWJD/0YpHPGcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRaX9O
pCsSYiONXUWKwco67czvDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQBCLVaKYPq7Gr5fL5zr3GUYvVc0u1G3x1bJGMc5
TI99Ms4ieyOqWyuX9cHPc+KAH/AKBtbmEld1Ubf5mIShCkpCz+teJmgrHw4r8I2Q
fZm7l2Chmvt9ZQkTDzgnecf+FtP8H5jWvMbSIzvp2tvaR7R2re97utefOMJSNOsz
uSqnIcqVYbG7Z9AT+AeYoSAT05IPDZ5zi3MtAJ/xFaj3XmLvM7GBPx3949LzGWgg
taCUd1dC3jBeJgvxGl9bLrXI782JE5ZlGztBY4gu+4LWOq38txqDMiPbfO/AUtj5
soYYwZrLG+VJvt8c/SgZ1IFIg7hWh0zRva/O9Epm5Fltty+9
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:04 2025 by rpki-client