Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: 2IHRvFPOr1VHvO1y/pDT/PO1SE/XoUbhuMf+JxVowhM=
Subject key identifier: 30:6E:80:E4:50:34:BA:65:F2:2B:8A:C5:3F:E7:81:B1:EC:71:AB:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51C41C0C85EAF3BEA19CD07BF6166B3690B8E882
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c4:1c:0c:85:ea:f3:be:a1:9c:d0:7b:f6:16:6b:36:90:b8:e8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=629afc770481fc9ae55fd14c1cb925541f48c029aac0351b50c350d586dae25c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:38:4f:3b:6f:9a:eb:46:7c:e9:0c:24:62:
74:04:56:d5:00:50:4d:8d:a3:8a:04:a1:e0:31:16:
b2:d2:11:2c:a7:ef:b1:19:f7:7b:cc:9c:da:6a:b4:
65:0b:64:8c:5a:60:fd:81:85:c1:dd:9a:c1:b9:f8:
46:aa:72:53:a5:03:31:c0:68:16:54:40:96:60:83:
5d:98:11:c9:70:d9:0f:49:0d:52:94:f6:ed:bb:46:
70:c9:3d:55:8d:66:ea:2b:e5:89:46:4d:85:9f:bd:
2f:13:d9:44:cd:ee:57:28:7e:85:6d:d5:77:1c:7b:
2b:c9:9e:77:b4:6d:15:4d:a7:9e:8c:17:00:0b:d7:
17:6b:49:78:cd:80:63:eb:29:9d:3a:04:52:88:c8:
4c:9f:ad:51:ed:66:db:f9:f0:15:ea:86:4b:a1:05:
34:fa:b7:c7:53:78:de:25:d2:50:6a:5a:16:3c:4d:
ab:ea:c9:a1:5f:5a:96:80:c7:bb:81:8f:c4:a0:ad:
b5:58:fc:a0:90:6b:84:9e:7e:91:52:ac:85:c4:38:
df:75:93:60:73:34:28:39:cd:8c:7c:8e:07:5f:80:
fc:d1:94:66:2d:da:cc:88:4b:a3:0e:7c:a1:e5:36:
69:b2:10:df:4a:81:d5:d4:91:36:00:cf:91:a3:aa:
b1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6E:80:E4:50:34:BA:65:F2:2B:8A:C5:3F:E7:81:B1:EC:71:AB:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
90:97:cd:80:11:00:b1:3d:ec:13:57:da:17:14:0e:94:d1:09:
79:c2:ef:e2:b3:60:bf:c7:95:c8:dc:c9:4b:dd:56:13:f7:f2:
ae:1b:78:f5:e1:6a:04:69:c4:40:1d:1f:69:d0:99:c8:8d:ea:
af:49:b5:9a:d1:94:a6:ed:18:6b:c5:84:61:fd:e9:c2:92:94:
5d:ea:69:ff:9a:d2:7f:e8:94:c0:ca:12:de:23:6c:29:db:81:
bf:4e:83:9e:e8:d5:f8:89:8b:c6:0f:3a:b9:7b:5a:43:6e:90:
25:da:1f:e9:47:d4:d5:9f:71:0b:44:dc:df:f4:54:3d:36:89:
e3:ab:c1:d2:26:b8:4d:ab:2a:63:26:10:2c:11:29:2d:07:82:
7d:86:ad:a9:23:bd:bb:98:5b:54:ed:a7:5c:67:c5:09:12:f3:
13:22:ee:bf:6d:2e:5a:03:82:3c:fb:cc:c1:5c:1e:84:a3:60:
fc:88:08:92:fa:fc:dd:90:90:f4:26:05:5c:4f:79:81:4d:eb:
9a:64:87:7e:cb:34:58:e6:00:da:db:a1:3a:21:24:dd:f2:12:
50:70:62:91:6d:b7:23:68:9f:4d:86:03:f1:01:66:5c:cf:e9:
ce:72:71:74:24:34:a2:1f:38:11:8f:3c:ee:df:7c:86:77:d6:
a3:af:92:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUcQcDIXq876hnNB79hZrNpC46IIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyOWFmYzc3MDQ4MWZjOWFlNTVmZDE0YzFjYjkyNTU0MWY0OGMwMjlhYWMw
MzUxYjUwYzM1MGQ1ODZkYWUyNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFXOE87b5rrRnzpDCRidARW1QBQTY2jigSh4DEWstIRLKfvsRn3e8yc2mq0
ZQtkjFpg/YGFwd2awbn4RqpyU6UDMcBoFlRAlmCDXZgRyXDZD0kNUpT27btGcMk9
VY1m6ivliUZNhZ+9LxPZRM3uVyh+hW3Vdxx7K8med7RtFU2nnowXAAvXF2tJeM2A
Y+spnToEUojITJ+tUe1m2/nwFeqGS6EFNPq3x1N43iXSUGpaFjxNq+rJoV9aloDH
u4GPxKCttVj8oJBrhJ5+kVKshcQ433WTYHM0KDnNjHyOB1+A/NGUZi3azIhLow58
oeU2abIQ30qB1dSRNgDPkaOqsZMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwboDk
UDS6ZfIrisU/54Gx7HGrvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEAkJfNgBEAsT3sE1faFxQOlNEJecLv4rNgv8eV
yNzJS91WE/fyrht49eFqBGnEQB0fadCZyI3qr0m1mtGUpu0Ya8WEYf3pwpKUXepp
/5rSf+iUwMoS3iNsKduBv06DnujV+ImLxg86uXtaQ26QJdof6UfU1Z9xC0Tc3/RU
PTaJ46vB0ia4TasqYyYQLBEpLQeCfYatqSO9u5hbVO2nXGfFCRLzEyLuv20uWgOC
PPvMwVwehKNg/IgIkvr83ZCQ9CYFXE95gU3rmmSHfss0WOYA2tuhOiEk3fISUHBi
kW23I2ifTYYD8QFmXM/pznJxdCQ0oh84EY887t98hnfWo6+S9g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:23 2025 by rpki-client