Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: LQIBsPvN1E02XFui6ZGWFuB8S+bvE1V5C0CjdoY8ZNA=
Subject key identifier: 41:D0:2B:BB:FD:FD:1D:FB:AF:13:BA:C6:C0:40:7D:53:D9:41:9D:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0334E5B774ECDC968CA6C51A0F031B636CF2C0C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:34:e5:b7:74:ec:dc:96:8c:a6:c5:1a:0f:03:1b:63:6c:f2:c0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=b6a737c652d8b4f4d5fd184658b2c808a5123a6ae68371c15fd0704cf453de3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c4:bf:68:c8:b9:13:13:f0:36:d4:8a:b8:34:
a6:97:e8:9a:0f:9d:3d:ff:23:0f:ec:fe:d5:d0:92:
dd:12:ca:56:4b:5a:44:4b:6b:37:37:c3:eb:ff:4c:
48:c8:82:9a:ff:05:01:11:cb:ac:95:c9:0b:c3:33:
fa:89:2d:20:d8:43:7c:e9:39:c0:4e:be:67:37:99:
98:4f:4d:cc:33:ad:39:d8:fb:83:e8:21:7c:21:bd:
2d:36:49:35:62:80:17:b1:43:9f:d9:b2:c7:61:40:
0d:1f:20:07:21:9c:8c:b3:d1:f6:7c:65:a3:99:5a:
ca:97:a2:61:e1:fb:b3:c6:fa:90:fc:ae:2d:2e:a7:
20:b3:99:d9:bc:fc:ef:8a:2e:89:85:09:8c:0d:04:
44:06:30:5b:60:6c:41:26:27:c8:cf:1f:e2:d6:5c:
9d:8e:45:2e:df:fd:9c:3f:d3:f1:82:35:77:b3:a5:
29:d6:d8:79:05:27:c4:16:d8:2c:59:6f:61:98:50:
64:cf:5a:48:1d:52:f1:7e:82:64:ac:ad:ad:04:f7:
09:e9:5b:b9:75:8e:25:e0:23:a1:e2:bc:c3:20:bc:
17:3e:c3:48:4d:1d:51:0d:b5:31:ac:5a:33:e8:3e:
df:f7:0c:78:70:32:3f:b0:25:d4:c2:c9:05:db:cb:
01:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D0:2B:BB:FD:FD:1D:FB:AF:13:BA:C6:C0:40:7D:53:D9:41:9D:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
01:09:ba:f9:0a:fc:60:81:e6:bc:b3:cd:08:24:7f:3c:e5:12:
0f:54:ab:05:d4:41:70:e0:d2:e5:77:a2:0e:80:b9:57:f0:17:
7a:7e:e8:d8:6a:b8:85:dd:a9:36:00:58:3f:be:1e:ca:1d:e6:
69:d0:99:95:ac:8e:fe:34:64:21:3e:22:51:f3:be:4c:66:92:
bd:80:32:51:ee:24:3b:03:ba:00:43:f8:0d:fc:37:54:aa:d1:
a6:be:0c:ed:9e:d4:3b:f4:0c:ed:f6:35:85:8f:13:88:c4:df:
97:f1:41:c5:c2:57:e8:8c:92:e4:6b:01:93:01:fb:48:c9:56:
51:8c:38:ff:15:fb:d2:bd:e6:03:9a:ce:aa:b0:69:8f:8c:43:
d7:d7:ad:6b:35:83:4b:e0:8e:42:87:6d:0d:04:1c:cb:c7:ec:
48:18:4d:4c:09:3c:b9:8f:6c:ca:fe:84:7e:2e:62:dc:3b:58:
08:67:6f:27:2d:63:a6:94:a8:ba:dd:3f:d1:d3:00:0b:0f:66:
92:22:35:da:fd:ca:5b:d4:2c:5f:a5:db:31:1a:ed:03:6d:84:
6f:3d:a1:8a:87:3f:61:b8:b2:6d:19:3b:f2:d2:f4:7c:33:4f:
d1:5c:a3:03:aa:7e:17:87:14:a3:5f:c4:8c:20:36:0b:c4:11:
42:7d:cb:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAzTlt3Ts3JaMpsUaDwMbY2zywMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2YTczN2M2NTJkOGI0ZjRkNWZkMTg0NjU4YjJjODA4YTUxMjNhNmFlNjgz
NzFjMTVmZDA3MDRjZjQ1M2RlM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjEv2jIuRMT8DbUirg0ppfomg+dPf8jD+z+1dCS3RLKVktaREtrNzfD6/9M
SMiCmv8FARHLrJXJC8Mz+oktINhDfOk5wE6+ZzeZmE9NzDOtOdj7g+ghfCG9LTZJ
NWKAF7FDn9myx2FADR8gByGcjLPR9nxlo5laypeiYeH7s8b6kPyuLS6nILOZ2bz8
74ouiYUJjA0ERAYwW2BsQSYnyM8f4tZcnY5FLt/9nD/T8YI1d7OlKdbYeQUnxBbY
LFlvYZhQZM9aSB1S8X6CZKytrQT3CelbuXWOJeAjoeK8wyC8Fz7DSE0dUQ21Maxa
M+g+3/cMeHAyP7Al1MLJBdvLAXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRB0Cu7
/f0d+68TusbAQH1T2UGdjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQABCbr5Cvxggea8s80IJH885RIPVKsF1EFw4NLl
d6IOgLlX8Bd6fujYariF3ak2AFg/vh7KHeZp0JmVrI7+NGQhPiJR875MZpK9gDJR
7iQ7A7oAQ/gN/DdUqtGmvgztntQ79Azt9jWFjxOIxN+X8UHFwlfojJLkawGTAftI
yVZRjDj/FfvSveYDms6qsGmPjEPX161rNYNL4I5Ch20NBBzLx+xIGE1MCTy5j2zK
/oR+LmLcO1gIZ28nLWOmlKi63T/R0wALD2aSIjXa/cpb1CxfpdsxGu0DbYRvPaGK
hz9huLJtGTvy0vR8M0/RXKMDqn4XhxSjX8SMIDYLxBFCfcso
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:51 2025 by rpki-client