Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
File: 1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa (raw, json)
Hash identifier: M9EW/ns8ySePJIVw7rNi1IXCm5ZIhjUTRBj7dPvuglI=
Subject key identifier: E8:04:6A:FA:29:05:47:24:54:6F:AD:C9:06:43:C7:46:C8:D6:61:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4975830EFA1E8C376310B349480865C3A7F76172
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
Signing time: Fri 17 Jan 2025 00:00:00 +0000
ROA not before: Fri 17 Jan 2025 00:00:00 +0000
ROA not after: Fri 21 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:75:83:0e:fa:1e:8c:37:63:10:b3:49:48:08:65:c3:a7:f7:61:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 17 00:00:00 2025 GMT
Not After : Feb 21 23:59:59 2025 GMT
Subject: serialNumber=5f7d9d36d796c4bc47cd40dec7369ba27409c78fc92815ea6032b2044dc0c1c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:a3:07:29:4b:b7:ec:9e:2d:77:51:d3:35:
60:f0:7a:15:ab:3c:5f:ca:83:6b:33:0b:6e:8b:71:
37:27:bd:8b:e1:5a:b6:7a:75:91:1e:77:0c:38:9f:
20:d9:3b:05:ba:f9:00:34:ff:f4:6f:0d:b3:58:90:
35:26:83:ec:33:7c:ea:3f:33:79:a4:35:c0:db:80:
b3:ef:dc:b9:d2:51:42:01:e2:e6:91:fd:90:b5:6c:
3b:fd:00:bb:e4:51:4c:8e:7b:e7:74:66:49:76:71:
73:c8:24:9c:90:dc:89:0c:c1:b0:38:d8:ec:38:a5:
f8:10:f0:32:2b:4f:f3:bd:0c:5a:c8:3d:27:70:47:
06:86:08:c5:a2:eb:2a:45:cc:08:69:49:ea:3b:b8:
27:6c:8e:a5:0c:a6:48:76:81:f7:7e:69:92:10:79:
03:42:7b:94:aa:db:39:c2:6f:fe:2d:7f:cb:bf:93:
9c:2a:35:6c:05:7b:d0:e0:9f:ea:39:ca:f8:b0:95:
17:53:01:96:71:96:f8:e9:c5:d5:7f:ee:e0:1c:74:
6e:ef:c3:58:aa:f9:fa:af:75:bb:f7:c1:48:97:40:
88:3c:fe:44:b8:e3:00:27:4d:67:83:2c:95:25:3b:
83:d6:8f:61:74:3c:09:9e:0a:08:a9:5c:fd:e9:91:
71:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:04:6A:FA:29:05:47:24:54:6F:AD:C9:06:43:C7:46:C8:D6:61:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:b2:4b:d4:74:fa:52:10:47:bd:1e:7d:49:22:8c:e6:39:8c:
93:04:10:f5:77:a4:88:1c:d9:ca:3e:d6:14:58:bc:89:77:8f:
60:30:fa:65:1f:a0:47:07:1e:37:74:94:3d:5a:ec:10:08:20:
80:d9:22:ff:4c:8d:c6:e1:a4:81:5b:47:da:fb:53:1b:27:37:
62:51:56:57:ec:cb:90:88:48:f5:4a:ce:be:d0:7e:ac:e8:ff:
a7:17:d6:5e:e3:f2:4e:e6:6d:1d:49:27:3b:6b:d6:b3:49:3b:
a1:f0:14:64:cc:24:2f:4b:e1:8d:88:e6:2b:70:31:6e:3d:af:
96:32:5f:8d:77:00:aa:b2:4d:b5:44:d6:7c:37:a2:3f:77:7c:
7e:d8:26:8c:f4:95:02:e6:f3:9d:cd:b2:44:ff:08:1b:06:63:
6e:71:b2:f7:c8:1f:69:b6:5c:dd:19:23:29:f3:7d:11:41:90:
1b:fe:f1:5c:50:09:fd:12:02:ac:66:3e:e1:81:62:22:55:c3:
f5:64:10:dd:0d:26:6b:10:64:c3:4b:c3:13:44:d7:02:cd:44:
97:f2:63:94:20:d3:4b:bd:3c:44:ae:a9:33:00:b0:b5:81:c4:
9c:3f:d1:ed:01:da:90:e6:14:d1:c1:ad:58:95:3d:45:f7:85:
97:0d:03:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSXWDDvoejDdjELNJSAhlw6f3YXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTcwMDAwMDBaFw0yNTAyMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmN2Q5ZDM2ZDc5NmM0YmM0N2NkNDBkZWM3MzY5YmEyNzQwOWM3OGZjOTI4
MTVlYTYwMzJiMjA0NGRjMGMxYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOEowcpS7fsni13UdM1YPB6Fas8X8qDazMLbotxNye9i+Fatnp1kR53DDif
INk7Bbr5ADT/9G8Ns1iQNSaD7DN86j8zeaQ1wNuAs+/cudJRQgHi5pH9kLVsO/0A
u+RRTI5753RmSXZxc8gknJDciQzBsDjY7Dil+BDwMitP870MWsg9J3BHBoYIxaLr
KkXMCGlJ6ju4J2yOpQymSHaB935pkhB5A0J7lKrbOcJv/i1/y7+TnCo1bAV70OCf
6jnK+LCVF1MBlnGW+OnF1X/u4Bx0bu/DWKr5+q91u/fBSJdAiDz+RLjjACdNZ4Ms
lSU7g9aPYXQ8CZ4KCKlc/emRcV8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToBGr6
KQVHJFRvrckGQ8dGyNZhzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNjZmEzNjQtMDdhYi00YTVlLTgxYTktOTlmOWQ2YjNhMDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQBbskvUdPpSEEe9Hn1JIozmOYyTBBD1d6SIHNnK
PtYUWLyJd49gMPplH6BHBx43dJQ9WuwQCCCA2SL/TI3G4aSBW0fa+1MbJzdiUVZX
7MuQiEj1Ss6+0H6s6P+nF9Ze4/JO5m0dSSc7a9azSTuh8BRkzCQvS+GNiOYrcDFu
Pa+WMl+NdwCqsk21RNZ8N6I/d3x+2CaM9JUC5vOdzbJE/wgbBmNucbL3yB9ptlzd
GSMp830RQZAb/vFcUAn9EgKsZj7hgWIiVcP1ZBDdDSZrEGTDS8MTRNcCzUSX8mOU
INNLvTxErqkzALC1gcScP9HtAdqQ5hTRwa1YlT1F94WXDQP4
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:28 2025 by rpki-client