Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ce4b79c-26b8-4e2b-8de2-ef5254a2c33e.roa
File: 1ce4b79c-26b8-4e2b-8de2-ef5254a2c33e.roa (raw, json)
Hash identifier: AIF8V6B4mlVn/D1WtxrM4dxjWcv849sWa9QOiGNU2XQ=
Subject key identifier: 88:42:AB:9E:CE:56:3C:A4:7B:2C:C5:A2:3D:11:DE:40:40:88:71:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A864CE07A427200110B19C0E0539D69BD19FFC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ce4b79c-26b8-4e2b-8de2-ef5254a2c33e.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:86:4c:e0:7a:42:72:00:11:0b:19:c0:e0:53:9d:69:bd:19:ff:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=80e353f6a892846db19ef20d7e201e2ae38aad8972e08a93cf339618465da56b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:c9:1c:48:d7:74:a9:ac:a3:2e:1c:cd:b8:
2d:05:ef:36:bd:29:44:d7:8c:99:a0:5c:49:58:54:
70:2e:77:5f:94:a9:93:d6:85:4d:e1:64:d0:bf:aa:
50:93:94:82:3b:51:ae:55:fb:da:58:3e:88:e5:01:
d1:ee:fc:24:e4:06:fa:fe:e1:82:81:0f:68:54:ea:
f0:9d:15:49:ac:24:5d:77:17:d6:20:4e:20:06:43:
af:af:7a:48:96:d0:43:98:85:0d:5f:b7:5b:74:ae:
db:91:7c:e6:5f:3b:67:a4:e6:3d:d4:18:32:f6:a8:
ed:98:10:e4:8d:23:d2:5c:e3:9c:ce:37:02:ec:cb:
fe:b5:ed:4d:cb:b6:1b:0e:f3:16:10:f1:70:7c:ce:
9a:1b:1f:d9:4b:d8:26:0d:97:08:41:29:c7:69:60:
a0:2f:f5:d4:d6:75:68:a4:38:6c:79:23:32:f1:57:
52:4a:25:b2:65:94:89:8c:fe:4e:1f:7d:0d:5f:89:
34:89:38:2d:46:fe:ec:8c:13:ed:00:24:f9:31:76:
c3:fb:e4:e0:06:31:86:54:8c:5a:44:5b:f2:46:c8:
a3:ab:a6:ae:13:21:2e:cb:23:01:51:39:00:de:cd:
4a:29:0f:61:3d:0f:45:1d:fc:e2:68:76:4d:c9:25:
07:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:42:AB:9E:CE:56:3C:A4:7B:2C:C5:A2:3D:11:DE:40:40:88:71:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ce4b79c-26b8-4e2b-8de2-ef5254a2c33e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6040::/48
Signature Algorithm: sha256WithRSAEncryption
3b:0e:9f:7e:a1:58:9a:7c:2b:41:6a:1c:29:33:85:c1:4e:56:
46:03:12:b0:ca:a1:ff:70:9f:49:03:e7:26:a2:97:a8:26:7e:
23:46:67:3d:ad:f0:5b:8f:f3:4e:e6:06:ba:ef:c8:ea:69:64:
f8:35:0e:3a:90:c8:f2:45:49:df:ef:f7:c0:b3:4e:38:32:29:
44:b6:fe:a3:82:e8:82:25:84:25:ed:51:27:f6:bc:46:1b:4b:
75:2b:6d:47:50:13:bc:1b:de:fa:fa:7b:7c:7e:42:18:97:46:
b8:5d:3d:9c:dd:bb:93:8a:d5:ee:d8:09:72:b2:60:fe:82:61:
19:da:15:24:a4:6d:c1:ee:fa:f6:c6:e2:8b:cd:39:ae:84:a6:
47:54:a7:48:82:f2:56:21:1a:9d:27:96:5f:0a:72:4d:bf:a1:
4a:78:48:62:05:65:14:00:77:61:b9:b1:07:81:7a:47:cb:ab:
f2:49:52:1a:a6:95:fc:e9:7d:e4:2f:bd:5d:6c:c2:4c:d4:90:
5b:47:24:05:e1:50:ed:7c:a1:20:28:e7:00:c1:81:d2:a8:c2:
25:48:f8:ec:59:ec:ba:6a:51:ec:f3:25:32:8b:6b:02:6b:be:
bf:d6:a1:bf:c4:fa:ab:55:fb:55:6f:73:32:88:01:c2:d7:fa:
86:d1:14:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGoZM4HpCcgARCxnA4FOdab0Z/8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZTM1M2Y2YTg5Mjg0NmRiMTllZjIwZDdlMjAxZTJhZTM4YWFkODk3MmUw
OGE5M2NmMzM5NjE4NDY1ZGE1NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKFyRxI13SprKMuHM24LQXvNr0pRNeMmaBcSVhUcC53X5Spk9aFTeFk0L+q
UJOUgjtRrlX72lg+iOUB0e78JOQG+v7hgoEPaFTq8J0VSawkXXcX1iBOIAZDr696
SJbQQ5iFDV+3W3Su25F85l87Z6TmPdQYMvao7ZgQ5I0j0lzjnM43AuzL/rXtTcu2
Gw7zFhDxcHzOmhsf2UvYJg2XCEEpx2lgoC/11NZ1aKQ4bHkjMvFXUkolsmWUiYz+
Th99DV+JNIk4LUb+7IwT7QAk+TF2w/vk4AYxhlSMWkRb8kbIo6umrhMhLssjAVE5
AN7NSikPYT0PRR384mh2TcklB0kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIQque
zlY8pHssxaI9Ed5AQIhxxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNlNGI3OWMtMjZiOC00ZTJiLThkZTItZWY1MjU0YTJjMzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRg
QDANBgkqhkiG9w0BAQsFAAOCAQEAOw6ffqFYmnwrQWocKTOFwU5WRgMSsMqh/3Cf
SQPnJqKXqCZ+I0ZnPa3wW4/zTuYGuu/I6mlk+DUOOpDI8kVJ3+/3wLNOODIpRLb+
o4LogiWEJe1RJ/a8RhtLdSttR1ATvBve+vp7fH5CGJdGuF09nN27k4rV7tgJcrJg
/oJhGdoVJKRtwe769sbii805roSmR1SnSILyViEanSeWXwpyTb+hSnhIYgVlFAB3
YbmxB4F6R8ur8klSGqaV/Ol95C+9XWzCTNSQW0ckBeFQ7XyhICjnAMGB0qjCJUj4
7FnsumpR7PMlMotrAmu+v9ahv8T6q1X7VW9zMogBwtf6htEUxg==
-----END CERTIFICATE-----
Generated at Fri May 2 14:59:14 2025 by rpki-client