Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: XXVu6NhS6ya5XtW5bW+rFDjYO7rGmjoYEr+0YZuY0qk=
Subject key identifier: 21:6D:A2:31:04:46:A9:D6:81:57:B5:7B:86:76:95:14:F4:F0:75:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65D8E95D03D0B9C9873A126B6C8076C459698E75
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d8:e9:5d:03:d0:b9:c9:87:3a:12:6b:6c:80:76:c4:59:69:8e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=4df3defc91c81baf854f15156892f4a0911d56f928f073c817898e7db8cae759, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:30:b0:e1:23:0e:fd:b7:61:42:80:ca:91:
7c:d4:fb:b3:f8:bd:c6:6f:5d:17:29:a0:53:83:0a:
75:0e:49:b4:4e:37:8c:00:47:39:d2:b0:c5:ee:aa:
55:b1:6a:6f:2d:aa:2a:46:91:2b:51:f0:54:91:2b:
87:6f:8a:25:4e:55:7f:72:8b:15:af:c7:7c:82:ea:
c1:b9:b8:af:e3:24:47:ba:bc:56:23:e8:27:cd:73:
a2:cd:c8:f0:25:b6:de:ed:7a:2b:bb:52:72:83:15:
6d:68:01:94:e4:25:96:38:a7:85:6a:24:0d:62:b9:
54:ce:ab:84:49:49:f5:71:4e:a9:4a:d2:e8:12:9d:
7e:60:33:04:68:74:4a:c4:51:5a:c1:ae:8e:05:ba:
b5:08:f1:88:5d:40:f0:a4:4e:97:66:05:db:56:94:
3a:b4:b1:f4:8d:a0:29:70:91:37:42:1c:ad:c6:c2:
a3:46:ad:54:29:77:fc:c9:a7:31:d1:81:80:5a:0e:
23:bd:3a:06:8e:aa:6e:60:c8:29:f3:df:5d:c3:0e:
5d:54:f6:6b:3b:85:57:a6:a8:42:eb:79:ea:5c:2c:
10:61:30:74:6a:54:50:d9:8d:0a:7a:f6:a7:e3:da:
f1:be:d4:85:ce:ff:d7:fa:e6:d2:ed:33:3c:71:c6:
f8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6D:A2:31:04:46:A9:D6:81:57:B5:7B:86:76:95:14:F4:F0:75:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:35:38:bd:36:5b:4f:6c:c0:86:d4:8b:3e:44:02:34:12:7a:
ba:06:8c:97:26:2c:ed:47:44:3e:78:ff:2c:51:45:b2:9c:d6:
95:99:2d:88:8b:89:d0:6c:6a:0d:ba:98:72:dc:ce:fd:f8:ed:
a9:67:2d:01:eb:e2:8b:43:45:92:88:37:1a:d0:c4:be:77:4f:
2a:40:14:c5:43:4c:b5:0b:da:00:2d:93:01:fe:8e:0e:af:d3:
86:00:75:13:4d:2b:8d:18:9b:11:08:e2:ab:89:23:43:9e:7e:
b4:ef:31:60:e0:39:c2:b4:f6:49:5a:ad:d5:50:a2:be:58:81:
6e:51:80:d0:7f:92:d7:9a:68:24:d7:c3:03:f3:09:9c:f8:44:
25:3d:84:fd:e4:7a:60:79:63:a5:0c:66:22:9b:11:f0:e4:42:
f9:d8:3d:6a:aa:7d:b8:36:ce:c6:3f:93:2f:5f:3f:66:f0:60:
e4:ae:c6:46:37:f7:4b:88:92:e1:0d:25:46:f3:02:9d:9b:6f:
95:b3:c5:67:39:a7:7d:54:c1:40:e2:20:02:64:5b:b0:33:32:
57:94:b2:1c:7f:b7:8b:81:f0:a9:c7:5d:ee:5e:b7:bc:5c:d4:
8c:4a:d5:d6:7f:b8:5a:1b:f5:b8:2e:c6:24:7d:31:5c:f2:dc:
c1:cf:de:e9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZdjpXQPQucmHOhJrbIB2xFlpjnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZjNkZWZjOTFjODFiYWY4NTRmMTUxNTY4OTJmNGEwOTExZDU2ZjkyOGYw
NzNjODE3ODk4ZTdkYjhjYWU3NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcAMLDhIw79t2FCgMqRfNT7s/i9xm9dFymgU4MKdQ5JtE43jABHOdKwxe6q
VbFqby2qKkaRK1HwVJErh2+KJU5Vf3KLFa/HfILqwbm4r+MkR7q8ViPoJ81zos3I
8CW23u16K7tScoMVbWgBlOQlljinhWokDWK5VM6rhElJ9XFOqUrS6BKdfmAzBGh0
SsRRWsGujgW6tQjxiF1A8KROl2YF21aUOrSx9I2gKXCRN0IcrcbCo0atVCl3/Mmn
MdGBgFoOI706Bo6qbmDIKfPfXcMOXVT2azuFV6aoQut56lwsEGEwdGpUUNmNCnr2
p+Pa8b7Uhc7/1/rm0u0zPHHG+J0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhbaIx
BEap1oFXtXuGdpUU9PB19TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBMNTi9NltPbMCG1Is+RAI0Enq6BoyXJiztR0Q+
eP8sUUWynNaVmS2Ii4nQbGoNuphy3M79+O2pZy0B6+KLQ0WSiDca0MS+d08qQBTF
Q0y1C9oALZMB/o4Or9OGAHUTTSuNGJsRCOKriSNDnn607zFg4DnCtPZJWq3VUKK+
WIFuUYDQf5LXmmgk18MD8wmc+EQlPYT95HpgeWOlDGYimxHw5EL52D1qqn24Ns7G
P5MvXz9m8GDkrsZGN/dLiJLhDSVG8wKdm2+Vs8VnOad9VMFA4iACZFuwMzJXlLIc
f7eLgfCpx13uXre8XNSMStXWf7haG/W4LsYkfTFc8tzBz97p
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:42 2025 by rpki-client