Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: s3gSNi9u4JP8PNCUaniHamIlFqOuJsa189q2SKJWepE=
Subject key identifier: AF:28:42:55:9D:2D:CE:1D:8C:20:3E:48:1F:75:51:44:9B:44:D0:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28920C05BB8D56D748DF7A174C81200FC6C597D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:92:0c:05:bb:8d:56:d7:48:df:7a:17:4c:81:20:0f:c6:c5:97:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=d26469f5f69d1ae26854694f490d67c41ff502ac38849725d13783a388378bc3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:70:ab:b6:3c:c5:eb:85:62:47:36:4f:71:
5c:a3:7d:2c:92:99:6d:e3:c9:d9:ec:6c:ad:32:3b:
cf:45:92:02:4a:e0:ff:10:78:1a:1b:6c:e5:33:b7:
4f:01:de:fe:66:34:15:2d:3a:e5:3b:8a:f7:c7:23:
88:6a:c4:14:8c:43:5a:87:46:f9:aa:0a:19:e8:11:
da:47:22:c3:b0:c3:bc:2e:fc:ab:28:2d:82:65:a3:
d7:25:45:09:8d:fd:4e:8c:ba:06:90:e1:4b:f7:95:
fc:14:5d:95:32:33:73:f9:31:07:90:a2:06:2d:4e:
2c:9d:fc:48:36:95:9e:5f:c7:66:8d:13:7f:ce:db:
46:b7:c7:4a:59:b0:04:77:55:37:25:44:20:37:ff:
24:e2:cd:c2:1f:bb:ee:67:75:e8:39:ee:ac:ed:79:
5d:57:34:76:60:7e:40:de:02:bc:9d:59:29:d7:a8:
09:92:38:d7:f6:d2:7f:9f:d1:83:ec:32:68:ff:99:
e0:22:f8:95:20:cf:25:77:9e:24:22:c6:da:4b:95:
ca:fc:7e:a2:dd:27:ea:a1:10:a2:4d:23:62:02:27:
7b:79:b7:f7:98:d9:7d:c9:93:3a:31:71:19:fc:6a:
9f:b5:30:de:e0:3b:a3:14:d0:36:58:9d:cb:92:9b:
df:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:28:42:55:9D:2D:CE:1D:8C:20:3E:48:1F:75:51:44:9B:44:D0:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
35:a5:0f:a8:40:d7:ca:2d:12:a6:ac:be:19:e0:54:d1:b7:7c:
54:f1:94:1c:fe:13:33:5d:cd:9f:bc:67:3e:eb:15:e4:f3:17:
03:20:8c:7f:de:f4:d7:37:90:de:0d:6e:f3:eb:49:6a:31:6e:
63:9a:15:bf:1c:f0:f0:ae:57:6c:60:81:35:06:a7:a2:dd:a2:
b9:62:90:74:c6:9a:b8:72:be:9a:dc:00:b9:ad:d0:fb:62:08:
47:bd:0a:f3:22:b1:d4:10:70:62:d7:8c:e6:57:23:95:eb:b7:
0e:27:f7:a9:fe:3a:76:1c:3c:6e:50:fc:98:49:92:a5:d3:1a:
3d:c4:68:c2:30:b2:59:8b:8a:84:51:35:17:e0:53:11:f4:17:
63:c8:52:39:93:53:dd:5c:4b:ae:5f:05:ae:73:5b:3e:07:69:
92:14:9f:c1:ba:34:3c:f3:1f:1c:d6:d6:ef:43:6f:38:82:f7:
f7:e8:ec:45:15:4d:b9:fe:8c:37:38:1b:f9:a5:3f:7a:b1:e1:
fb:d1:c3:8b:29:91:d4:1e:48:45:ea:d7:6f:b2:a0:96:c6:5c:
d7:e5:1a:fc:ca:fe:c6:e7:51:19:8c:2b:04:4a:2e:b7:56:11:
e8:d7:da:62:bd:31:cc:3d:3b:b6:03:ab:e0:95:2d:24:12:49:
ea:05:5a:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKJIMBbuNVtdI33oXTIEgD8bFl9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNjQ2OWY1ZjY5ZDFhZTI2ODU0Njk0ZjQ5MGQ2N2M0MWZmNTAyYWMzODg0
OTcyNWQxMzc4M2EzODgzNzhiYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZ+cKu2PMXrhWJHNk9xXKN9LJKZbePJ2exsrTI7z0WSAkrg/xB4Ghts5TO3
TwHe/mY0FS065TuK98cjiGrEFIxDWodG+aoKGegR2kciw7DDvC78qygtgmWj1yVF
CY39Toy6BpDhS/eV/BRdlTIzc/kxB5CiBi1OLJ38SDaVnl/HZo0Tf87bRrfHSlmw
BHdVNyVEIDf/JOLNwh+77md16DnurO15XVc0dmB+QN4CvJ1ZKdeoCZI41/bSf5/R
g+wyaP+Z4CL4lSDPJXeeJCLG2kuVyvx+ot0n6qEQok0jYgIne3m395jZfcmTOjFx
Gfxqn7Uw3uA7oxTQNlidy5Kb3x8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvKEJV
nS3OHYwgPkgfdVFEm0TQrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQA1pQ+oQNfKLRKmrL4Z4FTRt3xU8ZQc/hMzXc2f
vGc+6xXk8xcDIIx/3vTXN5DeDW7z60lqMW5jmhW/HPDwrldsYIE1Bqei3aK5YpB0
xpq4cr6a3AC5rdD7YghHvQrzIrHUEHBi14zmVyOV67cOJ/ep/jp2HDxuUPyYSZKl
0xo9xGjCMLJZi4qEUTUX4FMR9BdjyFI5k1PdXEuuXwWuc1s+B2mSFJ/BujQ88x8c
1tbvQ284gvf36OxFFU25/ow3OBv5pT96seH70cOLKZHUHkhF6tdvsqCWxlzX5Rr8
yv7G51EZjCsESi63VhHo19pivTHMPTu2A6vglS0kEknqBVpb
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:54 2025 by rpki-client