Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
File: 1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa (raw, json)
Hash identifier: xTIB5vscQRwu2859oCr3nVrOxucQP/ABXxMlcSRpj1Q=
Subject key identifier: D4:3A:98:20:EE:44:A3:39:D7:05:94:FC:F5:08:E1:B5:AC:78:61:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B7197020125390AE9D5F7434F4D83A2F739AA1D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:71:97:02:01:25:39:0a:e9:d5:f7:43:4f:4d:83:a2:f7:39:aa:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=978b8564a207d6a270b9728dcb16555522b6a289a23d3904511eb0e538778896, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:18:54:f6:ff:5b:18:70:2e:2a:70:8f:c0:97:
ef:cf:be:d4:fd:8e:a2:ea:21:1e:6c:6a:d2:bc:ff:
6c:a4:da:d4:34:af:2b:72:37:0b:7c:78:e3:db:76:
aa:74:25:6a:c3:79:82:7a:1b:5a:3b:b7:c4:22:e0:
f3:d5:14:39:66:3e:d5:82:87:7a:16:82:04:ea:21:
62:ae:55:47:e0:0c:08:d8:68:79:42:87:65:b8:d7:
7e:d3:df:cd:39:c6:12:7a:81:33:ad:e6:9f:78:f1:
85:49:e4:5a:f3:1a:6c:08:6c:c1:38:ba:1d:97:79:
7c:ff:12:ba:fd:28:fd:59:f2:e7:5c:82:97:ac:89:
ae:7f:4a:15:7f:d5:42:d5:ea:b2:5d:7c:94:a4:22:
5d:df:ee:25:b6:ea:52:10:68:2e:c0:d8:ea:ce:ea:
e6:f9:25:77:0b:3f:3b:8f:fb:26:ac:bf:f1:38:a4:
cd:47:04:5a:4a:16:d4:bf:e4:0f:78:d9:b5:52:60:
f4:80:b8:24:3d:e8:0c:1e:8c:b1:3c:a6:f3:ec:0e:
96:a2:4d:a0:a8:37:cc:c8:13:5c:6e:1f:a6:f9:04:
85:c4:45:f0:8f:87:fc:0c:3c:5d:93:e5:10:a1:cc:
3b:67:eb:c2:04:df:ce:7a:d7:e3:ef:94:04:04:05:
b9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3A:98:20:EE:44:A3:39:D7:05:94:FC:F5:08:E1:B5:AC:78:61:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c080::/48
Signature Algorithm: sha256WithRSAEncryption
9c:11:61:c0:87:75:ec:8e:fa:b1:ab:a9:b3:f9:a2:8e:ab:5c:
4f:7c:2b:3f:66:96:43:2c:1c:71:ea:df:02:c3:65:f6:36:ec:
5b:42:fc:76:e0:c7:6e:23:b1:2a:33:56:0c:0c:51:fe:62:95:
b3:eb:cb:f2:5c:15:a8:22:09:7b:7d:40:5a:35:ea:fd:29:5c:
fb:9c:02:67:7f:16:ff:5c:31:97:84:df:0a:2e:e4:0c:74:e1:
2f:d8:d7:33:a4:68:36:f3:ee:42:2a:e0:40:1e:ce:0e:48:2b:
1e:cb:cc:6f:e7:ec:91:1e:3b:9a:f9:91:ce:bb:81:67:75:50:
f6:84:84:fb:af:ab:c2:a9:df:74:7c:e3:cd:c0:ca:0f:42:64:
fc:70:7d:8b:b5:4a:d7:27:2b:5f:c1:bb:84:9f:87:f7:4f:02:
2b:10:67:57:c2:e2:9c:a8:11:53:08:57:fc:7b:a2:86:e6:81:
60:94:d8:b8:35:97:9f:08:38:02:d0:82:80:b4:1d:69:a3:a5:
d3:5b:7f:3a:55:a2:a2:4a:6e:02:1c:4b:6d:16:b0:42:67:a8:
40:c8:f0:56:42:28:0d:df:0f:e8:b2:c1:1a:6c:e1:40:27:d6:
a9:71:58:2c:df:99:b4:17:d5:70:8d:1b:23:b8:ed:07:c8:b3:
cb:72:6d:9d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG3GXAgElOQrp1fdDT02Dovc5qh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3OGI4NTY0YTIwN2Q2YTI3MGI5NzI4ZGNiMTY1NTU1MjJiNmEyODlhMjNk
MzkwNDUxMWViMGU1Mzg3Nzg4OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8YVPb/WxhwLipwj8CX78++1P2OouohHmxq0rz/bKTa1DSvK3I3C3x449t2
qnQlasN5gnobWju3xCLg89UUOWY+1YKHehaCBOohYq5VR+AMCNhoeUKHZbjXftPf
zTnGEnqBM63mn3jxhUnkWvMabAhswTi6HZd5fP8Suv0o/Vny51yCl6yJrn9KFX/V
QtXqsl18lKQiXd/uJbbqUhBoLsDY6s7q5vkldws/O4/7Jqy/8TikzUcEWkoW1L/k
D3jZtVJg9IC4JD3oDB6MsTym8+wOlqJNoKg3zMgTXG4fpvkEhcRF8I+H/Aw8XZPl
EKHMO2frwgTfznrX4++UBAQFuY8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUOpgg
7kSjOdcFlPz1COG1rHhhuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjYzhkYjUtNDFiNi00MmZjLTllMmUtOTg1NDBhYWRkODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
gDANBgkqhkiG9w0BAQsFAAOCAQEAnBFhwId17I76saups/mijqtcT3wrP2aWQywc
cerfAsNl9jbsW0L8duDHbiOxKjNWDAxR/mKVs+vL8lwVqCIJe31AWjXq/Slc+5wC
Z38W/1wxl4TfCi7kDHThL9jXM6RoNvPuQirgQB7ODkgrHsvMb+fskR47mvmRzruB
Z3VQ9oSE+6+rwqnfdHzjzcDKD0Jk/HB9i7VK1ycrX8G7hJ+H908CKxBnV8LinKgR
UwhX/HuihuaBYJTYuDWXnwg4AtCCgLQdaaOl01t/OlWiokpuAhxLbRawQmeoQMjw
VkIoDd8P6LLBGmzhQCfWqXFYLN+ZtBfVcI0bI7jtB8izy3JtnQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:25 2025 by rpki-client