Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
File: 1f07adbd-573b-4a8c-861a-930797d8dcc7.roa (raw, json)
Hash identifier: Z9OMP7vdNJ+GlDzn78J1fk/LBvIfTGn9j9KUV/6IaxY=
Subject key identifier: AD:F3:05:5F:72:00:4B:86:65:1C:20:C1:B5:02:6E:BE:B1:94:13:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01CCF88C17E74322D706753315730BB258F03544
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:40c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:cc:f8:8c:17:e7:43:22:d7:06:75:33:15:73:0b:b2:58:f0:35:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d9fabea215c9019ff4dfd982a0ca919a6c28dd4ba7437e386dda811a087d840b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:3a:cf:a4:37:b2:5e:16:1a:40:a6:52:26:
14:11:97:ea:3c:ee:43:70:2b:02:28:fd:38:31:6d:
c3:ce:36:38:ea:6a:bd:d1:65:b1:3d:39:83:e0:43:
61:e7:fe:76:7f:02:4e:b2:32:d1:ee:02:0b:e9:09:
e7:d0:56:10:cf:0d:73:0a:2c:75:93:d1:61:df:00:
77:c0:42:2b:b0:de:bb:4d:18:e2:63:c2:77:0e:1a:
f7:67:af:06:f2:02:ea:3a:7b:6b:7b:82:20:94:3f:
2d:ec:0d:49:05:91:48:a0:e6:14:99:3d:0a:e2:f3:
cf:9c:7b:38:b6:30:65:24:d8:2f:94:88:7d:6e:12:
9d:25:fb:d1:bb:5b:26:de:46:b9:4d:bc:d4:b8:4a:
a1:e7:ae:8e:21:7b:8b:49:64:2b:08:4d:7f:dc:80:
be:40:ef:a8:73:f2:76:11:e8:9d:ac:25:36:6d:8c:
aa:67:65:79:b9:31:83:20:f2:05:9f:9a:41:a9:df:
a8:3e:b5:c6:e4:24:9b:10:0d:4a:2e:5a:1c:9b:c4:
e4:2f:35:f4:44:b1:3f:33:97:b4:2f:af:81:31:77:
f9:66:29:59:b6:ad:5d:95:49:54:b2:29:99:a2:37:
d0:07:b6:57:dd:ee:64:2a:9a:5d:18:3d:f4:a3:95:
8f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F3:05:5F:72:00:4B:86:65:1C:20:C1:B5:02:6E:BE:B1:94:13:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
65:33:37:28:25:d8:4a:36:21:8a:cd:4e:96:f5:af:77:55:32:
bd:d5:8e:e4:d1:e5:3c:de:ab:ea:45:97:fc:7c:10:82:10:9a:
ce:29:6b:40:cb:3f:71:c7:d3:9e:45:88:4f:34:5f:96:a1:27:
08:84:84:fe:a5:43:d6:10:7f:0a:5a:e5:bf:58:c3:f3:c2:1d:
f4:ac:63:00:83:5a:3d:dc:ba:d0:4d:45:17:ce:5d:44:0d:f0:
8f:14:10:04:77:8b:3e:b9:9d:3d:22:9b:30:38:05:28:73:21:
30:27:b7:78:18:d4:dd:36:2b:9d:4e:69:c8:c2:30:b5:17:bc:
41:1f:6d:d3:92:62:cd:a0:c1:24:fa:54:27:22:91:28:8e:5f:
bd:31:98:79:c5:68:77:dd:65:d1:43:6d:a8:fd:1b:39:a0:6a:
cf:24:8f:e6:75:07:6f:db:46:c9:df:d6:e3:16:1e:c0:0c:0d:
7a:3d:ad:fa:69:5b:83:1f:35:15:f7:74:f6:b6:cd:34:d7:6d:
8d:e7:83:72:97:07:08:e2:be:a7:65:91:8f:23:a7:d6:32:c2:
1b:0d:bb:b9:cd:d5:74:78:5e:15:1b:67:5f:fc:6f:51:4a:9e:
fe:f8:92:b2:c3:66:46:dc:18:3c:3d:55:bf:ef:51:7c:84:b9:
b5:8b:ed:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAcz4jBfnQyLXBnUzFXMLsljwNUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5ZmFiZWEyMTVjOTAxOWZmNGRmZDk4MmEwY2E5MTlhNmMyOGRkNGJhNzQz
N2UzODZkZGE4MTFhMDg3ZDg0MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhwOs+kN7JeFhpAplImFBGX6jzuQ3ArAij9ODFtw842OOpqvdFlsT05g+BD
Yef+dn8CTrIy0e4CC+kJ59BWEM8NcwosdZPRYd8Ad8BCK7Deu00Y4mPCdw4a92ev
BvIC6jp7a3uCIJQ/LewNSQWRSKDmFJk9CuLzz5x7OLYwZSTYL5SIfW4SnSX70btb
Jt5GuU281LhKoeeujiF7i0lkKwhNf9yAvkDvqHPydhHonawlNm2MqmdlebkxgyDy
BZ+aQanfqD61xuQkmxANSi5aHJvE5C819ESxPzOXtC+vgTF3+WYpWbatXZVJVLIp
maI30Ae2V93uZCqaXRg99KOVjysCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSt8wVf
cgBLhmUcIMG1Am6+sZQT9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWYwN2FkYmQtNTczYi00YThjLTg2MWEtOTMwNzk3ZDhkY2M3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdA
wDANBgkqhkiG9w0BAQsFAAOCAQEAZTM3KCXYSjYhis1OlvWvd1UyvdWO5NHlPN6r
6kWX/HwQghCazilrQMs/ccfTnkWITzRflqEnCISE/qVD1hB/Clrlv1jD88Id9Kxj
AINaPdy60E1FF85dRA3wjxQQBHeLPrmdPSKbMDgFKHMhMCe3eBjU3TYrnU5pyMIw
tRe8QR9t05JizaDBJPpUJyKRKI5fvTGYecVod91l0UNtqP0bOaBqzySP5nUHb9tG
yd/W4xYewAwNej2t+mlbgx81Ffd09rbNNNdtjeeDcpcHCOK+p2WRjyOn1jLCGw27
uc3VdHheFRtnX/xvUUqe/viSssNmRtwYPD1Vv+9RfIS5tYvtgw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:43 2025 by rpki-client