Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
File: 1fb46240-1c3f-4b2f-9927-3470c9898890.roa (raw, json)
Hash identifier: ner0azQm+D7oTzisZk8HTpvncMVxdUjXi1T/kp/tZe4=
Subject key identifier: 72:51:F9:E0:CD:61:8B:45:D0:93:D8:29:45:F7:37:38:B4:E5:E8:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F843AFC061CE7658F882BA0E1426C7598FDF65B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80a0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:84:3a:fc:06:1c:e7:65:8f:88:2b:a0:e1:42:6c:75:98:fd:f6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=629598679358a19594a5e0c6b144b1a79bdc6dc747aac21fc1cfb825a5d389a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b7:73:5f:c1:37:aa:71:79:f7:e0:68:ad:8d:
fe:3d:ec:c2:a4:1b:7f:b6:8e:49:d8:73:f1:37:d0:
7d:fd:39:b1:bc:4e:d5:4b:6e:f7:c1:58:b1:16:d4:
b6:45:5d:f6:29:3d:14:21:be:c7:95:55:da:24:cc:
44:87:7e:51:8d:36:fb:54:36:25:d1:4d:43:ec:fe:
cd:ee:08:b9:d3:2e:2b:c8:8d:e0:86:dd:96:15:91:
78:ee:88:40:f7:01:60:13:b3:fd:78:da:91:17:ad:
31:b6:62:12:7e:04:5c:21:4d:c3:4d:20:91:4e:08:
f0:73:31:fe:52:c3:ed:ca:b9:33:b2:dd:a5:2c:a0:
dd:70:91:31:3c:6d:42:0b:87:75:ae:28:f1:2b:09:
94:2f:56:c4:34:1c:88:1a:f0:73:31:7b:74:b4:a6:
07:8b:a0:35:2c:25:d8:33:0b:ac:0d:b7:79:9c:9c:
26:0e:90:e4:4e:6c:59:8d:5d:39:27:17:ef:a5:17:
8d:61:ed:c5:4a:dd:60:ac:9b:ab:ee:ba:af:41:1c:
bc:4a:ae:d3:81:0e:1a:b0:8a:8f:c2:bd:33:4c:32:
9f:58:de:b8:87:4d:4c:2f:ac:73:84:a3:25:38:44:
a5:eb:66:bb:41:36:20:42:26:cd:76:c5:56:b0:7b:
1a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:51:F9:E0:CD:61:8B:45:D0:93:D8:29:45:F7:37:38:B4:E5:E8:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:07:e4:4d:ff:04:fd:a7:af:9a:a3:6a:a2:2b:e2:55:b4:6e:
82:f2:e2:64:1f:3c:6f:20:1f:72:c3:a5:dc:1b:4b:ea:ec:b3:
0a:49:a2:0b:f9:b1:e5:07:65:cf:76:cb:7a:bd:8b:25:d7:b1:
c6:16:e3:09:11:b1:5b:e3:23:2f:a1:2b:cb:0d:a4:55:79:29:
11:47:85:ca:79:ee:64:00:7e:a4:e5:99:bd:8b:87:c2:a1:24:
e6:c1:be:a7:b3:a3:9c:38:d0:9c:9a:73:12:06:58:5f:4b:7b:
eb:f4:1b:48:51:b4:f3:3c:6c:ca:79:a2:d1:9a:eb:07:3d:e5:
39:12:1c:d7:c3:1e:75:6c:b7:d7:8a:63:df:aa:52:7c:b7:9c:
30:91:4c:8d:a0:87:44:a9:e1:d4:04:37:58:60:4e:a7:4c:0a:
bf:b9:d7:77:dd:24:fc:20:ee:8c:76:44:2e:85:7e:f0:90:fc:
f1:c6:98:8f:b4:a1:22:46:e3:3b:b0:97:7d:79:da:c4:64:ac:
d7:a0:c6:d3:66:3f:b4:0c:5d:74:87:40:20:79:5b:30:b9:e4:
6c:3c:7d:9c:b6:f9:bb:87:5f:bf:4c:d7:74:26:08:b2:fd:a9:
72:28:d3:f8:c4:54:96:55:da:5f:3c:a2:d0:da:73:35:11:c3:
c9:19:e2:c9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf4Q6/AYc52WPiCug4UJsdZj99lswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyOTU5ODY3OTM1OGExOTU5NGE1ZTBjNmIxNDRiMWE3OWJkYzZkYzc0N2Fh
YzIxZmMxY2ZiODI1YTVkMzg5YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN23c1/BN6pxeffgaK2N/j3swqQbf7aOSdhz8TfQff05sbxO1Utu98FYsRbU
tkVd9ik9FCG+x5VV2iTMRId+UY02+1Q2JdFNQ+z+ze4IudMuK8iN4IbdlhWReO6I
QPcBYBOz/XjakRetMbZiEn4EXCFNw00gkU4I8HMx/lLD7cq5M7LdpSyg3XCRMTxt
QguHda4o8SsJlC9WxDQciBrwczF7dLSmB4ugNSwl2DMLrA23eZycJg6Q5E5sWY1d
OScX76UXjWHtxUrdYKybq+66r0EcvEqu04EOGrCKj8K9M0wyn1jeuIdNTC+sc4Sj
JThEpetmu0E2IEImzXbFVrB7Gh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyUfng
zWGLRdCT2ClF9zc4tOXoczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWZiNDYyNDAtMWMzZi00YjJmLTk5MjctMzQ3MGM5ODk4ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
oDANBgkqhkiG9w0BAQsFAAOCAQEAfQfkTf8E/aevmqNqoiviVbRugvLiZB88byAf
csOl3BtL6uyzCkmiC/mx5Qdlz3bLer2LJdexxhbjCRGxW+MjL6Eryw2kVXkpEUeF
ynnuZAB+pOWZvYuHwqEk5sG+p7OjnDjQnJpzEgZYX0t76/QbSFG08zxsynmi0Zrr
Bz3lORIc18MedWy314pj36pSfLecMJFMjaCHRKnh1AQ3WGBOp0wKv7nXd90k/CDu
jHZELoV+8JD88caYj7ShIkbjO7CXfXnaxGSs16DG02Y/tAxddIdAIHlbMLnkbDx9
nLb5u4dfv0zXdCYIsv2pcijT+MRUllXaXzyi0NpzNRHDyRniyQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:02 2025 by rpki-client