Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
File: 207860c2-8f39-42e7-9631-e06b6a545c7d.roa (raw, json)
Hash identifier: 2EdB8h8NgTxP9uYzlzmrKGKNNFrzIL8ZSL6sj+4jSdM=
Subject key identifier: 3E:2D:F9:4B:76:D2:FE:A3:DE:C8:4D:D6:F5:88:F5:88:17:BD:80:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F15BEC8A95EF1F831EB936D621E0DF9B1F42F10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:60c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:15:be:c8:a9:5e:f1:f8:31:eb:93:6d:62:1e:0d:f9:b1:f4:2f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=936d81c94a75f3ebaa064aaa263d25f5c5812058b9075d387d2c58bd107ac20f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:67:24:4e:cf:57:91:c2:5d:3d:e7:59:9c:e6:
98:0d:6d:18:45:0c:f9:9d:93:e8:a8:7d:a7:76:c6:
e0:8e:a6:0e:d0:18:15:7a:90:95:c1:81:07:1a:8a:
72:21:41:3a:ec:ed:cc:5b:6d:c5:a0:cd:51:1d:0e:
45:d7:76:f5:e3:54:12:f8:96:ea:e4:31:41:27:1b:
53:8f:23:3c:f2:2b:37:a8:ef:d4:58:b2:a7:e9:35:
f7:d9:86:a8:31:64:6f:66:56:25:4d:94:96:6e:a2:
75:d7:7c:d1:a0:0f:70:5a:c4:38:78:fb:e6:ec:97:
3d:54:96:5a:00:9d:8f:fb:9a:ef:0e:1f:29:60:a4:
23:ef:65:de:71:ac:2c:80:8c:12:01:08:e0:b9:c3:
43:9e:67:4a:26:de:0b:7e:a8:7a:7b:50:55:a4:43:
e0:6c:ba:71:d9:31:9d:cf:c6:2a:65:c5:e9:64:24:
45:5c:7c:d3:fc:72:0e:55:7d:28:57:27:ea:ac:c7:
bf:21:d6:36:a2:fe:1e:94:a6:06:77:fa:33:f0:ed:
5e:e6:4a:1f:b1:91:44:31:63:a0:c8:65:f3:a8:f5:
29:d9:1f:76:84:98:99:79:d2:d8:bb:b1:c9:ba:5e:
46:43:48:5d:90:d9:ef:64:1a:51:45:1d:21:1c:78:
09:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2D:F9:4B:76:D2:FE:A3:DE:C8:4D:D6:F5:88:F5:88:17:BD:80:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
88:ed:fc:0a:60:a5:3e:f1:a8:e5:6e:3c:ff:4a:36:78:8c:a5:
dd:a4:2b:b9:78:8d:47:60:93:92:c1:15:2d:c7:7b:8e:d9:92:
cc:3d:48:f2:62:5d:38:b3:9d:f1:69:e0:d0:4f:ae:98:a6:53:
a3:82:ac:bd:a4:ff:07:de:b8:aa:31:42:bf:95:8e:f1:af:c3:
36:31:b7:47:1f:71:45:c0:59:bb:95:5f:0c:46:22:99:de:91:
6a:26:c5:61:85:79:38:4f:19:96:2e:4f:b8:af:3c:35:32:eb:
d5:b4:65:d0:e3:3c:3f:82:15:e9:27:42:1d:af:b6:ab:16:dd:
da:34:08:fa:17:4b:91:89:75:aa:6f:8d:db:94:ed:2f:a8:da:
30:04:60:52:8a:f5:59:c4:8a:e5:e4:1a:6c:2f:05:45:45:ef:
a6:f2:6d:6d:6b:2e:b5:f4:69:d4:11:67:59:1c:ed:fe:64:cd:
05:47:d6:88:cf:aa:69:77:54:3e:15:02:6b:65:61:7c:9d:4d:
fc:53:2a:dc:6b:29:ea:b0:9c:59:ce:22:3f:1a:97:8e:dd:9b:
ff:bc:ac:8f:3e:f2:fc:a7:18:d4:1b:c1:34:a3:d9:9a:e9:4e:
eb:ab:c4:a7:a7:ae:36:62:6a:9c:4b:56:f3:45:e4:f2:c7:e9:
45:5d:79:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTxW+yKle8fgx65NtYh4N+bH0LxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzNmQ4MWM5NGE3NWYzZWJhYTA2NGFhYTI2M2QyNWY1YzU4MTIwNThiOTA3
NWQzODdkMmM1OGJkMTA3YWMyMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxnJE7PV5HCXT3nWZzmmA1tGEUM+Z2T6Kh9p3bG4I6mDtAYFXqQlcGBBxqK
ciFBOuztzFttxaDNUR0ORdd29eNUEviW6uQxQScbU48jPPIrN6jv1Fiyp+k199mG
qDFkb2ZWJU2Ulm6iddd80aAPcFrEOHj75uyXPVSWWgCdj/ua7w4fKWCkI+9l3nGs
LICMEgEI4LnDQ55nSibeC36oentQVaRD4Gy6cdkxnc/GKmXF6WQkRVx80/xyDlV9
KFcn6qzHvyHWNqL+HpSmBnf6M/DtXuZKH7GRRDFjoMhl86j1KdkfdoSYmXnS2Lux
ybpeRkNIXZDZ72QaUUUdIRx4CS0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+LflL
dtL+o97ITdb1iPWIF72AjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjA3ODYwYzItOGYzOS00MmU3LTk2MzEtZTA2YjZhNTQ1YzdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
wDANBgkqhkiG9w0BAQsFAAOCAQEAiO38CmClPvGo5W48/0o2eIyl3aQruXiNR2CT
ksEVLcd7jtmSzD1I8mJdOLOd8Wng0E+umKZTo4KsvaT/B964qjFCv5WO8a/DNjG3
Rx9xRcBZu5VfDEYimd6RaibFYYV5OE8Zli5PuK88NTLr1bRl0OM8P4IV6SdCHa+2
qxbd2jQI+hdLkYl1qm+N25TtL6jaMARgUor1WcSK5eQabC8FRUXvpvJtbWsutfRp
1BFnWRzt/mTNBUfWiM+qaXdUPhUCa2VhfJ1N/FMq3Gsp6rCcWc4iPxqXjt2b/7ys
jz7y/KcY1BvBNKPZmulO66vEp6euNmJqnEtW80Xk8sfpRV15Og==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:51 2025 by rpki-client