Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
File: 2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa (raw, json)
Hash identifier: 4N7m77abns/uzOXS4qsbC7+OUz7RM4/7ifvHXEXza1Q=
Subject key identifier: 87:C0:A8:0B:D5:0A:5E:B9:07:AB:C2:B7:E4:AA:34:5A:02:74:60:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CE429D3FA02F25C3DF78A141B174B30DB7018C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:e4:29:d3:fa:02:f2:5c:3d:f7:8a:14:1b:17:4b:30:db:70:18:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=103522809b35944a3d28c16ce089bd8598e1e80c2d212a247a98e3914bec3327, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:25:f8:0d:65:6a:85:1e:25:2d:57:70:a7:
72:dd:bb:69:6d:3c:8a:0d:27:39:c4:a1:af:2e:41:
7b:f1:38:b1:4f:5e:74:2e:54:d4:e1:58:b4:76:53:
67:6f:56:ff:37:bc:61:01:37:7f:da:e4:c4:9f:91:
67:f8:ab:59:da:60:33:3d:25:da:26:26:81:d9:26:
83:77:6f:32:09:e4:1c:74:5c:32:16:35:53:25:03:
9e:c6:d4:7d:6c:6e:69:45:07:36:f1:04:74:71:28:
13:67:2b:80:8a:c7:dd:e8:61:f9:87:25:af:9f:ac:
ff:fc:e8:ad:c1:39:48:1c:de:38:c1:0a:cb:cf:6f:
c5:94:bb:ca:35:3d:4a:25:6c:84:ca:4b:53:76:df:
c4:8e:bc:6c:89:62:9d:ba:85:30:be:17:54:fb:ee:
79:35:b6:55:49:e0:d9:a7:71:03:5c:32:fb:15:45:
53:97:e0:8e:33:6e:75:f6:85:69:ce:3c:a4:94:90:
25:db:ba:a6:be:bb:e0:f9:2e:7f:29:6c:15:92:bb:
84:82:0e:a3:13:8d:fb:88:ab:df:22:9a:2a:43:5a:
cc:81:00:4e:fb:1c:a1:e3:ab:0f:18:8f:68:06:61:
22:df:d0:3b:84:bb:b1:6d:4f:e4:f2:16:25:84:9d:
b7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C0:A8:0B:D5:0A:5E:B9:07:AB:C2:B7:E4:AA:34:5A:02:74:60:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9080::/46
Signature Algorithm: sha256WithRSAEncryption
84:38:e8:06:49:0c:ae:9d:5a:c3:c7:5f:2a:cd:cb:11:28:d5:
00:03:dd:77:af:40:cd:36:77:92:d9:3b:1a:79:7b:47:87:9a:
9b:09:f6:90:15:8c:5c:fd:4e:27:46:f2:a2:3c:59:12:ba:b1:
ea:3d:b8:9e:52:64:9e:e4:1c:f8:10:88:28:cf:a6:8a:e4:5f:
d3:59:fe:65:ca:7a:89:9e:15:69:98:35:72:40:bd:4b:23:6e:
eb:21:47:1e:95:13:25:19:dc:55:b0:50:6d:f8:1d:57:36:d9:
62:02:17:c3:91:42:3a:bf:d0:98:a1:0b:07:32:9d:b8:1a:40:
aa:f8:f8:2d:4c:7a:ea:1d:5b:75:ff:ab:61:37:ac:e8:cd:f8:
70:99:0a:3f:e6:bc:1d:a2:7d:ed:5c:12:17:a6:85:54:22:f2:
28:81:89:74:a8:54:52:7f:6f:44:f5:f1:b8:ab:84:eb:32:d2:
7b:47:d2:d8:be:a1:ea:24:49:57:f2:31:a7:52:b4:22:38:29:
00:86:a8:1d:93:1e:b5:bb:04:59:a0:66:d1:2e:a3:ed:f1:45:
80:00:ce:85:ea:88:84:02:fb:21:67:e8:1c:0a:5d:84:06:8a:
b8:4b:ac:61:27:20:12:f4:77:01:71:fc:89:5c:7b:72:8f:de:
6d:ca:26:5b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTOQp0/oC8lw994oUGxdLMNtwGMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMzUyMjgwOWIzNTk0NGEzZDI4YzE2Y2UwODliZDg1OThlMWU4MGMyZDIx
MmEyNDdhOThlMzkxNGJlYzMzMjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKo/JfgNZWqFHiUtV3Cnct27aW08ig0nOcShry5Be/E4sU9edC5U1OFYtHZT
Z29W/ze8YQE3f9rkxJ+RZ/irWdpgMz0l2iYmgdkmg3dvMgnkHHRcMhY1UyUDnsbU
fWxuaUUHNvEEdHEoE2crgIrH3ehh+Yclr5+s//zorcE5SBzeOMEKy89vxZS7yjU9
SiVshMpLU3bfxI68bIlinbqFML4XVPvueTW2VUng2adxA1wy+xVFU5fgjjNudfaF
ac48pJSQJdu6pr674PkufylsFZK7hIIOoxON+4ir3yKaKkNazIEATvscoeOrDxiP
aAZhIt/QO4S7sW1P5PIWJYSdt7UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHwKgL
1QpeuQerwrfkqjRaAnRg7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjEzM2E5ZTEtOWYzYy00NjYyLWIzYzMtNWNlYTBjOTQwNmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAhDjoBkkMrp1aw8dfKs3LESjVAAPdd69AzTZ3
ktk7Gnl7R4eamwn2kBWMXP1OJ0byojxZErqx6j24nlJknuQc+BCIKM+miuRf01n+
Zcp6iZ4VaZg1ckC9SyNu6yFHHpUTJRncVbBQbfgdVzbZYgIXw5FCOr/QmKELBzKd
uBpAqvj4LUx66h1bdf+rYTes6M34cJkKP+a8HaJ97VwSF6aFVCLyKIGJdKhUUn9v
RPXxuKuE6zLSe0fS2L6h6iRJV/Ixp1K0IjgpAIaoHZMetbsEWaBm0S6j7fFFgADO
heqIhAL7IWfoHApdhAaKuEusYScgEvR3AXH8iVx7co/ebcomWw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:44 2025 by rpki-client