Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
File: 22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa (raw, json)
Hash identifier: EqHLKCmN89kfJCLc55z/aq4ye0DgYUux0oYCUAL6aKg=
Subject key identifier: 47:94:C2:72:1C:E9:D1:F2:00:B3:F7:8D:BB:41:C1:B8:54:4F:A1:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58814745E6D9BB6E37E53E2029D7E512E375127A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:81:47:45:e6:d9:bb:6e:37:e5:3e:20:29:d7:e5:12:e3:75:12:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=7c2dcb9d94338057d572e06e6b269ee6ebcf1a9966a72efb37b1d9728ae3aa05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:e7:07:27:76:c7:ea:83:76:30:32:4e:3c:
6a:e8:2a:9b:ea:8e:72:b3:b0:3b:a5:16:e6:23:ed:
f8:26:20:aa:30:64:5b:c3:79:b6:70:4e:5c:0e:88:
c5:c7:fd:b3:74:39:e3:14:0c:27:16:fa:05:86:b2:
b4:29:06:6b:fe:2e:8d:5e:5c:d2:cd:d6:ac:c9:4f:
45:f7:a8:88:22:34:75:0d:cd:0d:50:f1:08:6a:83:
37:e9:aa:59:a9:35:7e:6b:40:69:02:6a:ad:47:dc:
2d:a6:7c:ce:59:d6:2e:fa:eb:71:a6:88:41:38:c6:
1b:3d:27:f9:26:24:58:48:cd:4f:d5:f5:9f:28:96:
88:1a:82:66:14:98:ba:96:90:c6:79:f3:b6:5e:b9:
0d:14:a2:8d:56:08:1d:17:0b:f0:3d:1d:f4:cf:11:
32:93:a7:90:23:13:4b:f6:18:9f:99:0b:9d:9c:53:
3a:91:57:1e:14:56:5d:bf:3e:79:4e:9c:fb:72:ad:
d8:2a:86:e5:0a:cc:b0:0d:96:8f:9b:1c:aa:3a:c1:
7d:04:11:6e:9a:87:1f:bd:40:57:b3:fa:e5:32:fd:
e0:a3:ed:ac:27:ca:42:b1:6d:b5:11:99:28:a5:97:
6b:ee:17:81:61:7d:10:0a:d6:6d:bf:95:cd:36:14:
9f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:94:C2:72:1C:E9:D1:F2:00:B3:F7:8D:BB:41:C1:B8:54:4F:A1:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:aa:23:f2:3b:58:68:64:78:38:dc:95:8e:95:65:08:99:9e:
38:1f:e7:90:43:69:ba:0f:0a:7b:b9:c5:69:94:fa:db:9c:70:
a8:b7:cf:0c:a8:b6:60:26:42:51:ce:e3:9c:69:89:8a:4f:90:
60:23:6d:f9:39:cf:48:f0:57:b3:ed:10:ae:ea:0b:bf:82:27:
56:3f:ca:75:ea:e9:e0:95:29:92:dc:f9:f8:54:34:6b:4d:bf:
8b:69:e8:7a:7d:93:fd:a9:11:db:b3:7c:9f:0f:1f:9a:07:1e:
58:00:51:dd:a8:a5:c6:e1:d0:85:17:00:c9:51:3f:3e:e7:91:
c0:a8:7e:d1:7a:e3:2b:41:d8:d6:6f:6e:12:13:b1:ed:62:49:
45:3f:bf:e8:dd:2c:ca:c9:c0:c7:e0:3e:50:40:19:45:e2:a9:
76:86:32:ef:66:e4:ad:95:50:0e:1a:34:d6:11:80:76:f3:d2:
ad:fe:a1:e3:1c:c8:4b:f1:bd:3c:a9:c2:08:f9:19:7a:a0:c8:
f1:73:ce:b7:50:a1:26:2c:d6:ef:aa:4e:cf:51:b6:31:2d:d1:
eb:04:24:a9:3c:6a:7c:56:7b:0a:8b:94:e8:a8:62:17:a8:e2:
64:9a:a3:56:3c:9d:98:a5:47:9c:26:e3:61:e7:a0:eb:fc:55:
72:cd:59:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWIFHRebZu2435T4gKdflEuN1EnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMmRjYjlkOTQzMzgwNTdkNTcyZTA2ZTZiMjY5ZWU2ZWJjZjFhOTk2NmE3
MmVmYjM3YjFkOTcyOGFlM2FhMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx55wcndsfqg3YwMk48augqm+qOcrOwO6UW5iPt+CYgqjBkW8N5tnBOXA6I
xcf9s3Q54xQMJxb6BYaytCkGa/4ujV5c0s3WrMlPRfeoiCI0dQ3NDVDxCGqDN+mq
Wak1fmtAaQJqrUfcLaZ8zlnWLvrrcaaIQTjGGz0n+SYkWEjNT9X1nyiWiBqCZhSY
upaQxnnztl65DRSijVYIHRcL8D0d9M8RMpOnkCMTS/YYn5kLnZxTOpFXHhRWXb8+
eU6c+3Kt2CqG5QrMsA2Wj5scqjrBfQQRbpqHH71AV7P65TL94KPtrCfKQrFttRGZ
KKWXa+4XgWF9EArWbb+VzTYUn9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHlMJy
HOnR8gCz9427QcG4VE+hJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjJjYjIwYmMtODA2My00MTY5LTllNGItYTNhZDI5YWVlZGM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBA
MA0GCSqGSIb3DQEBCwUAA4IBAQA6qiPyO1hoZHg43JWOlWUImZ44H+eQQ2m6Dwp7
ucVplPrbnHCot88MqLZgJkJRzuOcaYmKT5BgI235Oc9I8Fez7RCu6gu/gidWP8p1
6unglSmS3Pn4VDRrTb+Laeh6fZP9qRHbs3yfDx+aBx5YAFHdqKXG4dCFFwDJUT8+
55HAqH7ReuMrQdjWb24SE7HtYklFP7/o3SzKycDH4D5QQBlF4ql2hjLvZuStlVAO
GjTWEYB289Kt/qHjHMhL8b08qcII+Rl6oMjxc863UKEmLNbvqk7PUbYxLdHrBCSp
PGp8VnsKi5ToqGIXqOJkmqNWPJ2YpUecJuNh56Dr/FVyzVmm
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:00 2025 by rpki-client