Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
File: 25d6c805-f312-4cce-8017-ebfd2169880d.roa (raw, json)
Hash identifier: SXMp+bSsAJn7fI2Bqro3hVyAi3Gj5V9Wx75DItV69S0=
Subject key identifier: 37:55:01:20:F0:83:8B:72:14:EA:E8:48:43:50:CE:E0:20:93:00:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A01B0C76F4D54FB518B72AE3589504CB2496E8F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:01:b0:c7:6f:4d:54:fb:51:8b:72:ae:35:89:50:4c:b2:49:6e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=56a2d2294b5c6abb1e285c45b860dedaa0e9ba38b5fac4b23e3354f5acf122e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:18:5f:35:e7:06:71:02:d2:2e:bf:0f:24:b0:
8f:50:a3:dc:a8:46:3d:36:71:80:3e:9d:3c:5e:e2:
89:39:df:a7:7e:9a:e8:a1:69:68:45:09:cc:27:c0:
c7:35:2a:2e:b5:b8:6a:57:df:cd:77:04:60:e6:c8:
b2:dd:a7:2f:71:76:8e:22:c3:07:94:ee:5e:e4:27:
fc:ca:7f:d3:80:dd:6b:0e:2e:40:76:f6:1e:8c:dc:
a3:8a:bc:af:09:0c:54:e1:3e:f6:34:47:27:e1:b4:
cb:76:58:5c:a7:cd:0a:ae:10:36:6e:35:60:8b:35:
0e:2c:be:0e:0c:b0:61:59:c8:d0:41:95:1f:d4:d4:
88:dc:ce:11:5b:9d:5e:8b:55:f2:e5:15:e8:ba:96:
60:85:ca:d6:ec:61:9f:9d:38:0d:99:0f:3b:b6:5d:
9c:0c:ab:ec:e2:fd:b5:cc:b0:a0:5f:2d:5d:c9:88:
f0:fa:23:90:8f:7f:34:ed:4d:c2:51:0d:e8:f7:81:
9e:fe:5c:cd:6c:55:6d:1d:ea:14:b3:12:22:e3:4f:
23:13:08:d1:48:1d:ab:d9:bd:d9:64:4b:d8:12:b3:
3c:b3:cc:83:14:25:3b:fa:af:31:bc:7f:ce:0e:59:
44:22:7a:3a:ec:c6:d8:dd:ea:d6:45:22:ee:a5:ac:
85:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:55:01:20:F0:83:8B:72:14:EA:E8:48:43:50:CE:E0:20:93:00:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
18:d4:c4:c2:a1:3e:4d:52:5f:4c:f5:ff:1a:a0:9b:fe:42:1c:
fa:75:e8:fd:6d:49:28:b1:e5:64:54:7f:41:35:12:14:04:64:
8a:c7:12:f4:0a:ce:2c:05:93:ac:60:a4:d1:7b:57:35:a4:ab:
8f:b4:85:99:3b:c9:41:b8:d0:86:8c:ef:91:0c:1c:36:aa:cb:
71:11:54:d6:50:90:ca:77:d0:db:a7:57:34:f9:b2:5c:c6:d4:
72:8c:45:1f:d9:a1:fe:58:10:56:05:2c:65:c0:1a:30:ea:ad:
cf:6a:f4:90:d2:75:63:e7:6e:18:2a:62:ff:2b:56:61:c3:69:
95:52:74:c9:de:76:02:eb:65:b5:74:e4:76:00:63:fd:d8:8d:
8f:fb:2d:1e:85:10:50:e9:ba:cc:07:6b:24:9d:a6:f8:66:65:
c5:1d:54:12:bb:55:74:3d:e0:f4:3d:ad:a8:80:9d:ca:c5:d2:
f3:15:4b:32:b2:a8:12:45:64:b5:a1:d7:f5:4e:4c:b1:53:fa:
6c:1c:d9:bd:11:78:24:25:c3:2c:c9:a0:57:23:6e:d6:56:9b:
16:5a:f7:12:29:50:5b:e9:ee:a7:6b:1b:ad:74:f9:5b:b9:dd:
7e:ee:40:ab:29:23:8b:30:90:6c:11:e9:53:8c:9f:ac:1c:03:
ec:61:35:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGgGwx29NVPtRi3KuNYlQTLJJbo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2YTJkMjI5NGI1YzZhYmIxZTI4NWM0NWI4NjBkZWRhYTBlOWJhMzhiNWZh
YzRiMjNlMzM1NGY1YWNmMTIyZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoYXzXnBnEC0i6/DySwj1Cj3KhGPTZxgD6dPF7iiTnfp36a6KFpaEUJzCfA
xzUqLrW4alffzXcEYObIst2nL3F2jiLDB5TuXuQn/Mp/04Ddaw4uQHb2Hozco4q8
rwkMVOE+9jRHJ+G0y3ZYXKfNCq4QNm41YIs1Diy+DgywYVnI0EGVH9TUiNzOEVud
XotV8uUV6LqWYIXK1uxhn504DZkPO7ZdnAyr7OL9tcywoF8tXcmI8PojkI9/NO1N
wlEN6PeBnv5czWxVbR3qFLMSIuNPIxMI0Ugdq9m92WRL2BKzPLPMgxQlO/qvMbx/
zg5ZRCJ6OuzG2N3q1kUi7qWshdsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3VQEg
8IOLchTq6EhDUM7gIJMAyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkNmM4MDUtZjMxMi00Y2NlLTgwMTctZWJmZDIxNjk4ODBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQAY1MTCoT5NUl9M9f8aoJv+Qhz6dej9bUkoseVk
VH9BNRIUBGSKxxL0Cs4sBZOsYKTRe1c1pKuPtIWZO8lBuNCGjO+RDBw2qstxEVTW
UJDKd9Dbp1c0+bJcxtRyjEUf2aH+WBBWBSxlwBow6q3PavSQ0nVj524YKmL/K1Zh
w2mVUnTJ3nYC62W1dOR2AGP92I2P+y0ehRBQ6brMB2sknab4ZmXFHVQSu1V0PeD0
Pa2ogJ3KxdLzFUsysqgSRWS1odf1TkyxU/psHNm9EXgkJcMsyaBXI27WVpsWWvcS
KVBb6e6naxutdPlbud1+7kCrKSOLMJBsEelTjJ+sHAPsYTWh
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:22:10 2025 by rpki-client