Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
File: 2678e5d7-5995-4791-9318-f087e83654a9.roa (raw, json)
Hash identifier: aZp011YhnTFxYhJauGdJc/eULean7ixFeMF6ZKAZBIs=
Subject key identifier: 6D:A2:52:5E:B1:73:63:BF:2F:F2:68:D7:0C:21:5D:CF:AD:8B:12:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4905ADD2C444365186828C826016C7242A505EAE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
Signing time: Fri 31 Jan 2025 00:00:00 +0000
ROA not before: Fri 31 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:05:ad:d2:c4:44:36:51:86:82:8c:82:60:16:c7:24:2a:50:5e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 31 00:00:00 2025 GMT
Not After : Mar 7 23:59:59 2025 GMT
Subject: serialNumber=17cd64c6b9f416776c9f1a8e9493d9fefc267bcf47d6c34fb07670330c1f715a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:4c:20:09:7a:95:22:4d:a0:3f:5f:a7:96:
df:04:af:7f:8c:8f:14:05:ff:e6:02:12:25:01:3b:
32:3b:d6:10:94:72:36:93:79:2e:0f:62:47:63:3f:
cb:d0:ff:1e:e7:ed:22:cf:c4:0b:ae:46:aa:1a:41:
69:d8:7f:ee:4b:9c:c8:7d:7c:44:fe:55:fd:e5:82:
ec:ff:0a:6a:1c:a5:0c:d9:92:e2:f2:0c:13:f0:4f:
30:66:51:07:b4:4c:56:04:fe:2c:fa:27:0d:f3:cb:
11:45:23:e9:a6:ee:7d:fe:61:83:78:9f:9f:86:fa:
c3:4c:23:ad:a5:34:4a:1d:02:98:3a:54:b3:75:31:
d9:26:6b:1d:ec:f2:20:f2:ed:5c:6f:ee:cf:b3:50:
26:0e:00:ca:74:ff:7e:8e:af:1f:e7:ad:8f:64:0c:
a9:b5:f9:0f:38:64:04:a8:73:28:45:fc:68:3d:c7:
8e:5c:f6:ef:02:cc:29:92:6b:2b:37:3e:ae:14:82:
b1:bf:95:62:a9:af:f3:fa:bc:e8:ba:a4:67:56:95:
2b:15:78:c4:aa:19:b4:7a:ba:da:6c:8b:7f:82:17:
3f:49:b1:ce:64:99:a5:80:b2:e0:3d:71:7a:26:ea:
2b:30:f2:5a:3f:7a:55:ca:7d:f5:cd:af:6e:8a:3f:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A2:52:5E:B1:73:63:BF:2F:F2:68:D7:0C:21:5D:CF:AD:8B:12:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/48
Signature Algorithm: sha256WithRSAEncryption
03:40:e1:58:bd:41:10:0a:17:92:72:65:af:07:59:40:6f:30:
d9:fe:02:ab:50:f6:2a:93:32:a6:39:8d:e9:97:4f:c6:ce:a2:
08:1f:e6:1a:12:df:82:8e:cc:2b:ad:06:2f:0a:d1:3e:3c:e3:
b7:65:0e:b9:c0:d0:f1:69:52:0b:d0:57:ac:d0:39:d0:5d:d5:
01:81:8f:54:81:43:ab:44:bb:64:37:3a:63:ab:19:02:9f:68:
ac:5b:d4:03:5f:11:43:f2:ca:5c:21:f0:81:b9:40:96:21:43:
dd:27:21:94:27:77:31:be:98:07:29:23:b7:a9:37:de:53:56:
6d:56:99:f7:a7:18:ce:ab:f6:a8:75:b7:22:ab:4d:35:28:42:
c4:64:bc:50:30:01:22:0b:e7:c1:41:57:ec:30:8a:08:82:89:
34:0d:ec:9f:3d:b2:f8:a7:a5:05:74:41:e6:82:53:76:e4:51:
40:27:4b:6e:d6:69:29:88:5f:93:62:9d:87:be:23:73:25:e9:
49:8e:19:56:54:e4:b8:39:66:05:13:a2:cb:bd:33:18:44:d0:
a1:78:48:01:03:2e:0f:96:30:e8:14:f2:40:07:69:63:87:a6:
b7:0e:db:e7:05:80:0c:20:9d:95:b5:94:bc:57:6f:e2:ca:0c:
8c:c7:25:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSQWt0sRENlGGgoyCYBbHJCpQXq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMzEwMDAwMDBaFw0yNTAzMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3Y2Q2NGM2YjlmNDE2Nzc2YzlmMWE4ZTk0OTNkOWZlZmMyNjdiY2Y0N2Q2
YzM0ZmIwNzY3MDMzMGMxZjcxNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRETCAJepUiTaA/X6eW3wSvf4yPFAX/5gISJQE7MjvWEJRyNpN5Lg9iR2M/
y9D/HuftIs/EC65GqhpBadh/7kucyH18RP5V/eWC7P8KahylDNmS4vIME/BPMGZR
B7RMVgT+LPonDfPLEUUj6abuff5hg3ifn4b6w0wjraU0Sh0CmDpUs3Ux2SZrHezy
IPLtXG/uz7NQJg4AynT/fo6vH+etj2QMqbX5DzhkBKhzKEX8aD3Hjlz27wLMKZJr
Kzc+rhSCsb+VYqmv8/q86LqkZ1aVKxV4xKoZtHq62myLf4IXP0mxzmSZpYCy4D1x
eibqKzDyWj96Vcp99c2vboo/evMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRtolJe
sXNjvy/yaNcMIV3PrYsS3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3OGU1ZDctNTk5NS00NzkxLTkzMTgtZjA4N2U4MzY1NGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hbg
ADANBgkqhkiG9w0BAQsFAAOCAQEAA0DhWL1BEAoXknJlrwdZQG8w2f4Cq1D2KpMy
pjmN6ZdPxs6iCB/mGhLfgo7MK60GLwrRPjzjt2UOucDQ8WlSC9BXrNA50F3VAYGP
VIFDq0S7ZDc6Y6sZAp9orFvUA18RQ/LKXCHwgblAliFD3SchlCd3Mb6YBykjt6k3
3lNWbVaZ96cYzqv2qHW3IqtNNShCxGS8UDABIgvnwUFX7DCKCIKJNA3snz2y+Kel
BXRB5oJTduRRQCdLbtZpKYhfk2Kdh74jcyXpSY4ZVlTkuDlmBROiy70zGETQoXhI
AQMuD5Yw6BTyQAdpY4emtw7b5wWADCCdlbWUvFdv4soMjMclZA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:24:55 2025 by rpki-client