Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: elgFlasJ76P2/ISMa9BgTBXG7KnV6x1a9jacHBs9FRE=
Subject key identifier: 3C:1A:97:85:78:3E:59:B3:41:2C:CB:F9:E9:C7:99:68:16:9A:DA:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AB51C38F194AE0C6656EB6EF8235F0555BBE225
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Fri 17 Jan 2025 00:00:00 +0000
ROA not before: Fri 17 Jan 2025 00:00:00 +0000
ROA not after: Fri 21 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b5:1c:38:f1:94:ae:0c:66:56:eb:6e:f8:23:5f:05:55:bb:e2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 17 00:00:00 2025 GMT
Not After : Feb 21 23:59:59 2025 GMT
Subject: serialNumber=232edc9def67d2db07fdabfa638d3ebadf6b0a390daaf884b1085bbad127e801, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:5f:ff:45:3f:d6:f7:26:5e:f7:77:89:c6:
57:48:00:29:6e:d6:c0:63:7e:e5:b3:53:19:d3:9d:
37:0b:8d:83:27:ce:b4:95:4f:99:0c:06:89:9a:4c:
34:05:2a:87:54:d3:46:26:88:ef:e7:d4:91:07:b3:
28:b5:a1:7c:d6:f9:a9:03:42:01:d9:1a:62:72:37:
b5:92:c9:7c:af:78:01:05:63:37:84:50:54:91:20:
a3:f8:b3:3e:a0:d1:b1:fa:7d:9c:74:b9:09:64:85:
32:d7:33:68:00:ee:81:cb:9f:b2:6e:0c:9c:0a:22:
84:4f:24:6a:02:16:3c:47:d0:e1:9f:40:b5:8d:9e:
2b:ca:3e:b9:24:48:47:6a:72:cf:31:a3:b1:9d:ff:
ff:b5:b1:1c:ee:09:be:04:4b:d0:2a:49:d7:50:4d:
08:ad:8b:a7:f8:14:41:d3:dd:bd:4e:17:92:14:fd:
f6:23:15:5d:ea:44:31:97:7f:f0:2c:f8:4f:45:27:
6d:7a:68:8f:e8:65:8b:e0:a3:26:9c:16:1a:d0:b4:
c9:ee:76:f0:cf:e3:43:b8:c5:a9:71:9a:71:87:c0:
66:d8:b0:2d:2d:61:96:c6:7f:83:f3:46:4a:87:c1:
d1:bc:1a:fc:cc:46:2f:9b:9b:e6:74:2d:e9:6a:cc:
9c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1A:97:85:78:3E:59:B3:41:2C:CB:F9:E9:C7:99:68:16:9A:DA:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
42:09:0c:19:50:89:df:ca:3b:72:e2:34:57:d4:63:6b:aa:33:
43:b2:17:fa:d7:45:32:93:ba:17:e3:0a:e7:ec:52:33:79:b0:
29:59:26:79:8e:b1:0d:5c:dd:6b:07:22:1e:15:d7:ee:48:8c:
cb:8d:cd:c7:62:b4:7d:22:6a:82:23:2b:83:71:09:c1:e8:a4:
fd:0f:66:a9:89:a6:de:66:ad:fd:a2:dc:71:f8:4c:e3:e0:1b:
20:ea:02:9b:27:09:18:5d:83:41:61:07:05:32:71:89:86:c6:
c7:e4:b7:89:df:4a:ca:3b:9b:ee:af:6b:e5:09:3b:86:2a:65:
4d:c2:ee:88:3e:e9:93:69:ca:0f:fd:5e:da:b2:61:3f:a9:65:
7f:17:a5:f2:d4:d8:96:f9:2c:b9:71:37:38:9b:41:3b:4b:3b:
9c:43:65:6c:7a:3e:cf:9d:48:7d:5a:52:7d:86:9a:d7:97:7e:
8e:ab:6f:43:61:a1:27:a1:e3:06:ca:d5:12:2d:6f:da:ca:a2:
c5:cc:7f:55:6b:64:e4:d2:40:0d:44:da:8f:ea:0f:a0:98:f6:
6e:ae:40:94:49:99:27:8d:d1:c5:4d:b6:0b:20:d5:fc:d7:26:
e2:41:61:8a:06:9e:5a:cf:02:49:51:e4:e7:be:5a:7e:4e:31:
b2:4e:6f:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGrUcOPGUrgxmVutu+CNfBVW74iUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTcwMDAwMDBaFw0yNTAyMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzMmVkYzlkZWY2N2QyZGIwN2ZkYWJmYTYzOGQzZWJhZGY2YjBhMzkwZGFh
Zjg4NGIxMDg1YmJhZDEyN2U4MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ80X/9FP9b3Jl73d4nGV0gAKW7WwGN+5bNTGdOdNwuNgyfOtJVPmQwGiZpM
NAUqh1TTRiaI7+fUkQezKLWhfNb5qQNCAdkaYnI3tZLJfK94AQVjN4RQVJEgo/iz
PqDRsfp9nHS5CWSFMtczaADugcufsm4MnAoihE8kagIWPEfQ4Z9AtY2eK8o+uSRI
R2pyzzGjsZ3//7WxHO4JvgRL0CpJ11BNCK2Lp/gUQdPdvU4XkhT99iMVXepEMZd/
8Cz4T0UnbXpoj+hli+CjJpwWGtC0ye528M/jQ7jFqXGacYfAZtiwLS1hlsZ/g/NG
SofB0bwa/MxGL5ub5nQt6WrMnJMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8GpeF
eD5Zs0Esy/npx5loFpranjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBCCQwZUInfyjty4jRX1GNrqjNDshf610Uyk7oX
4wrn7FIzebApWSZ5jrENXN1rByIeFdfuSIzLjc3HYrR9ImqCIyuDcQnB6KT9D2ap
iabeZq39otxx+Ezj4Bsg6gKbJwkYXYNBYQcFMnGJhsbH5LeJ30rKO5vur2vlCTuG
KmVNwu6IPumTacoP/V7asmE/qWV/F6Xy1NiW+Sy5cTc4m0E7SzucQ2Vsej7PnUh9
WlJ9hprXl36Oq29DYaEnoeMGytUSLW/ayqLFzH9Va2Tk0kANRNqP6g+gmPZurkCU
SZknjdHFTbYLINX81ybiQWGKBp5azwJJUeTnvlp+TjGyTm/h
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:44 2025 by rpki-client