Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json)
Hash identifier: Z3zysyTVev1n/hPt1T4syAn3vNNVSbd3EekCb3cta+g=
Subject key identifier: A2:44:E6:A8:56:99:B2:89:C6:21:FD:97:C6:3A:78:E5:B6:6A:EC:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 280C1249925E9859D09414FF3FF3490D7B423703
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:0c:12:49:92:5e:98:59:d0:94:14:ff:3f:f3:49:0d:7b:42:37:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=4427b06d3ee236faf533a8f8817ddd3c4e27f6582d63904368cc7a230ef356f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:30:6c:08:c4:8e:ac:09:d6:95:fa:48:e5:27:
9e:c7:5b:df:0d:ca:4f:84:ff:8b:a1:17:c1:e6:0b:
fc:14:ec:bb:00:56:e4:97:c3:7c:5a:15:2f:23:3b:
bb:cd:ef:04:a4:e2:ae:f4:da:94:6a:02:52:7f:cc:
33:66:94:74:8f:35:25:f2:e0:d9:bb:24:75:ed:66:
e0:2f:c8:47:c6:55:26:2b:07:4d:c6:26:c6:b9:e9:
59:f6:0a:3b:52:78:9c:68:62:20:6b:36:88:8f:90:
c9:9d:79:8e:80:4d:2e:e0:cd:16:54:b6:35:0a:68:
47:20:f6:f9:1c:31:a2:58:e6:e8:35:70:f0:5f:10:
8d:d5:53:3e:9d:70:de:27:07:f6:a4:c0:1a:b2:8a:
79:f4:fe:4d:10:41:4a:4c:65:2b:92:90:ed:68:f6:
d8:f2:dd:c3:5e:0e:47:05:0d:43:8c:d9:54:d9:51:
48:41:71:02:13:04:e5:07:9b:16:72:87:1d:8a:bd:
4f:5d:68:e0:0f:fa:0b:94:eb:40:6e:91:39:af:0a:
04:f0:49:17:3d:8a:60:72:26:36:79:87:56:7e:89:
6b:1c:57:80:85:60:b2:17:e2:44:84:a3:ec:ea:f5:
63:89:98:3e:22:25:57:68:92:ba:cf:d5:65:6f:63:
70:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:44:E6:A8:56:99:B2:89:C6:21:FD:97:C6:3A:78:E5:B6:6A:EC:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:8a:c0:34:a7:86:8d:84:20:ba:08:6d:b9:82:91:c2:bb:79:
21:80:9a:a2:e3:3f:c3:94:29:0b:4e:81:5d:52:c4:8f:51:a4:
8a:db:68:64:a2:b0:85:e8:e8:ac:62:62:37:47:48:ea:6a:8b:
25:d1:f7:15:a8:19:95:8a:4d:d5:a0:f1:83:64:ec:30:8f:50:
e1:30:52:6e:c7:80:b3:b0:13:d7:82:ed:fe:2e:87:d2:01:88:
fc:4f:ba:6c:4f:e8:6f:c1:66:17:9c:14:2d:35:32:3d:18:67:
4e:be:12:d5:18:a6:91:b1:d3:3f:c5:17:45:df:72:ba:19:8b:
d8:3a:90:a5:da:02:d9:25:35:54:95:08:6c:2b:45:30:f5:c6:
66:0c:03:ed:af:04:99:f4:67:0f:0d:c0:2c:bf:3c:f5:3e:af:
35:cb:c2:03:b8:01:91:c8:35:d9:3a:18:29:78:92:c7:c2:dc:
50:b9:8f:ff:62:4c:95:51:b3:f2:07:87:8a:07:dd:c3:c8:67:
31:d7:81:aa:77:31:f7:7f:ab:ab:40:81:36:8c:e8:69:9d:56:
46:93:46:e3:7e:85:a9:73:e9:1d:80:ce:bb:8e:60:af:a1:27:
f0:4d:3c:87:3e:8a:8a:9d:9d:ed:34:d0:91:67:63:ab:0a:9d:
4b:3d:e7:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKAwSSZJemFnQlBT/P/NJDXtCNwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0MjdiMDZkM2VlMjM2ZmFmNTMzYThmODgxN2RkZDNjNGUyN2Y2NTgyZDYz
OTA0MzY4Y2M3YTIzMGVmMzU2ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALowbAjEjqwJ1pX6SOUnnsdb3w3KT4T/i6EXweYL/BTsuwBW5JfDfFoVLyM7
u83vBKTirvTalGoCUn/MM2aUdI81JfLg2bskde1m4C/IR8ZVJisHTcYmxrnpWfYK
O1J4nGhiIGs2iI+QyZ15joBNLuDNFlS2NQpoRyD2+Rwxoljm6DVw8F8QjdVTPp1w
3icH9qTAGrKKefT+TRBBSkxlK5KQ7Wj22PLdw14ORwUNQ4zZVNlRSEFxAhME5Qeb
FnKHHYq9T11o4A/6C5TrQG6ROa8KBPBJFz2KYHImNnmHVn6JaxxXgIVgshfiRISj
7Or1Y4mYPiIlV2iSus/VZW9jcE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiROao
VpmyicYh/ZfGOnjltmrs7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g
MA0GCSqGSIb3DQEBCwUAA4IBAQCdisA0p4aNhCC6CG25gpHCu3khgJqi4z/DlCkL
ToFdUsSPUaSK22hkorCF6OisYmI3R0jqaosl0fcVqBmVik3VoPGDZOwwj1DhMFJu
x4CzsBPXgu3+LofSAYj8T7psT+hvwWYXnBQtNTI9GGdOvhLVGKaRsdM/xRdF33K6
GYvYOpCl2gLZJTVUlQhsK0Uw9cZmDAPtrwSZ9GcPDcAsvzz1Pq81y8IDuAGRyDXZ
OhgpeJLHwtxQuY//YkyVUbPyB4eKB93DyGcx14GqdzH3f6urQIE2jOhpnVZGk0bj
foWpc+kdgM67jmCvoSfwTTyHPoqKnZ3tNNCRZ2OrCp1LPed2
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:06 2025 by rpki-client