Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
File: 290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa (raw, json)
Hash identifier: D3N17B7HtPIaoO6RI5kXMJ7TiIJ+WDX1Jh823nE98yI=
Subject key identifier: 7C:AB:BC:A9:98:E0:9B:0A:44:2C:92:10:69:8E:23:BD:B2:59:0A:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6915FCF1E145EAD20F5DD7DC276D9F3E2B1A25B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:15:fc:f1:e1:45:ea:d2:0f:5d:d7:dc:27:6d:9f:3e:2b:1a:25:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=67bad201a355d8abe18987219a609ea69559a2c860c20d20486dd1e6f8e5213d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:2f:3d:91:7a:73:12:ef:de:c9:65:ae:1f:
3e:62:2a:d7:59:69:7b:41:d2:31:bd:64:34:4a:30:
3f:fd:5b:98:6a:30:75:38:7c:7c:53:64:f5:19:74:
2d:3f:ba:cb:22:96:bd:9d:a8:c4:00:b5:77:48:46:
dc:dc:00:b3:00:8d:39:86:c4:e9:43:af:8f:38:49:
37:e5:25:a2:f5:fb:a8:cd:ba:ac:32:4e:fe:09:7a:
12:2b:14:8f:c3:11:e8:5f:3e:52:04:dc:95:a3:be:
56:65:e7:d4:da:81:fa:f3:9f:e8:01:a3:9d:50:31:
f1:f3:97:18:0b:8c:29:71:d6:fe:9d:00:91:6d:5f:
42:f9:f9:d5:23:4e:94:d0:be:f0:dc:71:b9:8d:4c:
b0:99:96:c1:24:0f:3c:fa:9f:57:c5:05:dc:bb:40:
28:cd:47:33:b5:d5:9a:ed:db:4b:1e:e9:6d:ec:59:
b3:0d:2f:6a:df:72:99:95:ba:84:a3:b4:6e:de:75:
20:d1:35:38:99:12:5f:2c:e5:36:4d:87:95:56:e0:
bb:fa:b0:87:0b:f7:a5:3c:ac:80:ee:b3:cb:67:83:
8b:ac:a7:f1:d1:fa:27:04:73:da:da:a5:2a:19:55:
77:f7:97:69:32:c2:53:7f:a9:4a:f9:98:4f:c1:1e:
bb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AB:BC:A9:98:E0:9B:0A:44:2C:92:10:69:8E:23:BD:B2:59:0A:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/36
Signature Algorithm: sha256WithRSAEncryption
83:59:69:03:c8:39:dd:6e:70:86:44:87:0b:bc:b7:14:9c:6b:
da:67:3e:0c:3d:f7:f8:d2:52:42:bf:af:06:97:5e:36:2c:18:
50:c0:dd:2b:31:8b:ba:d3:b9:bb:60:dd:a1:20:ab:0c:46:cd:
d5:17:f8:16:06:af:09:e6:a3:06:79:0b:82:3b:52:3a:bb:dd:
61:fb:69:54:73:b0:7a:6c:2f:bb:04:10:4a:ef:82:f7:a1:14:
8d:b4:bf:10:e3:33:d2:97:71:4e:71:cf:c9:30:57:4a:20:8c:
86:c2:1d:75:1e:ad:ac:ee:2d:6d:ae:5d:de:32:06:9d:fe:0c:
f3:4a:a5:86:c1:86:cf:04:31:47:43:cc:dd:9b:cb:a7:df:69:
ec:f7:03:97:1d:d9:1a:bb:8e:c7:8b:46:db:5d:c5:19:5b:c3:
0e:fe:5a:46:f5:75:fc:9f:92:5f:a9:a3:99:e2:d2:a3:14:8e:
63:d6:96:09:87:fa:16:95:9d:d0:90:f0:f2:ef:be:96:32:f9:
a6:53:83:b2:3e:4d:30:e3:ea:85:1b:8c:e1:87:8e:fa:9b:b9:
1f:c7:1c:b2:ad:92:6c:b1:2d:87:81:4b:c4:48:38:6c:58:93:
ba:d3:e5:41:ed:32:47:cc:a4:f2:e6:cf:71:91:6f:98:59:2a:
58:60:00:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaRX88eFF6tIPXdfcJ22fPisaJbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3YmFkMjAxYTM1NWQ4YWJlMTg5ODcyMTlhNjA5ZWE2OTU1OWEyYzg2MGMy
MGQyMDQ4NmRkMWU2ZjhlNTIxM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJdLz2RenMS797JZa4fPmIq11lpe0HSMb1kNEowP/1bmGowdTh8fFNk9Rl0
LT+6yyKWvZ2oxAC1d0hG3NwAswCNOYbE6UOvjzhJN+UlovX7qM26rDJO/gl6EisU
j8MR6F8+UgTclaO+VmXn1NqB+vOf6AGjnVAx8fOXGAuMKXHW/p0AkW1fQvn51SNO
lNC+8NxxuY1MsJmWwSQPPPqfV8UF3LtAKM1HM7XVmu3bSx7pbexZsw0vat9ymZW6
hKO0bt51INE1OJkSXyzlNk2HlVbgu/qwhwv3pTysgO6zy2eDi6yn8dH6JwRz2tql
KhlVd/eXaTLCU3+pSvmYT8Eeu2sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8q7yp
mOCbCkQskhBpjiO9slkKsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjkwZTY3YzctN2I3NS00YjlkLWFiYzYtMGMzZWMzNGMxNTI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCDWWkDyDndbnCGRIcLvLcUnGvaZz4MPff40lJC
v68Gl142LBhQwN0rMYu607m7YN2hIKsMRs3VF/gWBq8J5qMGeQuCO1I6u91h+2lU
c7B6bC+7BBBK74L3oRSNtL8Q4zPSl3FOcc/JMFdKIIyGwh11Hq2s7i1trl3eMgad
/gzzSqWGwYbPBDFHQ8zdm8un32ns9wOXHdkau47Hi0bbXcUZW8MO/lpG9XX8n5Jf
qaOZ4tKjFI5j1pYJh/oWlZ3QkPDy776WMvmmU4OyPk0w4+qFG4zhh476m7kfxxyy
rZJssS2HgUvESDhsWJO60+VB7TJHzKTy5s9xkW+YWSpYYADF
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:55 2025 by rpki-client