Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: tZDwR+xIbAaugBU3UHb6emUwJuAUEa5UV4PJZ1K81PA=
Subject key identifier: D5:99:A8:E5:79:A6:01:A3:4F:CB:B4:CC:9C:17:D2:0D:B7:5B:74:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 237070854D3BDC6903728ECE1C6850ADE3183B6D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:70:70:85:4d:3b:dc:69:03:72:8e:ce:1c:68:50:ad:e3:18:3b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=63425e1f244685284f9ff19ea2e12e04dabc4e33193597dc867b1378be46726d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4d:2b:c2:28:d7:08:df:76:89:84:ee:32:02:
39:99:61:c4:21:d4:14:e6:43:83:b5:49:96:b6:de:
2f:14:45:10:7b:84:1a:46:6f:7e:83:f8:09:0d:47:
17:4d:b1:29:70:26:f0:ee:22:dc:80:6d:a0:f7:6a:
c2:cd:79:a5:97:c2:9a:80:ee:4b:0f:35:29:9d:cf:
c1:ba:4f:85:59:bf:08:27:2d:4c:b0:e4:08:52:89:
ca:f3:78:55:65:d0:01:95:5b:11:16:87:d1:ce:c3:
9e:32:e1:18:1e:76:91:5f:a8:99:09:1b:98:c0:89:
1c:3c:f6:d2:ba:61:7d:76:1c:05:8a:04:57:ae:a9:
2d:dc:75:75:96:ff:73:01:db:bd:c2:02:8d:1d:7b:
05:ab:60:fa:d1:5a:f3:03:91:5f:7f:ad:cf:03:a2:
69:f9:64:33:95:ac:aa:61:10:34:0f:d5:eb:29:8e:
ca:e2:0a:bb:53:cd:aa:bb:f5:e2:e6:73:62:a3:9d:
e4:d3:3a:f0:5b:be:02:fa:b1:46:8c:1f:0b:e4:ab:
89:61:f2:93:b5:2c:3d:d7:b8:f0:a5:23:03:c6:33:
cb:9b:46:70:f0:d8:9b:22:46:98:6f:71:1d:cc:7a:
ce:d0:1c:86:a9:87:d0:1e:d5:2a:3a:1a:be:0f:bd:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:99:A8:E5:79:A6:01:A3:4F:CB:B4:CC:9C:17:D2:0D:B7:5B:74:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:3f:cf:da:41:80:3f:4a:ba:f5:28:02:7c:da:3d:df:62:cb:
0d:64:d7:25:5a:0d:56:7b:13:03:0f:d1:92:2d:2e:74:18:d6:
ce:72:9f:1c:3b:05:a3:58:63:2e:9a:ac:5f:c5:e4:82:26:2a:
ac:6a:2f:f6:9e:02:77:a8:43:f8:96:92:8a:d8:08:20:79:b7:
8c:48:e9:4d:25:78:4e:bb:f4:74:67:dd:4c:c6:17:cf:e7:3a:
73:86:f3:f0:3b:53:f3:3e:10:cc:b7:01:25:82:bd:6c:14:40:
b4:63:b9:f6:65:d1:e7:5d:cf:95:ef:42:a4:c0:f9:f9:d0:b8:
ae:19:79:1c:06:e3:4f:b4:33:87:e6:0f:1b:fa:d1:f3:d1:1f:
e0:71:d6:21:30:9e:13:b6:d8:ec:c9:f8:0f:16:db:e3:6a:7e:
55:fb:e6:b9:65:39:18:d0:c9:97:2e:a6:66:74:c7:88:27:4f:
4f:43:d2:3b:8d:d8:cd:54:51:83:7f:98:8d:7f:36:c1:c6:a6:
f0:a3:05:79:4c:bb:60:8f:ce:4d:9b:58:82:ba:4e:eb:5d:51:
02:7a:b5:cb:db:27:bc:25:85:35:54:03:ff:83:bc:ca:78:38:
07:2b:a6:9d:61:e1:1b:8b:00:99:a9:ca:29:37:03:1d:25:5b:
76:64:06:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI3BwhU073GkDco7OHGhQreMYO20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNDI1ZTFmMjQ0Njg1Mjg0ZjlmZjE5ZWEyZTEyZTA0ZGFiYzRlMzMxOTM1
OTdkYzg2N2IxMzc4YmU0NjcyNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAItNK8Io1wjfdomE7jICOZlhxCHUFOZDg7VJlrbeLxRFEHuEGkZvfoP4CQ1H
F02xKXAm8O4i3IBtoPdqws15pZfCmoDuSw81KZ3PwbpPhVm/CCctTLDkCFKJyvN4
VWXQAZVbERaH0c7DnjLhGB52kV+omQkbmMCJHDz20rphfXYcBYoEV66pLdx1dZb/
cwHbvcICjR17Batg+tFa8wORX3+tzwOiaflkM5WsqmEQNA/V6ymOyuIKu1PNqrv1
4uZzYqOd5NM68Fu+AvqxRowfC+SriWHyk7UsPde48KUjA8Yzy5tGcPDYmyJGmG9x
Hcx6ztAchqmH0B7VKjoavg+9Z/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVmajl
eaYBo0/LtMycF9INt1t0bTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtP8/aQYA/Srr1KAJ82j3fYssNZNclWg1WexMD
D9GSLS50GNbOcp8cOwWjWGMumqxfxeSCJiqsai/2ngJ3qEP4lpKK2AggebeMSOlN
JXhOu/R0Z91MxhfP5zpzhvPwO1PzPhDMtwElgr1sFEC0Y7n2ZdHnXc+V70KkwPn5
0LiuGXkcBuNPtDOH5g8b+tHz0R/gcdYhMJ4TttjsyfgPFtvjan5V++a5ZTkY0MmX
LqZmdMeIJ09PQ9I7jdjNVFGDf5iNfzbBxqbwowV5TLtgj85Nm1iCuk7rXVECerXL
2ye8JYU1VAP/g7zKeDgHK6adYeEbiwCZqcopNwMdJVt2ZAan
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:23 2025 by rpki-client