Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: T51aOwC4zwtChR/6pTDhW/R2GJGBuBYZVvT4K6kCGEU=
Subject key identifier: 36:66:87:D8:25:31:7B:BB:58:FF:AC:F9:63:01:10:3C:09:FF:DF:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A955A39D0A3C367C98A9B899D38AA9C5708900A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:95:5a:39:d0:a3:c3:67:c9:8a:9b:89:9d:38:aa:9c:57:08:90:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c876ffa08fa13f008566ece23b6f203b068238f2e4a3242ef6add85a7194bee1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e2:3e:b0:22:08:72:f9:4b:9c:23:ad:1c:72:
4e:52:b7:e8:c6:1f:b8:18:1a:fb:85:67:a2:ac:9a:
f0:75:1d:5a:28:da:5d:ae:60:15:c0:89:5f:46:26:
35:ff:64:97:ab:03:90:cf:94:94:55:9c:e6:64:62:
11:2d:f2:cb:5a:15:92:a4:c8:71:36:dc:d2:60:b0:
1b:e1:62:9c:01:63:f6:90:82:27:01:51:d9:01:81:
e0:c6:30:d2:16:f4:2f:c6:8e:a7:df:e9:eb:96:83:
7f:b3:17:1b:aa:2f:bf:34:be:aa:1f:7e:b2:d1:c6:
5d:d3:0a:f2:5d:e0:2b:dc:c1:d8:a3:8b:09:4c:de:
50:5f:78:f2:2e:44:8b:00:ad:f7:21:d6:33:0a:ad:
55:0a:9b:68:1f:7a:cb:81:36:0e:e5:90:7a:c4:5a:
e4:4f:68:fa:20:6f:34:c8:b1:f5:59:fb:cf:3c:8c:
69:d2:41:7b:3e:10:80:0b:81:df:7f:c0:9c:5c:df:
25:5b:18:65:2e:41:bc:b3:be:f5:41:38:d0:15:da:
e5:59:57:92:37:19:ae:51:bc:0e:3d:e4:93:55:81:
5f:9e:80:ae:b0:5e:bf:b9:49:a0:81:83:7d:e1:95:
fc:fe:09:af:46:6b:22:60:45:fe:f0:09:fd:ce:79:
42:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:66:87:D8:25:31:7B:BB:58:FF:AC:F9:63:01:10:3C:09:FF:DF:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:1b:24:b6:e7:87:ac:36:eb:1c:8c:f6:0d:21:40:9f:14:b9:
8f:38:4a:75:99:66:d2:c3:c7:8b:59:58:d1:3a:b5:5b:a6:5d:
c2:ca:80:35:f2:8e:22:70:cb:61:87:7c:48:db:cf:1d:0d:dc:
50:20:d6:57:a1:04:45:25:2f:49:16:37:59:23:19:1d:cb:48:
70:49:a2:f9:62:3d:4d:be:89:57:0f:9d:0d:29:63:16:0d:2f:
45:0b:d4:f6:ed:eb:15:63:e8:c0:7b:a7:e7:f3:e3:56:e6:7b:
ba:2b:41:39:59:ae:24:3f:13:8c:99:f0:41:cd:db:16:1e:40:
47:40:19:5a:5c:40:91:e3:8d:7f:f3:8c:6b:b9:c0:c0:40:b5:
3d:58:c9:d0:6f:df:98:99:cf:77:b0:a6:35:56:34:8a:6e:13:
d1:f7:7e:27:6c:c3:a9:4f:90:74:90:05:1b:a1:5a:38:52:ab:
09:98:8f:13:44:73:6b:38:8a:16:26:76:ed:1d:26:50:cc:63:
dd:e6:8e:8c:c5:a1:71:28:9f:b6:57:52:9b:a2:1c:9c:46:a4:
a5:c5:7d:92:c8:78:bf:4c:43:bb:d4:de:24:99:36:1b:cc:db:
8d:60:30:49:a2:d7:c8:c9:b9:d6:9f:78:b4:ea:3b:44:13:af:
93:7b:e0:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWpVaOdCjw2fJipuJnTiqnFcIkAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4NzZmZmEwOGZhMTNmMDA4NTY2ZWNlMjNiNmYyMDNiMDY4MjM4ZjJlNGEz
MjQyZWY2YWRkODVhNzE5NGJlZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXiPrAiCHL5S5wjrRxyTlK36MYfuBga+4Vnoqya8HUdWijaXa5gFcCJX0Ym
Nf9kl6sDkM+UlFWc5mRiES3yy1oVkqTIcTbc0mCwG+FinAFj9pCCJwFR2QGB4MYw
0hb0L8aOp9/p65aDf7MXG6ovvzS+qh9+stHGXdMK8l3gK9zB2KOLCUzeUF948i5E
iwCt9yHWMwqtVQqbaB96y4E2DuWQesRa5E9o+iBvNMix9Vn7zzyMadJBez4QgAuB
33/AnFzfJVsYZS5BvLO+9UE40BXa5VlXkjcZrlG8Dj3kk1WBX56ArrBev7lJoIGD
feGV/P4Jr0ZrImBF/vAJ/c55QgUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2ZofY
JTF7u1j/rPljARA8Cf/fTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQCoGyS254esNuscjPYNIUCfFLmPOEp1mWbSw8eL
WVjROrVbpl3CyoA18o4icMthh3xI288dDdxQINZXoQRFJS9JFjdZIxkdy0hwSaL5
Yj1NvolXD50NKWMWDS9FC9T27esVY+jAe6fn8+NW5nu6K0E5Wa4kPxOMmfBBzdsW
HkBHQBlaXECR441/84xrucDAQLU9WMnQb9+Ymc93sKY1VjSKbhPR934nbMOpT5B0
kAUboVo4UqsJmI8TRHNrOIoWJnbtHSZQzGPd5o6MxaFxKJ+2V1KbohycRqSlxX2S
yHi/TEO71N4kmTYbzNuNYDBJotfIybnWn3i06jtEE6+Te+Bz
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:38 2025 by rpki-client