Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
File: 2d9f3120-fab9-43aa-973f-4142925b1416.roa (raw, json)
Hash identifier: /Uww+1PZXfAMPWbNs20WE0bHSKDpGY57UoJ+i68H2iQ=
Subject key identifier: 99:DD:A6:42:74:79:22:7F:33:A3:D1:AD:51:2D:17:56:05:54:B6:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F8F9983834EB31583EAF1D9AE4F232472036883
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:10c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:8f:99:83:83:4e:b3:15:83:ea:f1:d9:ae:4f:23:24:72:03:68:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=04d461b118fb35474715c22275f80bac1d4cfdb947c01e3b713ec110da8a471b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5e:bc:52:33:a4:ba:9a:57:0f:f8:89:84:86:
4c:b5:05:aa:59:c1:98:bc:72:3e:65:f0:95:da:04:
fe:89:2e:96:6b:0d:57:05:e3:d3:cf:e3:29:4c:44:
4a:a5:dc:1a:43:7e:91:96:7e:3f:75:66:57:b8:b6:
8a:93:cd:f5:be:4b:c2:b0:87:e7:3f:ed:a0:88:12:
fe:04:bc:95:fe:17:c0:bf:88:0e:bc:e5:41:2f:1b:
6c:1d:b3:c3:99:ea:af:45:d5:56:d8:37:e0:5c:30:
0a:34:c6:e4:91:a3:86:01:69:75:d5:65:21:75:83:
59:36:c2:f0:33:64:3d:6e:ed:b1:ed:a3:aa:d6:20:
7a:ba:6e:24:de:0f:b6:8c:06:bd:5c:5f:2b:6e:be:
cb:e7:d3:78:c9:e0:3e:86:c8:ce:95:9c:da:a3:22:
3e:2c:08:12:13:4d:59:cf:eb:d3:61:82:e2:58:07:
95:1b:f9:2c:01:cb:d7:2c:3f:6d:10:27:32:58:71:
bf:9f:ba:5a:53:e1:42:b8:59:9b:69:af:db:a7:7d:
5c:b6:db:e7:b6:20:3d:c4:21:e9:c4:84:a7:60:31:
27:a4:dc:a0:34:78:40:b6:b3:94:e1:07:13:4e:8f:
7e:18:46:3e:0d:83:b5:58:ab:c2:8f:39:0d:f7:8b:
73:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DD:A6:42:74:79:22:7F:33:A3:D1:AD:51:2D:17:56:05:54:B6:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
93:01:d3:22:e5:5e:49:36:66:29:8a:e3:f8:d0:c7:a1:56:48:
01:b3:85:7b:c4:6d:9e:b1:bb:b3:18:00:14:fb:90:94:91:ff:
cf:c9:78:02:16:01:2d:d9:aa:1b:0b:2b:14:cb:52:5a:f9:bb:
61:73:ba:68:75:d8:e6:e0:9d:93:b8:28:19:2c:e6:e7:62:b0:
75:33:fa:5c:6d:ca:d6:cc:4f:68:a1:c4:31:a9:28:cc:da:dd:
fc:dc:8b:17:38:19:93:83:6d:b3:a1:7f:7c:78:c5:f6:ee:8a:
a0:a4:aa:ab:4b:3e:08:3e:38:37:ef:f4:4e:6d:6b:17:b8:f5:
c3:a4:fb:db:7f:73:9e:b8:30:58:0e:13:5f:46:18:5f:76:a7:
c7:51:03:64:f2:e3:4e:8a:79:93:b3:92:02:8d:44:d7:54:5e:
cf:a6:c6:b9:98:47:ec:ce:ed:9c:67:89:26:62:50:7e:a6:60:
57:c8:7c:61:67:4c:cb:20:5e:d4:fb:28:3a:95:dd:cb:e2:9d:
39:2b:17:41:69:df:af:5a:ab:6e:ed:36:a8:89:fb:3d:8c:0c:
09:fe:56:54:12:58:d4:03:d9:94:f6:7d:0a:ba:77:6d:d0:17:
b9:d6:1e:5c:82:68:03:3e:95:f8:b0:08:33:89:cc:e4:6e:1c:
d3:11:a0:b3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX4+Zg4NOsxWD6vHZrk8jJHIDaIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0ZDQ2MWIxMThmYjM1NDc0NzE1YzIyMjc1ZjgwYmFjMWQ0Y2ZkYjk0N2Mw
MWUzYjcxM2VjMTEwZGE4YTQ3MWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBevFIzpLqaVw/4iYSGTLUFqlnBmLxyPmXwldoE/okulmsNVwXj08/jKUxE
SqXcGkN+kZZ+P3VmV7i2ipPN9b5LwrCH5z/toIgS/gS8lf4XwL+IDrzlQS8bbB2z
w5nqr0XVVtg34FwwCjTG5JGjhgFpddVlIXWDWTbC8DNkPW7tse2jqtYgerpuJN4P
towGvVxfK26+y+fTeMngPobIzpWc2qMiPiwIEhNNWc/r02GC4lgHlRv5LAHL1yw/
bRAnMlhxv5+6WlPhQrhZm2mv26d9XLbb57YgPcQh6cSEp2AxJ6TcoDR4QLazlOEH
E06PfhhGPg2DtVirwo85DfeLcz8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSZ3aZC
dHkifzOj0a1RLRdWBVS2vjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmQ5ZjMxMjAtZmFiOS00M2FhLTk3M2YtNDE0MjkyNWIxNDE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAkwHTIuVeSTZmKYrj+NDHoVZIAbOFe8RtnrG7
sxgAFPuQlJH/z8l4AhYBLdmqGwsrFMtSWvm7YXO6aHXY5uCdk7goGSzm52KwdTP6
XG3K1sxPaKHEMakozNrd/NyLFzgZk4Nts6F/fHjF9u6KoKSqq0s+CD44N+/0Tm1r
F7j1w6T7239znrgwWA4TX0YYX3anx1EDZPLjTop5k7OSAo1E11Rez6bGuZhH7M7t
nGeJJmJQfqZgV8h8YWdMyyBe1PsoOpXdy+KdOSsXQWnfr1qrbu02qIn7PYwMCf5W
VBJY1APZlPZ9Crp3bdAXudYeXIJoAz6V+LAIM4nM5G4c0xGgsw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:39 2025 by rpki-client