Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/30177917-eb02-4f67-9e61-0d4bf5db1ac9.roa
File: 30177917-eb02-4f67-9e61-0d4bf5db1ac9.roa (raw, json)
Hash identifier: nUnVAuP1e2V1ed20VDuC75Of/HBxvo4zRRj8Mhs+6Bo=
Subject key identifier: 8E:EA:F1:D6:EF:81:F8:D0:99:0A:20:24:27:05:2A:28:F9:FB:22:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 101222B923AE461CCC76AA820FD8EAE123FCE936
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/30177917-eb02-4f67-9e61-0d4bf5db1ac9.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:12:22:b9:23:ae:46:1c:cc:76:aa:82:0f:d8:ea:e1:23:fc:e9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a275a9b70189962e208970d9e9b64bc168f964f43be279f320785b4142f78e0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:71:66:06:cf:6f:8f:e3:8a:4a:54:fd:0a:fd:
d2:f2:16:37:87:50:77:1f:50:60:e8:34:53:26:91:
b8:e4:85:a9:66:f0:15:4d:16:50:8d:76:15:31:41:
17:65:06:be:61:0b:86:3f:23:82:ad:58:67:a3:35:
82:bb:f5:82:9d:2f:e0:a5:a3:7f:30:d9:dc:ad:f3:
00:f6:00:58:de:a1:1c:34:71:f4:88:93:50:f5:0a:
7b:9a:9e:a9:c6:bd:6b:9b:2c:a7:d0:0a:c1:fa:54:
10:b1:26:4b:eb:64:c2:56:52:5d:1b:c7:8f:9d:39:
07:b1:81:e0:33:09:4e:f7:94:7d:43:65:0f:95:e7:
4f:fd:9f:e5:76:eb:4e:c2:64:35:a5:77:43:6e:c9:
92:00:77:f0:f6:b8:3b:1a:28:13:a9:ba:38:0e:28:
60:b8:2a:60:d0:eb:ed:b0:0f:3b:91:4e:78:ea:67:
c6:8e:15:02:f7:92:40:75:13:0f:87:ec:ad:cd:a7:
44:73:24:b4:5c:80:14:9b:9e:5f:2e:0d:9b:2b:d8:
c9:ba:76:23:63:6c:16:98:37:60:88:6c:43:20:10:
0a:6b:26:b9:18:78:84:c0:d6:01:d8:2d:f6:cc:1d:
93:f0:b2:83:4c:86:16:e8:a5:f0:cc:34:16:94:5c:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:EA:F1:D6:EF:81:F8:D0:99:0A:20:24:27:05:2A:28:F9:FB:22:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/30177917-eb02-4f67-9e61-0d4bf5db1ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:c1:8b:7f:f7:91:c7:9d:9c:8c:b6:56:3d:04:3d:2b:58:9e:
6e:fb:30:ba:ad:67:34:06:fb:fc:a6:ad:44:44:09:09:30:4a:
b8:38:1c:e4:fe:a7:ab:13:05:a3:cd:d6:ab:72:1c:3d:e5:f0:
2e:11:2f:56:64:cc:01:aa:8c:4a:9a:79:01:76:9c:9f:52:4b:
37:5a:e2:66:d5:b9:ee:b0:73:1b:a4:8e:f3:fd:55:9c:3a:9f:
d1:01:53:c7:e3:76:89:0d:86:15:84:97:f7:27:3a:d3:79:ae:
6e:67:f3:da:45:31:4d:e4:d6:ac:f4:b0:73:e7:dc:af:5e:00:
6c:67:43:04:ce:cc:f1:f3:4b:c8:bc:a5:c6:a1:ce:6c:4f:52:
a6:5b:1d:8d:44:ec:1b:75:9b:9a:d6:01:77:f9:c1:97:d7:43:
a3:4a:20:01:4f:51:7a:e3:76:c8:6d:37:c9:73:e5:99:c3:03:
fb:49:da:24:02:e7:bb:30:f4:98:ca:f8:70:e3:35:9d:99:73:
94:5c:72:74:c8:be:5e:39:e5:f6:1e:72:b0:e0:3c:a5:cc:1c:
96:41:3b:ba:ba:3e:b1:f6:b1:35:27:74:ce:56:1d:bd:04:b6:
65:d2:f0:34:41:c5:2f:d8:05:8e:bf:88:6f:7d:c2:27:9a:5e:
58:28:dc:f5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEBIiuSOuRhzMdqqCD9jq4SP86TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyNzVhOWI3MDE4OTk2MmUyMDg5NzBkOWU5YjY0YmMxNjhmOTY0ZjQzYmUy
NzlmMzIwNzg1YjQxNDJmNzhlMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPpxZgbPb4/jikpU/Qr90vIWN4dQdx9QYOg0UyaRuOSFqWbwFU0WUI12FTFB
F2UGvmELhj8jgq1YZ6M1grv1gp0v4KWjfzDZ3K3zAPYAWN6hHDRx9IiTUPUKe5qe
qca9a5ssp9AKwfpUELEmS+tkwlZSXRvHj505B7GB4DMJTveUfUNlD5XnT/2f5Xbr
TsJkNaV3Q27JkgB38Pa4OxooE6m6OA4oYLgqYNDr7bAPO5FOeOpnxo4VAveSQHUT
D4fsrc2nRHMktFyAFJueXy4NmyvYybp2I2NsFpg3YIhsQyAQCmsmuRh4hMDWAdgt
9swdk/Cyg0yGFuil8Mw0FpRchUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO6vHW
74H40JkKICQnBSoo+fsiZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzAxNzc5MTctZWIwMi00ZjY3LTllNjEtMGQ0YmY1ZGIxYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQBrwYt/95HHnZyMtlY9BD0rWJ5u+zC6rWc0Bvv8
pq1ERAkJMEq4OBzk/qerEwWjzdarchw95fAuES9WZMwBqoxKmnkBdpyfUks3WuJm
1bnusHMbpI7z/VWcOp/RAVPH43aJDYYVhJf3JzrTea5uZ/PaRTFN5Nas9LBz59yv
XgBsZ0MEzszx80vIvKXGoc5sT1KmWx2NROwbdZua1gF3+cGX10OjSiABT1F643bI
bTfJc+WZwwP7SdokAue7MPSYyvhw4zWdmXOUXHJ0yL5eOeX2HnKw4DylzByWQTu6
uj6x9rE1J3TOVh29BLZl0vA0QcUv2AWOv4hvfcInml5YKNz1
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:19 2025 by rpki-client