Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: lQzZYAmp9J1+/kJEiM7rlcOoeAnx2szSgx44ARjUgeg=
Subject key identifier: F2:2A:04:35:49:81:A9:FB:8E:7C:1D:05:CE:A9:24:3B:85:4F:E0:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7260FD0040ED62CF96F83D2F25BF81E8B25D00E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:60:fd:00:40:ed:62:cf:96:f8:3d:2f:25:bf:81:e8:b2:5d:00:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=b29a1bcf4310eb87a4163143d905be23eda980eaf4e4efaf3ce72924fe1b3213, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:04:e3:36:75:44:89:e8:a4:e6:f6:cd:db:83:
e3:50:cc:5f:d0:ef:e6:67:48:f7:5e:50:3b:8a:38:
5f:d9:85:4f:28:54:cf:d1:e2:08:e7:6c:6b:18:3e:
9e:dd:14:31:7e:e3:7c:ac:93:6a:7a:b7:c7:dd:23:
dd:f8:23:9e:d3:83:60:a0:eb:b9:01:70:e9:b9:9b:
3a:1d:78:bb:67:3c:2e:56:f3:4b:4a:04:d8:9d:50:
f1:75:38:5b:52:62:79:6b:34:d8:48:94:58:1a:f8:
2a:79:da:8c:df:a4:5f:98:bb:ad:2c:1c:5a:ba:38:
e4:71:be:4f:b0:b1:ea:0a:3c:c8:dd:b1:3f:59:1e:
a2:27:0f:f9:7e:bc:43:68:c8:08:8f:0c:ab:93:ce:
1b:58:54:99:7a:f0:b0:91:94:df:6b:87:dc:cc:49:
f8:db:30:cb:7b:2d:ad:d6:e0:d9:dd:41:39:6d:98:
60:df:07:e0:5d:db:e0:28:2f:2d:72:d5:a2:10:9d:
36:99:bf:de:86:31:4b:1a:29:44:bb:05:e2:38:a8:
cb:db:f7:43:26:a5:89:3c:96:d6:54:21:65:ba:47:
08:78:62:b3:14:34:26:9c:de:27:0a:70:a9:42:f1:
24:cb:36:c3:6d:f1:5b:31:05:4f:a3:d8:ff:05:8e:
e0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2A:04:35:49:81:A9:FB:8E:7C:1D:05:CE:A9:24:3B:85:4F:E0:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:11:06:73:ff:88:2b:bb:83:bc:e9:b4:26:88:48:00:83:ae:
bb:cf:0f:d5:9f:7d:e9:70:7c:f0:d7:d4:44:00:a7:d1:ae:d3:
69:a6:29:32:17:09:3d:99:9f:75:fd:06:bd:f5:6c:9e:97:ea:
5d:7f:72:22:5e:c0:be:55:2b:3f:b8:d3:56:06:4a:7a:a8:44:
52:21:11:83:9d:c6:39:f0:49:99:a5:4b:4a:14:be:32:62:29:
b6:99:96:e4:73:59:fc:3a:99:b7:41:5d:8e:ea:66:21:2a:1b:
81:b8:26:30:e0:8b:bb:01:5c:53:b8:8e:4d:e4:69:40:d0:ae:
bc:ce:c3:33:0c:45:55:9a:af:cc:55:5a:aa:8a:a7:6f:73:e1:
b6:4c:cf:bd:a1:51:4c:b8:99:b4:67:a0:de:4c:04:c2:9c:b3:
70:8f:27:d3:4b:eb:c2:ae:dc:32:2e:7e:a6:8c:27:ac:e4:3d:
1c:0c:09:a6:ad:b9:e0:de:89:6b:39:4a:06:b2:c4:03:f7:05:
32:b4:e0:c6:83:f1:21:10:8b:f0:ad:1b:f2:6d:0b:1a:1c:b3:
73:27:d7:df:04:ef:a0:d4:56:b4:b9:e5:65:9b:20:cf:c1:f9:
e7:9a:47:d4:05:7f:0b:6f:1f:3c:b0:0a:55:6e:73:f8:f4:3a:
01:c1:b6:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcmD9AEDtYs+W+D0vJb+B6LJdAOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyOWExYmNmNDMxMGViODdhNDE2MzE0M2Q5MDViZTIzZWRhOTgwZWFmNGU0
ZWZhZjNjZTcyOTI0ZmUxYjMyMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEE4zZ1RInopOb2zduD41DMX9Dv5mdI915QO4o4X9mFTyhUz9HiCOdsaxg+
nt0UMX7jfKyTanq3x90j3fgjntODYKDruQFw6bmbOh14u2c8LlbzS0oE2J1Q8XU4
W1JieWs02EiUWBr4KnnajN+kX5i7rSwcWro45HG+T7Cx6go8yN2xP1keoicP+X68
Q2jICI8Mq5POG1hUmXrwsJGU32uH3MxJ+Nswy3strdbg2d1BOW2YYN8H4F3b4Cgv
LXLVohCdNpm/3oYxSxopRLsF4jioy9v3QyaliTyW1lQhZbpHCHhisxQ0JpzeJwpw
qULxJMs2w23xWzEFT6PY/wWO4LECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyKgQ1
SYGp+458HQXOqSQ7hU/gAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqEQZz/4gru4O86bQmiEgAg667zw/Vn33pcHzw
19REAKfRrtNppikyFwk9mZ91/Qa99Wyel+pdf3IiXsC+VSs/uNNWBkp6qERSIRGD
ncY58EmZpUtKFL4yYim2mZbkc1n8Opm3QV2O6mYhKhuBuCYw4Iu7AVxTuI5N5GlA
0K68zsMzDEVVmq/MVVqqiqdvc+G2TM+9oVFMuJm0Z6DeTATCnLNwjyfTS+vCrtwy
Ln6mjCes5D0cDAmmrbng3olrOUoGssQD9wUytODGg/EhEIvwrRvybQsaHLNzJ9ff
BO+g1Fa0ueVlmyDPwfnnmkfUBX8Lbx88sApVbnP49DoBwbZe
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:48 2025 by rpki-client