Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
File: 33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa (raw, json)
Hash identifier: 3mS9+V4C0AEwjFu8/6DPjSxl4rc7aeE3icIXgQsLUW4=
Subject key identifier: D8:10:F2:FD:CB:B1:C5:6B:0D:21:46:6F:C2:CB:AA:0F:49:78:C4:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 439F562A4DFAE84348337F7C083E997EA1217F69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:9f:56:2a:4d:fa:e8:43:48:33:7f:7c:08:3e:99:7e:a1:21:7f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=9c9fb82b7ce8fe31c7fb4e44c13bc097a1375000e6212f02cfc7e87e25f2665c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:af:fb:2a:b3:fb:22:f7:ad:49:53:a0:1d:a9:
85:e0:ff:71:97:ad:d9:02:cf:8f:9b:d7:d1:de:b6:
21:47:bd:eb:57:dd:21:55:0a:a7:95:07:09:57:4f:
e4:85:01:2a:e0:4b:1c:65:6d:c7:c8:f7:1f:be:a5:
fb:e5:df:28:ce:ba:4e:c3:5b:ba:3d:87:b6:99:9b:
40:49:b9:d1:a7:38:b0:c5:80:06:d2:5e:47:72:1d:
1b:8b:c6:6a:a6:9a:f2:f5:f3:da:dc:a3:1a:ad:f8:
78:7c:95:e7:59:0f:ee:86:48:f4:da:43:dc:61:d9:
9b:0d:ef:a7:20:39:b2:b2:37:72:15:c8:ce:f6:b8:
ed:52:45:37:b7:d4:8d:4f:7c:5e:7b:83:70:68:79:
32:21:86:9c:62:e4:22:04:61:a5:54:a7:9d:30:e3:
ae:50:c2:2d:c7:89:11:9c:90:b4:38:6e:b4:90:6a:
cf:df:7c:5f:27:3c:a1:ed:43:d8:61:8b:3f:cb:3f:
b5:fa:69:59:bb:7a:bf:0d:c5:0e:98:f1:d0:dc:b0:
78:58:e7:55:9e:0c:10:86:83:5e:6e:d0:f8:87:43:
3c:c9:27:b2:bb:e4:9f:2c:45:83:a4:86:61:bb:5b:
8f:06:34:62:88:11:e7:9d:f8:da:0a:66:4b:e3:26:
f3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:10:F2:FD:CB:B1:C5:6B:0D:21:46:6F:C2:CB:AA:0F:49:78:C4:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:91:54:3f:ce:e0:07:6a:2a:da:93:87:93:f7:18:77:ad:b6:
3f:82:73:d4:50:ff:17:bc:75:54:d7:b7:0b:26:2b:e8:33:92:
c2:32:5c:bf:a5:07:91:04:16:b2:c2:14:21:13:ce:a5:76:05:
59:6b:b9:7f:c0:4b:fe:3a:fc:7c:44:39:c6:d9:10:ec:9c:7f:
26:fe:40:72:2e:a5:64:f7:3b:d9:57:48:13:b2:8f:7f:98:ed:
24:2b:79:30:df:a2:5f:38:dc:c7:b2:93:a5:dd:cf:17:5a:93:
3b:28:63:e3:f8:85:4e:d2:78:f7:41:ca:c1:bf:5f:04:14:aa:
30:3e:6e:78:43:a4:58:6c:25:fd:d7:cc:90:15:e2:3b:14:12:
0a:3d:f2:6c:46:6e:df:b1:7e:8d:7c:c8:af:a3:db:e3:96:b6:
b7:5c:d0:ee:57:01:b4:f6:5b:24:9c:bf:81:0e:04:f7:fb:07:
62:a7:fc:26:40:aa:ec:69:5e:f5:fa:d0:83:c9:57:21:55:9e:
75:47:af:42:45:b9:2b:0c:3d:c8:30:2a:a2:c5:a9:84:d0:f6:
93:5c:60:a6:b0:97:3e:2c:33:58:17:83:a6:1c:f4:d9:e8:37:
69:52:9e:95:db:90:36:b6:4e:6d:f0:08:59:18:84:a0:76:a8:
43:4b:65:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ59WKk366ENIM398CD6ZfqEhf2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOWZiODJiN2NlOGZlMzFjN2ZiNGU0NGMxM2JjMDk3YTEzNzUwMDBlNjIx
MmYwMmNmYzdlODdlMjVmMjY2NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6v+yqz+yL3rUlToB2pheD/cZet2QLPj5vX0d62IUe961fdIVUKp5UHCVdP
5IUBKuBLHGVtx8j3H76l++XfKM66TsNbuj2HtpmbQEm50ac4sMWABtJeR3IdG4vG
aqaa8vXz2tyjGq34eHyV51kP7oZI9NpD3GHZmw3vpyA5srI3chXIzva47VJFN7fU
jU98XnuDcGh5MiGGnGLkIgRhpVSnnTDjrlDCLceJEZyQtDhutJBqz998Xyc8oe1D
2GGLP8s/tfppWbt6vw3FDpjx0NyweFjnVZ4MEIaDXm7Q+IdDPMknsrvknyxFg6SG
YbtbjwY0YogR55342gpmS+Mm89kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYEPL9
y7HFaw0hRm/Cy6oPSXjEsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNmNDQyZTEtNzY2ZS00NjFkLWEzYjktMmIwZmQwMWIwOGNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hhg
MA0GCSqGSIb3DQEBCwUAA4IBAQCmkVQ/zuAHairak4eT9xh3rbY/gnPUUP8XvHVU
17cLJivoM5LCMly/pQeRBBaywhQhE86ldgVZa7l/wEv+Ovx8RDnG2RDsnH8m/kBy
LqVk9zvZV0gTso9/mO0kK3kw36JfONzHspOl3c8XWpM7KGPj+IVO0nj3QcrBv18E
FKowPm54Q6RYbCX918yQFeI7FBIKPfJsRm7fsX6NfMivo9vjlra3XNDuVwG09lsk
nL+BDgT3+wdip/wmQKrsaV71+tCDyVchVZ51R69CRbkrDD3IMCqixamE0PaTXGCm
sJc+LDNYF4OmHPTZ6DdpUp6V25A2tk5t8AhZGISgdqhDS2Wi
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:51 2025 by rpki-client