Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: mFflK2XCe/8njqq6sHp4LrG/V1UOQVKEMAE4VZyGbgU=
Subject key identifier: DD:A2:CB:16:30:21:BE:9C:63:57:74:0B:E3:90:97:F4:54:96:8C:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 592EF6ED6A0631B9CB80A9782F1E5A1FBBF583EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:2e:f6:ed:6a:06:31:b9:cb:80:a9:78:2f:1e:5a:1f:bb:f5:83:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c4e655811c52783c1199acfb8763e5e6097df5139fdfa1e13b0927d426cb6a36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f0:95:b6:2e:83:42:c5:a8:01:88:c7:ab:e1:
89:70:18:42:8e:47:0e:dc:0b:72:95:8c:e9:f4:c5:
30:38:4c:44:fe:d1:d3:27:27:36:5b:54:29:1d:12:
49:ac:33:4f:1a:9e:13:af:59:70:53:89:dd:a9:25:
9d:d5:de:4b:c5:d8:03:c0:39:49:0d:58:53:94:b0:
6c:d5:f8:a6:81:19:97:b5:8f:00:25:9a:b9:a7:12:
41:b7:80:46:33:76:59:95:92:f7:14:56:ba:7e:46:
14:c2:cc:c5:6c:ec:9c:d2:20:1c:94:a1:71:c0:c5:
31:76:bd:09:0f:aa:95:37:72:87:fe:f3:f4:57:f0:
a3:fc:e1:2a:61:22:6c:f6:f4:2c:34:ad:22:e2:e8:
36:b3:57:f3:6e:3a:09:13:2f:c8:35:98:35:50:62:
18:3b:84:a3:ac:03:ab:28:a9:27:0b:be:33:54:51:
7f:9f:32:a5:dd:61:5e:6f:1b:e0:69:6a:fa:9f:01:
7b:24:7c:ff:4e:04:2d:2f:22:df:eb:47:c2:9b:b9:
8c:73:5e:fe:33:cb:3d:83:97:e5:d7:27:4e:41:2b:
a1:43:2a:cc:57:b1:6e:32:cd:ed:5d:9a:43:b2:6d:
c8:bd:c3:32:75:d1:64:37:57:7b:d9:e0:e2:42:95:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A2:CB:16:30:21:BE:9C:63:57:74:0B:E3:90:97:F4:54:96:8C:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
0a:7e:02:05:6b:fb:c1:d2:58:36:b6:3c:37:f8:53:a8:2f:6d:
a5:cd:46:05:f5:35:ca:55:7e:73:37:1c:23:f9:af:2d:ed:5c:
c6:4b:b9:29:3a:99:02:dd:a3:17:a3:1a:1e:6d:e2:fa:48:87:
d8:d1:a4:a0:5c:75:71:f5:7f:b9:c5:8d:92:e7:73:ad:95:e3:
5c:a9:47:5c:45:bd:38:1f:e9:39:e5:a8:06:6f:35:9b:2e:59:
77:47:21:96:42:4e:ad:96:c9:e8:f3:fc:e7:4e:93:fa:d7:03:
75:11:37:a4:28:95:8d:f3:ed:a4:8e:fc:4b:75:95:0a:bb:c0:
25:a8:52:79:c0:22:fb:f2:a0:ae:9c:9c:59:8c:60:c0:28:b0:
55:45:d8:1a:b4:48:cd:9d:1d:ab:10:86:77:ee:48:81:01:41:
f3:b3:b8:df:a0:f4:c1:7a:d8:26:6a:75:c5:d3:7e:c9:45:df:
82:8b:a2:cf:c5:fd:fc:ed:54:cf:ce:9b:aa:1d:a7:79:01:0a:
24:20:4a:68:c3:90:8e:4c:78:ec:a8:92:02:b1:d8:3e:e0:fc:
34:8e:c3:a6:44:31:67:9e:12:59:92:e0:04:cd:59:58:b7:96:
8a:cf:46:0d:85:a0:0c:74:d8:a6:92:40:5d:c0:ab:c5:b5:7f:
f9:1e:4e:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWS727WoGMbnLgKl4Lx5aH7v1g+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZTY1NTgxMWM1Mjc4M2MxMTk5YWNmYjg3NjNlNWU2MDk3ZGY1MTM5ZmRm
YTFlMTNiMDkyN2Q0MjZjYjZhMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/wlbYug0LFqAGIx6vhiXAYQo5HDtwLcpWM6fTFMDhMRP7R0ycnNltUKR0S
SawzTxqeE69ZcFOJ3aklndXeS8XYA8A5SQ1YU5SwbNX4poEZl7WPACWauacSQbeA
RjN2WZWS9xRWun5GFMLMxWzsnNIgHJShccDFMXa9CQ+qlTdyh/7z9Ffwo/zhKmEi
bPb0LDStIuLoNrNX8246CRMvyDWYNVBiGDuEo6wDqyipJwu+M1RRf58ypd1hXm8b
4Glq+p8BeyR8/04ELS8i3+tHwpu5jHNe/jPLPYOX5dcnTkEroUMqzFexbjLN7V2a
Q7JtyL3DMnXRZDdXe9ng4kKVi4UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdossW
MCG+nGNXdAvjkJf0VJaMrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEACn4CBWv7wdJYNrY8N/hTqC9tpc1GBfU1ylV+
czccI/mvLe1cxku5KTqZAt2jF6MaHm3i+kiH2NGkoFx1cfV/ucWNkudzrZXjXKlH
XEW9OB/pOeWoBm81my5Zd0chlkJOrZbJ6PP8506T+tcDdRE3pCiVjfPtpI78S3WV
CrvAJahSecAi+/KgrpycWYxgwCiwVUXYGrRIzZ0dqxCGd+5IgQFB87O436D0wXrY
Jmp1xdN+yUXfgouiz8X9/O1Uz86bqh2neQEKJCBKaMOQjkx47KiSArHYPuD8NI7D
pkQxZ54SWZLgBM1ZWLeWis9GDYWgDHTYppJAXcCrxbV/+R5OUw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:19 2025 by rpki-client