Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
File: 36851825-b64c-4907-b152-006b17b6b7d7.roa (raw, json)
Hash identifier: kv2b9jsEKmplzQqb7Tefg+rEcD933MVQ8FhP7wqoRCA=
Subject key identifier: F7:19:0A:32:03:DD:6D:A9:AB:5A:BC:67:E7:35:CA:F1:89:AD:A3:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D4ED0C1F9393F626834BEBC1EFF241B6FAAC7DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:4e:d0:c1:f9:39:3f:62:68:34:be:bc:1e:ff:24:1b:6f:aa:c7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c98328db891783eaabe9368d793facc08132fa58572d61ba92be8084443b2f3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:33:04:58:0c:f9:36:8c:c3:eb:79:98:56:5d:
20:af:55:7b:0f:9c:bc:c5:a1:11:ef:d9:38:ee:10:
73:9e:19:7d:23:5b:2f:91:9f:42:91:59:d8:2f:de:
e6:12:85:15:64:a1:4a:8d:80:b6:d6:15:ab:63:9d:
fb:b9:65:dd:fa:42:2d:6e:e5:83:a1:20:78:ec:d7:
88:2e:04:82:42:e8:cb:f6:5b:45:57:fc:f2:19:ec:
5f:9f:58:f5:3b:48:64:45:0b:e0:23:18:af:4d:e6:
78:25:8e:f7:a4:65:81:93:32:c3:dc:c9:cb:32:82:
38:98:5c:52:32:a3:d0:05:33:20:e8:26:8f:41:bf:
59:24:02:7b:5c:0b:a9:9f:4b:43:62:a5:26:db:e5:
90:bc:bf:f6:61:22:23:28:0f:7c:de:5c:5d:df:cd:
d1:dc:ec:2d:8d:93:a6:8b:8d:44:e5:60:f6:bf:99:
17:c1:65:f8:ba:4d:5b:30:7a:f0:32:3f:bd:a0:f6:
9a:8d:53:4e:19:f7:e7:cf:60:21:ad:b8:7f:43:76:
1a:b1:9a:02:2a:c1:f0:a8:eb:3b:f4:1d:48:0d:29:
3e:0e:e7:b0:d2:92:46:29:20:f5:dc:20:52:29:78:
78:70:73:f6:4c:42:75:f1:8c:20:d4:fc:21:17:e8:
d9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:19:0A:32:03:DD:6D:A9:AB:5A:BC:67:E7:35:CA:F1:89:AD:A3:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:b000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:b2:d2:a5:39:3f:5f:a3:4f:72:f9:f2:4c:2a:29:12:6c:c5:
80:2f:87:1d:c8:42:bf:93:9a:1e:69:53:e7:db:c3:56:dd:d6:
52:30:eb:61:90:b4:55:eb:1e:40:ce:c5:86:5d:bf:2b:38:b3:
50:45:80:42:ac:e9:d2:ee:d3:f7:3a:04:9d:b1:82:7f:b8:fb:
7f:70:2e:73:ad:4c:e1:94:02:94:aa:f4:3a:77:27:6e:9c:62:
8b:2d:2f:f0:ae:c3:a1:81:04:a7:85:38:b0:6a:0a:a3:ec:6a:
92:db:06:dc:ec:e2:92:4a:cf:a4:a9:ae:bf:f0:25:a4:d9:4a:
60:74:d8:d8:36:f7:4c:77:8f:da:5c:fa:0c:8b:b6:3f:94:82:
31:0f:56:fb:2c:c2:3b:4a:60:fd:7a:26:cd:6f:55:e6:ce:de:
bb:e2:dd:8e:cb:58:82:34:66:7a:72:8b:17:68:09:4c:f4:6f:
dc:c3:9d:8e:51:58:89:5d:68:a9:2d:37:3f:45:3f:f9:7c:42:
c4:f3:3e:b5:09:60:79:cf:91:19:30:6f:53:bb:75:13:30:70:
0c:e1:d2:56:2f:4d:91:6e:a2:36:9b:91:af:02:7a:cb:ce:e4:
98:32:eb:12:20:0d:30:e9:8c:1d:76:85:c2:0d:69:f3:46:3c:
a2:99:32:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPU7Qwfk5P2JoNL68Hv8kG2+qx9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5ODMyOGRiODkxNzgzZWFhYmU5MzY4ZDc5M2ZhY2MwODEzMmZhNTg1NzJk
NjFiYTkyYmU4MDg0NDQzYjJmM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgzBFgM+TaMw+t5mFZdIK9Vew+cvMWhEe/ZOO4Qc54ZfSNbL5GfQpFZ2C/e
5hKFFWShSo2AttYVq2Od+7ll3fpCLW7lg6EgeOzXiC4EgkLoy/ZbRVf88hnsX59Y
9TtIZEUL4CMYr03meCWO96RlgZMyw9zJyzKCOJhcUjKj0AUzIOgmj0G/WSQCe1wL
qZ9LQ2KlJtvlkLy/9mEiIygPfN5cXd/N0dzsLY2TpouNROVg9r+ZF8Fl+LpNWzB6
8DI/vaD2mo1TThn3589gIa24f0N2GrGaAirB8KjrO/QdSA0pPg7nsNKSRikg9dwg
Uil4eHBz9kxCdfGMINT8IRfo2bMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3GQoy
A91tqatavGfnNcrxia2jjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY4NTE4MjUtYjY0Yy00OTA3LWIxNTItMDA2YjE3YjZiN2Q3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGw
MA0GCSqGSIb3DQEBCwUAA4IBAQB6stKlOT9fo09y+fJMKikSbMWAL4cdyEK/k5oe
aVPn28NW3dZSMOthkLRV6x5AzsWGXb8rOLNQRYBCrOnS7tP3OgSdsYJ/uPt/cC5z
rUzhlAKUqvQ6dydunGKLLS/wrsOhgQSnhTiwagqj7GqS2wbc7OKSSs+kqa6/8CWk
2UpgdNjYNvdMd4/aXPoMi7Y/lIIxD1b7LMI7SmD9eibNb1Xmzt674t2Oy1iCNGZ6
cosXaAlM9G/cw52OUViJXWipLTc/RT/5fELE8z61CWB5z5EZMG9Tu3UTMHAM4dJW
L02RbqI2m5GvAnrLzuSYMusSIA0w6YwddoXCDWnzRjyimTJg
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:44 2025 by rpki-client