Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
File: 36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa (raw, json)
Hash identifier: l3B9oDzJdAloCtiQ91oc8+GTw67FmceHa0GUtZ6Uxy4=
Subject key identifier: DD:24:DA:FC:30:C8:FA:80:F3:79:B8:93:97:94:41:40:D5:0E:F7:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6770E687400F413E3D0B0CFFC77BC0028351A2FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:70:e6:87:40:0f:41:3e:3d:0b:0c:ff:c7:7b:c0:02:83:51:a2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f992711852e6a4faa9ba5bee878a7570c1ae432cd1ab1ecf8c985b238dd175d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ba:fa:9e:ff:d4:32:37:1d:92:21:1f:16:af:
cb:e8:ab:d6:3c:13:1f:ef:92:81:31:d3:33:6d:a2:
2f:94:8f:1c:d2:b5:3d:5c:b4:ee:09:26:3c:75:74:
fc:6e:49:4a:bf:86:42:be:9f:91:9b:8f:3b:f5:03:
c2:d4:9c:d4:53:0c:33:05:83:ae:b6:0f:e0:1a:8b:
f3:3b:eb:3f:9f:0b:7b:06:00:5e:3d:dc:78:30:c2:
ca:85:85:37:ea:fa:46:53:04:e2:27:b2:d6:28:51:
27:de:fd:b0:50:23:6a:e5:1c:90:97:e2:db:33:54:
ad:7d:0f:49:d6:75:7f:2a:f3:64:df:ab:2f:8c:c9:
35:1b:7f:de:c4:43:4a:ce:2f:a5:07:aa:c3:a6:d2:
b6:b2:0a:42:20:d8:d9:32:24:4f:19:5f:21:e7:20:
dd:40:0f:97:1b:2a:6f:4e:32:72:93:08:69:aa:7f:
86:30:cc:05:bf:c6:be:4d:8a:72:03:81:84:d0:95:
05:57:12:d4:09:52:c8:53:44:00:2d:a4:6e:00:02:
40:3d:7b:ac:a4:24:19:de:4b:98:6f:32:04:fc:73:
e8:99:f6:f9:c9:82:8b:a1:87:58:1d:84:27:b7:93:
8f:4f:3c:83:42:07:2c:df:39:54:17:ec:4d:81:34:
bb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:24:DA:FC:30:C8:FA:80:F3:79:B8:93:97:94:41:40:D5:0E:F7:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a020::/48
Signature Algorithm: sha256WithRSAEncryption
aa:56:9b:50:ce:ef:76:f5:43:eb:c7:ee:75:5a:81:fd:93:62:
8e:63:ee:7c:2f:6e:01:03:49:83:b5:fa:18:57:5e:90:35:32:
c1:a5:a6:ae:34:12:c3:70:f8:43:cc:95:f5:c9:6b:d5:e8:61:
dd:ff:64:98:b4:12:1f:62:74:11:ad:c4:cd:e3:5a:0b:a5:7f:
30:5f:91:eb:73:da:96:d5:4a:0e:76:e1:3b:49:61:22:80:b2:
5a:8c:86:ec:fa:7a:05:22:0f:94:9b:ed:bb:9e:e2:54:65:61:
e5:1c:95:64:51:13:2e:55:45:bc:77:51:e2:48:0f:0b:00:a1:
04:45:c3:84:61:a1:f0:1a:3e:97:c1:8f:ee:18:22:87:39:6b:
60:16:a5:e8:cc:05:33:43:4b:36:22:38:7c:bc:4a:9d:dc:b4:
f0:3f:0f:2e:24:20:c7:37:83:86:c0:92:ee:e1:34:ab:6d:4c:
2d:20:c6:86:8a:80:dc:24:cf:3a:d1:5a:8f:9d:69:16:b6:4d:
4d:e9:ab:77:f0:05:7c:74:c3:0b:07:b4:51:0e:5a:77:c5:c2:
10:56:aa:15:53:86:18:9f:6e:83:98:37:13:5a:e4:98:de:2e:
b4:55:0e:f4:0f:03:6c:59:65:78:09:33:4d:dc:f8:ee:37:42:
a8:5d:2e:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ3Dmh0APQT49Cwz/x3vAAoNRov0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5OTI3MTE4NTJlNmE0ZmFhOWJhNWJlZTg3OGE3NTcwYzFhZTQzMmNkMWFi
MWVjZjhjOTg1YjIzOGRkMTc1ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy6+p7/1DI3HZIhHxavy+ir1jwTH++SgTHTM22iL5SPHNK1PVy07gkmPHV0
/G5JSr+GQr6fkZuPO/UDwtSc1FMMMwWDrrYP4BqL8zvrP58LewYAXj3ceDDCyoWF
N+r6RlME4iey1ihRJ979sFAjauUckJfi2zNUrX0PSdZ1fyrzZN+rL4zJNRt/3sRD
Ss4vpQeqw6bStrIKQiDY2TIkTxlfIecg3UAPlxsqb04ycpMIaap/hjDMBb/Gvk2K
cgOBhNCVBVcS1AlSyFNEAC2kbgACQD17rKQkGd5LmG8yBPxz6Jn2+cmCi6GHWB2E
J7eTj088g0IHLN85VBfsTYE0uyMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdJNr8
MMj6gPN5uJOXlEFA1Q73zzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZmZGU0YzctMzA1Yy00ZTlkLThkMWYtYmE4NWMzNjUwMjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
IDANBgkqhkiG9w0BAQsFAAOCAQEAqlabUM7vdvVD68fudVqB/ZNijmPufC9uAQNJ
g7X6GFdekDUywaWmrjQSw3D4Q8yV9clr1ehh3f9kmLQSH2J0Ea3EzeNaC6V/MF+R
63PaltVKDnbhO0lhIoCyWoyG7Pp6BSIPlJvtu57iVGVh5RyVZFETLlVFvHdR4kgP
CwChBEXDhGGh8Bo+l8GP7hgihzlrYBal6MwFM0NLNiI4fLxKndy08D8PLiQgxzeD
hsCS7uE0q21MLSDGhoqA3CTPOtFaj51pFrZNTemrd/AFfHTDCwe0UQ5ad8XCEFaq
FVOGGJ9ug5g3E1rkmN4utFUO9A8DbFlleAkzTdz47jdCqF0ucg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:52 2025 by rpki-client