Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: eXtpwNOqRnBQJ0tsuhQbR5AQLql7rLIijg5dc+UU2AM=
Subject key identifier: 71:9D:7A:62:EB:8D:9D:DF:58:B9:63:D1:A2:A7:AC:33:FE:38:C3:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1ED0CD312379CD36594DF9C64C469139F8D45B27
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:d0:cd:31:23:79:cd:36:59:4d:f9:c6:4c:46:91:39:f8:d4:5b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d86e99d16d65f050ce3a64f81a37ca5c80cbb4434e4b6ae29944f3570c2086cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2d:b0:26:b0:f0:cb:72:fc:9a:6b:ea:3c:b8:
aa:39:c8:b0:ce:1f:bc:bf:6c:df:60:a5:04:43:f5:
92:50:44:a6:da:8f:73:ea:b0:f2:de:83:46:45:68:
b0:f0:4d:4e:90:96:5b:38:7b:2b:80:a5:25:0c:c3:
18:fd:1a:23:49:70:3c:09:db:c7:78:4d:72:43:92:
64:76:b2:8c:dd:85:3c:c4:9d:60:21:3e:08:f1:fa:
3b:ae:91:75:3b:17:26:51:86:80:64:d3:e3:a4:5a:
0a:48:b7:88:ad:7d:68:78:3d:bc:34:89:68:72:8e:
e0:fd:96:06:93:3a:95:98:50:cf:44:54:7e:2d:42:
c0:36:10:7a:02:fe:2f:e3:74:be:72:20:83:12:2d:
3b:5d:32:43:18:f7:7f:85:24:0d:b5:82:ab:d9:f5:
cb:8e:17:fd:3c:33:25:59:c6:b5:ed:a8:15:e6:bc:
ce:66:ef:ab:0b:9b:b6:9b:12:d3:88:fa:a0:e8:1f:
14:c1:b5:a2:41:c4:c7:1d:fc:82:c9:c8:cd:6a:5c:
ef:ca:78:7f:95:85:cc:12:55:f7:5a:89:bf:dc:19:
25:bb:09:92:03:c7:0a:f6:a4:1b:1b:e8:24:05:bf:
f9:36:b5:8a:86:c5:47:0b:dd:81:d4:13:6d:cd:5b:
d8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9D:7A:62:EB:8D:9D:DF:58:B9:63:D1:A2:A7:AC:33:FE:38:C3:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
27:1a:67:28:08:a2:aa:b1:a3:36:be:a1:a3:c9:d2:ca:df:c1:
07:e6:1a:91:d6:f4:01:fd:8a:c8:31:cb:4d:1a:20:54:03:58:
3b:e7:47:e5:2e:5e:31:5a:e8:9d:b6:49:f0:76:6a:e2:55:1a:
42:2c:03:5e:b8:54:9b:4b:5f:6c:29:6f:40:d1:d4:2f:8a:c7:
83:92:28:4d:0f:16:ac:6f:9a:de:8a:90:ab:16:db:95:ed:5e:
4c:7b:06:2f:cc:79:09:56:bd:a4:48:55:41:8a:6c:96:f4:a8:
b7:09:07:a8:6d:c8:3e:33:97:27:a6:f0:76:04:94:f5:8e:87:
04:0d:a5:8e:52:85:3e:fa:7f:25:d8:e7:68:54:70:e2:ab:94:
fa:5c:87:86:72:d1:eb:f2:b4:09:c5:d4:8f:80:d4:99:c2:f1:
b4:e1:21:a0:45:ef:5a:be:ba:70:5f:07:ca:e2:7c:81:c0:10:
d1:2b:b9:69:26:95:d7:9c:4a:0b:ae:b5:0e:15:80:73:8e:73:
d8:f3:8e:09:5d:a4:fb:78:5f:71:8f:df:dc:c1:d6:e8:4d:04:
1f:39:1b:61:59:e8:04:00:df:fc:2a:3d:49:cf:ef:bc:3d:89:
22:9b:46:f1:40:a9:f2:8e:ae:9b:82:f0:50:c0:9b:80:ca:31:
d4:65:70:8b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUHtDNMSN5zTZZTfnGTEaROfjUWycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4NmU5OWQxNmQ2NWYwNTBjZTNhNjRmODFhMzdjYTVjODBjYmI0NDM0ZTRi
NmFlMjk5NDRmMzU3MGMyMDg2Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMctsCaw8Mty/Jpr6jy4qjnIsM4fvL9s32ClBEP1klBEptqPc+qw8t6DRkVo
sPBNTpCWWzh7K4ClJQzDGP0aI0lwPAnbx3hNckOSZHayjN2FPMSdYCE+CPH6O66R
dTsXJlGGgGTT46RaCki3iK19aHg9vDSJaHKO4P2WBpM6lZhQz0RUfi1CwDYQegL+
L+N0vnIggxItO10yQxj3f4UkDbWCq9n1y44X/TwzJVnGte2oFea8zmbvqwubtpsS
04j6oOgfFMG1okHExx38gsnIzWpc78p4f5WFzBJV91qJv9wZJbsJkgPHCvakGxvo
JAW/+Ta1iobFRwvdgdQTbc1b2O8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRxnXpi
642d31i5Y9Gip6wz/jjDqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBACcaZygIoqqxoza+oaPJ0srfwQfmGpHW9AH9isgx
y00aIFQDWDvnR+UuXjFa6J22SfB2auJVGkIsA164VJtLX2wpb0DR1C+Kx4OSKE0P
Fqxvmt6KkKsW25XtXkx7Bi/MeQlWvaRIVUGKbJb0qLcJB6htyD4zlyem8HYElPWO
hwQNpY5ShT76fyXY52hUcOKrlPpch4Zy0evytAnF1I+A1JnC8bThIaBF71q+unBf
B8rifIHAENEruWkmldecSguutQ4VgHOOc9jzjgldpPt4X3GP39zB1uhNBB85G2FZ
6AQA3/wqPUnP77w9iSKbRvFAqfKOrpuC8FDAm4DKMdRlcIs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:42 2025 by rpki-client