Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json)
Hash identifier: Zu0lTxQ+rQnk/mqXc4JNa6gKAxPC80xHZ/nvcqrHLKA=
Subject key identifier: 36:DD:2B:60:03:96:27:67:73:2B:1F:24:22:AE:A8:C3:53:A4:D4:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7841F65F901B3726E33A401B502A2AE3F6E3A3AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:41:f6:5f:90:1b:37:26:e3:3a:40:1b:50:2a:2a:e3:f6:e3:a3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ba0d51ce45558b4bbe44c803a48a5a64bcc8c3f284264611dddbbb1033367e54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:56:03:fd:25:cd:b3:26:d3:6d:76:16:72:a2:
c5:de:fc:4b:d9:9f:de:19:97:cf:05:ec:3a:bb:cf:
55:72:52:b7:ca:15:ed:25:c7:5c:cf:70:e1:d8:05:
50:e5:1b:7e:d1:e3:0b:b8:75:96:20:be:d8:df:99:
a9:d5:ab:f8:6e:1c:08:9b:ee:27:20:c4:9d:dd:88:
4b:d1:3d:cb:fd:7c:88:8a:0e:12:d2:7a:0c:45:91:
f5:86:8c:58:56:9f:c6:6e:e3:1f:9e:14:1d:df:56:
d4:73:48:bb:78:ae:76:1d:91:7b:3d:a0:4c:c9:19:
4f:a0:2d:7e:69:85:84:ce:63:85:19:97:ad:dc:59:
03:a1:b4:b5:95:c1:76:c2:c8:c2:5b:dc:d1:b6:e0:
e1:71:75:75:a3:52:36:73:c3:fe:18:e2:5b:17:fe:
df:fc:4d:e4:46:03:67:19:5a:24:9f:9c:58:4a:ee:
3c:20:2a:52:d0:8e:2c:7f:5f:bc:05:e7:60:dc:43:
59:19:44:2e:f9:15:b9:06:2d:0e:15:9e:73:f6:d4:
cd:aa:46:0d:eb:c1:4a:3b:31:24:9c:e0:1b:e7:09:
1c:b8:aa:7f:5a:6d:85:28:ee:c2:9b:eb:f0:38:12:
77:45:b8:8f:29:10:82:dc:61:d7:1a:81:94:86:36:
ab:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DD:2B:60:03:96:27:67:73:2B:1F:24:22:AE:A8:C3:53:A4:D4:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
92:01:fa:83:04:e8:2e:9e:48:fa:44:15:1a:3c:b8:d7:4b:c2:
bd:8e:9a:e0:f4:05:70:73:7d:61:f0:51:02:5f:bb:b4:59:73:
a5:07:60:c9:c9:8f:c3:6d:4f:16:fc:ed:28:1c:ed:1c:12:6d:
27:c2:ee:93:ca:f3:6c:78:61:86:ac:e3:7f:8b:1a:8c:eb:db:
b1:bf:32:1e:86:a8:93:48:f1:83:30:5c:74:e1:fd:4a:52:98:
0b:f6:11:99:45:70:bb:b8:3f:e6:79:38:06:21:08:bc:57:e7:
30:5f:56:b5:44:d5:f4:76:91:43:c5:a0:b2:67:b9:62:a4:cb:
1f:cb:0b:87:cb:ea:d5:19:55:7d:30:9b:67:9b:f9:9b:eb:a4:
a5:e0:19:ce:cb:c6:c2:0b:0b:f0:dc:4a:1d:e4:e0:78:b9:cf:
7f:ea:c6:2d:6d:2d:da:1b:a2:46:e0:40:b2:b4:ec:b1:dd:f0:
b2:ce:a3:b0:6b:84:4f:4d:a2:4c:3f:c7:1e:b5:1b:49:4c:b0:
60:f8:bc:91:e5:3d:bc:6a:fc:23:06:9e:bb:33:ed:34:d9:60:
ca:44:61:e9:ae:22:49:ca:0c:c8:82:f2:5a:eb:49:52:7c:9f:
5c:db:c3:53:43:13:50:68:d2:ea:89:7d:84:c5:2d:89:00:bd:
cd:f5:94:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeEH2X5AbNybjOkAbUCoq4/bjo68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhMGQ1MWNlNDU1NThiNGJiZTQ0YzgwM2E0OGE1YTY0YmNjOGMzZjI4NDI2
NDYxMWRkZGJiYjEwMzMzNjdlNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtWA/0lzbMm0212FnKixd78S9mf3hmXzwXsOrvPVXJSt8oV7SXHXM9w4dgF
UOUbftHjC7h1liC+2N+ZqdWr+G4cCJvuJyDEnd2IS9E9y/18iIoOEtJ6DEWR9YaM
WFafxm7jH54UHd9W1HNIu3iudh2Rez2gTMkZT6AtfmmFhM5jhRmXrdxZA6G0tZXB
dsLIwlvc0bbg4XF1daNSNnPD/hjiWxf+3/xN5EYDZxlaJJ+cWEruPCAqUtCOLH9f
vAXnYNxDWRlELvkVuQYtDhWec/bUzapGDevBSjsxJJzgG+cJHLiqf1pthSjuwpvr
8DgSd0W4jykQgtxh1xqBlIY2q78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ23Stg
A5YnZ3MrHyQirqjDU6TUGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g
MA0GCSqGSIb3DQEBCwUAA4IBAQCSAfqDBOgunkj6RBUaPLjXS8K9jprg9AVwc31h
8FECX7u0WXOlB2DJyY/DbU8W/O0oHO0cEm0nwu6TyvNseGGGrON/ixqM69uxvzIe
hqiTSPGDMFx04f1KUpgL9hGZRXC7uD/meTgGIQi8V+cwX1a1RNX0dpFDxaCyZ7li
pMsfywuHy+rVGVV9MJtnm/mb66Sl4BnOy8bCCwvw3Eod5OB4uc9/6sYtbS3aG6JG
4ECytOyx3fCyzqOwa4RPTaJMP8cetRtJTLBg+LyR5T28avwjBp67M+002WDKRGHp
riJJygzIgvJa60lSfJ9c28NTQxNQaNLqiX2ExS2JAL3N9ZTu
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:19 2025 by rpki-client