Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
File: 3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa (raw, json)
Hash identifier: DLaxubuSPMCpTe7oqvs4+y3vKapz5p7yFPFaPtXUm2I=
Subject key identifier: 8E:8A:1D:1F:E0:96:AA:83:5B:AB:C2:B2:E1:3F:34:A9:5C:87:91:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4551F44EA9178511711D3ABBA65434157B6CC460
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:51:f4:4e:a9:17:85:11:71:1d:3a:bb:a6:54:34:15:7b:6c:c4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=883f00d38ec9dbc604abdd6e29bc7972d5170f396997c1e18db46de48e0d31a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:34:e4:c3:e7:bf:c6:dd:3b:96:4a:18:89:
c7:87:2e:be:e1:6b:e5:6c:ea:6d:a8:2f:63:3a:16:
c0:47:f8:ee:c9:79:a7:20:8b:c5:88:3c:9d:1d:ca:
3b:a7:5d:67:5b:6f:cc:45:76:1d:67:d9:f0:fb:93:
c4:ff:9c:18:46:69:31:98:3b:19:4a:a9:e4:77:18:
64:ed:9a:6a:f6:28:23:18:35:18:9c:d1:6e:0a:dc:
b8:00:bf:20:84:39:e6:a1:fe:87:0b:15:c9:7c:0c:
b8:d1:8a:98:17:83:64:95:ad:ac:88:25:ba:79:4a:
f5:ed:78:b6:56:ff:bb:62:44:1f:48:e9:ac:17:a1:
88:93:68:0b:f8:b5:6f:51:be:21:2f:e3:6e:4d:a4:
6b:86:18:15:aa:5b:99:88:cf:05:da:d6:b8:b2:05:
79:a5:0b:14:ce:c5:5a:4d:de:0b:b0:f7:b5:27:1b:
25:ff:36:53:fd:5e:ef:77:71:69:3e:c8:e3:91:da:
e7:ab:1d:ba:7f:ad:aa:ef:f7:bc:00:f5:24:55:fd:
fe:16:75:4b:16:77:b0:cd:4f:29:cd:bb:01:d5:64:
6b:9f:a6:3d:2f:d2:74:56:90:48:bb:f9:05:db:cf:
04:9b:01:22:e5:52:58:c6:a7:74:fc:ba:9d:2f:47:
c2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8A:1D:1F:E0:96:AA:83:5B:AB:C2:B2:E1:3F:34:A9:5C:87:91:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b080::/46
Signature Algorithm: sha256WithRSAEncryption
70:3e:de:97:5b:41:af:c0:7b:6e:ca:0b:46:69:d8:85:22:c2:
e9:89:eb:46:d9:1a:45:fb:44:9b:e9:6b:44:72:18:dd:97:c9:
bd:73:d2:8c:41:7f:14:50:10:54:d5:0f:c4:48:ac:3e:80:a4:
79:f7:00:f6:8c:1b:fa:cb:40:4b:e5:c8:44:65:df:86:5c:ad:
c6:f4:4c:64:6f:84:1b:63:77:02:b0:b0:5c:b1:7a:15:45:e4:
7e:af:77:de:80:c9:e4:98:b5:01:73:66:92:9b:29:87:6c:67:
25:99:db:20:4c:e4:cf:7d:2a:e5:b4:61:6f:20:89:9b:8c:67:
fc:8b:d6:3a:21:12:6e:41:f6:52:19:a9:b6:9f:44:7a:c4:2c:
ef:d4:18:7d:21:a3:fd:0a:94:c5:7a:01:31:77:2c:44:4d:5b:
92:15:2f:29:59:79:e6:b2:93:4d:93:a7:15:de:a1:ba:e2:61:
55:32:dd:99:43:48:01:a6:a9:95:77:f9:90:0e:94:57:d8:08:
d5:30:20:12:cd:c9:66:ee:33:56:a0:52:d6:e6:5a:0e:7e:12:
5e:8f:b9:f1:69:c6:2b:24:7c:9a:5a:24:1b:9b:b3:70:b9:84:
fa:f1:da:e8:d0:b5:6d:73:95:57:21:ce:b8:e3:c8:c2:e5:c8:
e0:00:dd:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURVH0TqkXhRFxHTq7plQ0FXtsxGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4M2YwMGQzOGVjOWRiYzYwNGFiZGQ2ZTI5YmM3OTcyZDUxNzBmMzk2OTk3
YzFlMThkYjQ2ZGU0OGUwZDMxYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuLNOTD57/G3TuWShiJx4cuvuFr5WzqbagvYzoWwEf47sl5pyCLxYg8nR3K
O6ddZ1tvzEV2HWfZ8PuTxP+cGEZpMZg7GUqp5HcYZO2aavYoIxg1GJzRbgrcuAC/
IIQ55qH+hwsVyXwMuNGKmBeDZJWtrIglunlK9e14tlb/u2JEH0jprBehiJNoC/i1
b1G+IS/jbk2ka4YYFapbmYjPBdrWuLIFeaULFM7FWk3eC7D3tScbJf82U/1e73dx
aT7I45Ha56sdun+tqu/3vAD1JFX9/hZ1SxZ3sM1PKc27AdVka5+mPS/SdFaQSLv5
BdvPBJsBIuVSWMandPy6nS9HwkECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSOih0f
4Jaqg1urwrLhPzSpXIeRvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RmYzAyYmItNWJhZi00MjBiLWFmMWYtZjRiOGFjZGNlMjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Huw
gDANBgkqhkiG9w0BAQsFAAOCAQEAcD7el1tBr8B7bsoLRmnYhSLC6YnrRtkaRftE
m+lrRHIY3ZfJvXPSjEF/FFAQVNUPxEisPoCkefcA9owb+stAS+XIRGXfhlytxvRM
ZG+EG2N3ArCwXLF6FUXkfq933oDJ5Ji1AXNmkpsph2xnJZnbIEzkz30q5bRhbyCJ
m4xn/IvWOiESbkH2Uhmptp9EesQs79QYfSGj/QqUxXoBMXcsRE1bkhUvKVl55rKT
TZOnFd6huuJhVTLdmUNIAaaplXf5kA6UV9gI1TAgEs3JZu4zVqBS1uZaDn4SXo+5
8WnGKyR8mlokG5uzcLmE+vHa6NC1bXOVVyHOuOPIwuXI4ADdVg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:51 2025 by rpki-client