Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
File: 3fa7e298-325c-4151-ac0e-2364c78e67e5.roa (raw, json)
Hash identifier: UBEGnaVzao4fF9+mlB/ZTi9Z84ERvdkAYQpqxpj5JvY=
Subject key identifier: F9:17:42:0A:50:C3:2A:51:33:66:A3:3E:C6:37:3E:1F:2A:6F:0A:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CA76C9369B9D8EF614E49BCCC149D7ADFDFD3FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:a7:6c:93:69:b9:d8:ef:61:4e:49:bc:cc:14:9d:7a:df:df:d3:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c4f70ef8c37d49af237ec80500102288e4e05096d3dad1a02af27d2ad0c19bcb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8f:28:c9:7e:49:56:3a:7c:56:16:75:19:0c:
f0:2f:06:da:a9:9a:b1:fc:c6:ad:f9:85:c5:d0:e2:
c9:f6:96:12:f7:73:79:d7:4f:7e:74:2f:86:4c:45:
2f:41:da:e2:63:4a:71:52:a7:27:59:7f:1b:74:d9:
20:1c:c6:81:0a:42:23:c8:0e:86:58:f3:44:5d:dc:
ec:b9:e9:0e:ba:72:8e:73:35:ed:da:25:94:fa:ce:
f2:14:f4:ac:11:01:90:f5:71:a2:b3:49:6c:f4:69:
a5:8b:65:94:6e:f7:b1:77:29:1d:52:63:e5:be:15:
bd:15:5b:6e:49:5c:c9:20:75:df:fa:15:71:32:c0:
8f:d4:c4:f2:51:a6:b9:7c:f3:b6:a0:04:38:38:e6:
9e:6d:fd:2f:2b:43:8b:af:0e:4d:1f:f9:08:09:f7:
c2:d3:9d:a7:fa:97:fe:b9:3d:97:0b:69:69:d1:30:
65:98:c6:c3:27:06:45:c0:d1:1d:77:a5:c7:95:fc:
5c:11:0e:23:32:75:35:b2:b1:76:16:72:dc:58:11:
53:da:94:fb:b9:df:9a:e7:d6:89:ea:b6:be:b5:c7:
2e:f4:0c:c8:db:88:bb:f4:be:49:8f:ec:82:ab:4e:
e3:ec:36:e3:aa:b6:38:9f:46:5d:14:c5:e7:7e:02:
14:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:17:42:0A:50:C3:2A:51:33:66:A3:3E:C6:37:3E:1F:2A:6F:0A:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:6000::/40
Signature Algorithm: sha256WithRSAEncryption
59:4a:e9:1a:2d:e0:b0:12:95:70:54:2e:50:8f:85:b5:b6:d1:
f0:da:ac:8d:79:b9:47:c7:ce:10:2a:51:83:d0:50:7b:dd:2b:
4d:63:b4:2c:e5:5a:b7:78:0f:e4:e6:48:7e:c6:90:e3:9a:bb:
2c:5a:87:ab:f4:79:56:fd:97:8b:8f:7b:85:12:82:7c:7b:06:
d1:43:64:d6:a5:cd:32:80:7c:be:3b:32:5a:44:dc:ef:24:ce:
02:f9:54:c8:bf:2b:20:71:22:6e:d9:67:7a:53:23:d6:27:ce:
93:6d:7f:aa:e0:17:d5:79:b8:99:38:d6:74:76:f9:e8:c7:95:
19:47:0d:72:69:af:d2:0d:1f:e9:4f:e7:d4:6c:96:aa:6f:4a:
99:c3:d8:26:f5:4d:b8:41:48:1f:d1:49:ca:30:8a:31:4c:9a:
76:f3:03:73:f6:30:ef:28:ab:b1:f5:60:9e:f1:4e:67:5e:b2:
72:b0:e4:e8:e7:9a:70:31:91:f4:7e:28:2a:10:1b:f3:01:a0:
5a:d3:fd:30:db:d6:77:42:80:9c:34:fc:3c:69:e2:a4:66:91:
b2:19:a2:b8:05:26:66:d3:63:f1:71:72:d5:2b:6e:83:50:e4:
2d:1f:e5:e2:f7:fe:d4:a8:93:f2:bf:d0:30:d1:3f:ba:da:e6:
0e:a0:27:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbKdsk2m52O9hTkm8zBSdet/f0/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZjcwZWY4YzM3ZDQ5YWYyMzdlYzgwNTAwMTAyMjg4ZTRlMDUwOTZkM2Rh
ZDFhMDJhZjI3ZDJhZDBjMTliY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmPKMl+SVY6fFYWdRkM8C8G2qmasfzGrfmFxdDiyfaWEvdzeddPfnQvhkxF
L0Ha4mNKcVKnJ1l/G3TZIBzGgQpCI8gOhljzRF3c7LnpDrpyjnM17dollPrO8hT0
rBEBkPVxorNJbPRppYtllG73sXcpHVJj5b4VvRVbbklcySB13/oVcTLAj9TE8lGm
uXzztqAEODjmnm39LytDi68OTR/5CAn3wtOdp/qX/rk9lwtpadEwZZjGwycGRcDR
HXelx5X8XBEOIzJ1NbKxdhZy3FgRU9qU+7nfmufWieq2vrXHLvQMyNuIu/S+SY/s
gqtO4+w246q2OJ9GXRTF534CFAkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5F0IK
UMMqUTNmoz7GNz4fKm8KMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ZhN2UyOTgtMzI1Yy00MTUxLWFjMGUtMjM2NGM3OGU2N2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hdg
MA0GCSqGSIb3DQEBCwUAA4IBAQBZSukaLeCwEpVwVC5Qj4W1ttHw2qyNeblHx84Q
KlGD0FB73StNY7Qs5Vq3eA/k5kh+xpDjmrssWoer9HlW/ZeLj3uFEoJ8ewbRQ2TW
pc0ygHy+OzJaRNzvJM4C+VTIvysgcSJu2Wd6UyPWJ86TbX+q4BfVebiZONZ0dvno
x5UZRw1yaa/SDR/pT+fUbJaqb0qZw9gm9U24QUgf0UnKMIoxTJp28wNz9jDvKKux
9WCe8U5nXrJysOTo55pwMZH0figqEBvzAaBa0/0w29Z3QoCcNPw8aeKkZpGyGaK4
BSZm02PxcXLVK26DUOQtH+Xi9/7UqJPyv9Aw0T+62uYOoCe5
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:44 2025 by rpki-client