Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: k7+9Ydv3Wbg3HC4jmzrr4AR0MUZe/Nhm7Y/Fz5/AIIk=
Subject key identifier: 8C:C3:4F:1E:95:B8:C3:B0:BF:73:B7:B4:8D:B5:B3:22:ED:7F:90:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 682514CF40ED01C8FECB98D2396352BBEC12A647
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:25:14:cf:40:ed:01:c8:fe:cb:98:d2:39:63:52:bb:ec:12:a6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=4b40fbfb1378de5df34ee9a919d63148b73fdf17ee5e7e1888a37c96ef148031, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:9f:05:b6:a2:50:5e:a4:fb:08:d4:01:66:
71:b9:96:46:8d:52:30:1c:9d:55:d3:76:8e:e2:74:
26:97:98:32:74:49:c1:e6:2c:9f:81:23:99:12:ce:
7f:b6:c9:66:57:98:ae:1e:ae:bd:b9:95:5f:8c:f1:
36:a7:c9:dd:ca:ea:97:26:1d:cc:58:9f:15:49:46:
0f:80:5d:c6:7c:0c:07:12:61:87:0b:2f:9f:c5:ad:
3f:15:6d:2f:c5:e3:d4:e0:35:40:83:ac:ae:f9:70:
82:1b:b0:c6:e7:8a:39:83:5f:16:fd:51:18:f0:6d:
c0:a0:50:3d:bd:23:f1:aa:8c:f9:b8:7a:5f:91:32:
ca:68:bd:93:df:28:31:1d:54:91:09:23:bd:ab:6c:
1f:05:52:d1:a4:15:68:e3:8e:66:f8:36:12:6f:f6:
b8:67:a8:e6:99:07:ba:98:7a:7d:57:65:ab:88:af:
be:2a:52:ab:b6:a0:3b:ba:58:d0:96:de:07:14:6a:
a6:d8:9e:59:c6:11:ef:53:7e:48:28:52:a7:36:1f:
eb:2a:19:cf:b8:95:e7:c2:ab:ed:bd:e4:71:38:6c:
78:10:17:ff:bc:2a:c8:b9:96:67:90:4e:4a:8a:e1:
25:9a:d2:ee:cb:63:a7:ba:c0:fd:fe:21:05:5a:f7:
f8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C3:4F:1E:95:B8:C3:B0:BF:73:B7:B4:8D:B5:B3:22:ED:7F:90:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:48:f3:85:83:1a:55:d6:88:62:c7:2f:d1:5b:69:a8:72:fe:
59:52:91:0c:ab:82:b4:8c:ab:f7:10:28:2e:bb:72:49:63:56:
63:22:0f:6a:0b:da:3e:a9:d3:43:ef:77:20:85:49:0b:8a:b2:
dc:bc:22:6c:60:80:57:21:d3:fb:70:b0:b4:bc:43:7c:d8:c1:
d0:78:c5:fe:07:2d:8f:33:63:6d:30:52:6d:99:b8:f2:13:24:
22:d2:ed:44:30:0a:2b:3a:27:d8:ef:90:61:8a:5a:67:4c:aa:
e4:d2:ef:3d:d9:e4:c7:52:1a:e4:24:86:06:16:4e:3c:de:b9:
38:2d:a0:ca:04:b0:0a:13:ef:73:55:fe:54:90:57:ed:91:0c:
5b:1d:78:77:01:b5:f2:a5:34:23:7a:83:f2:06:7e:1c:be:7b:
0b:cb:c1:43:18:46:34:bb:89:67:8b:50:70:77:60:3a:5a:91:
f8:e8:4c:de:72:f5:d7:1e:66:3d:d1:9a:36:e3:3b:3f:1c:32:
cd:34:db:df:cc:23:ac:7d:b5:53:a4:78:73:36:38:f9:d7:ac:
75:e3:60:88:34:fd:d7:a2:87:8d:6f:24:56:3c:20:5f:b7:ba:
56:ee:e5:b1:76:c0:43:42:dc:c0:52:0b:21:d8:c0:c7:e4:0f:
74:95:4d:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaCUUz0DtAcj+y5jSOWNSu+wSpkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNDBmYmZiMTM3OGRlNWRmMzRlZTlhOTE5ZDYzMTQ4YjczZmRmMTdlZTVl
N2UxODg4YTM3Yzk2ZWYxNDgwMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALA7nwW2olBepPsI1AFmcbmWRo1SMBydVdN2juJ0JpeYMnRJweYsn4EjmRLO
f7bJZleYrh6uvbmVX4zxNqfJ3crqlyYdzFifFUlGD4BdxnwMBxJhhwsvn8WtPxVt
L8Xj1OA1QIOsrvlwghuwxueKOYNfFv1RGPBtwKBQPb0j8aqM+bh6X5Eyymi9k98o
MR1UkQkjvatsHwVS0aQVaOOOZvg2Em/2uGeo5pkHuph6fVdlq4ivvipSq7agO7pY
0JbeBxRqptieWcYR71N+SChSpzYf6yoZz7iV58Kr7b3kcThseBAX/7wqyLmWZ5BO
SorhJZrS7stjp7rA/f4hBVr3+N8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMw08e
lbjDsL9zt7SNtbMi7X+QfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQAPSPOFgxpV1ohixy/RW2mocv5ZUpEMq4K0jKv3
ECguu3JJY1ZjIg9qC9o+qdND73cghUkLirLcvCJsYIBXIdP7cLC0vEN82MHQeMX+
By2PM2NtMFJtmbjyEyQi0u1EMAorOifY75BhilpnTKrk0u892eTHUhrkJIYGFk48
3rk4LaDKBLAKE+9zVf5UkFftkQxbHXh3AbXypTQjeoPyBn4cvnsLy8FDGEY0u4ln
i1Bwd2A6WpH46EzecvXXHmY90Zo24zs/HDLNNNvfzCOsfbVTpHhzNjj516x142CI
NP3XooeNbyRWPCBft7pW7uWxdsBDQtzAUgsh2MDH5A90lU3k
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:45 2025 by rpki-client