Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
File: 4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa (raw, json)
Hash identifier: LfQma7p42Wuycb0yYokKezxNTlD7/QBCUrPkeC+OMhk=
Subject key identifier: D4:AA:F2:56:BC:8C:C6:D1:B4:69:35:CF:B2:BE:66:70:B1:FF:36:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 307F24975BF503C110D0D2C97BA86C6324AC7DEC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:7f:24:97:5b:f5:03:c1:10:d0:d2:c9:7b:a8:6c:63:24:ac:7d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=befec6d8783abbaae10d5e59e3d64c415b6677245cea93db09aea223004cd5fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:32:92:f3:98:da:bb:73:d7:c1:95:dd:db:0f:
24:46:41:d3:c7:04:76:83:84:bb:f6:cf:d1:0d:de:
54:2c:ab:07:28:99:50:b5:1d:b3:b1:03:58:6c:b7:
db:ad:af:ce:75:9c:ab:8d:5b:9e:cc:a3:fd:44:45:
57:f3:ed:05:cc:28:07:b8:7a:dc:5d:6f:7e:ef:4c:
ff:a7:ad:bb:29:d0:ba:7a:f4:59:4d:0d:08:2c:99:
3b:1e:fe:fa:7a:a9:43:fe:2d:4e:72:80:07:e4:82:
3c:79:0e:e2:69:0b:03:66:a3:5c:ef:23:10:69:68:
ad:b3:f2:01:c5:dd:b5:4c:19:b3:2e:04:68:20:3b:
8e:da:4d:8c:59:1c:7c:1d:72:80:3e:7b:b5:4d:65:
74:19:c6:8f:54:78:4f:85:da:3d:10:ec:6c:ec:29:
e3:cd:f5:33:72:31:f8:56:91:78:cd:29:34:a1:4b:
4c:67:03:be:26:3d:60:ec:80:52:a5:66:d4:20:5c:
67:4e:cb:c2:a9:3b:e1:2e:6f:72:6b:ad:24:f6:5b:
ea:f1:31:78:3c:3f:5d:c8:d4:fc:29:5b:e9:06:5d:
8a:70:84:5b:83:8e:a4:ce:fc:be:49:64:e2:51:f1:
89:70:47:b5:6f:ae:d4:6b:da:77:23:8a:73:2c:0f:
cc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AA:F2:56:BC:8C:C6:D1:B4:69:35:CF:B2:BE:66:70:B1:FF:36:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4080::/46
Signature Algorithm: sha256WithRSAEncryption
0c:b3:fa:12:b7:7a:21:4f:45:81:c7:c8:1c:ef:cb:2a:db:60:
15:ba:e9:e1:68:42:17:4d:9f:6c:5d:45:1c:c8:44:98:9f:f7:
0e:d3:bb:31:4a:56:2d:43:67:7d:54:3c:67:26:9a:52:44:34:
ed:5c:5d:70:01:70:f0:c4:ed:39:67:eb:3c:d4:8e:ae:b0:94:
6b:d8:46:42:68:3a:fd:db:e9:b7:00:1f:9c:6a:a4:59:32:6d:
8b:85:56:fc:7c:7a:22:c0:c6:65:20:a8:b8:14:80:d8:96:e0:
74:6e:a3:d6:f1:ce:68:3f:38:ba:6c:f2:90:4b:48:1e:4d:d5:
58:46:79:12:ce:dc:f7:a6:b6:92:9e:23:69:40:47:19:d7:1e:
d2:a0:1f:6e:e9:00:c8:45:cb:2a:21:40:82:d9:aa:74:54:c9:
bf:2b:2a:a0:cc:9f:51:83:d1:18:24:a0:8f:d8:69:c8:0e:87:
49:c1:b9:9a:08:bb:88:f3:79:55:e3:e0:7e:ca:dc:25:45:70:
c9:83:e8:b3:20:3d:cf:e2:14:1f:53:6e:c1:16:89:57:76:5a:
db:86:1c:56:28:c0:26:23:38:3a:4c:f7:e7:c0:10:3f:fa:f3:
fb:41:98:be:f8:30:40:f9:cc:58:d4:51:66:4a:0b:e0:7d:23:
a1:2d:f5:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMH8kl1v1A8EQ0NLJe6hsYySsfewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZmVjNmQ4NzgzYWJiYWFlMTBkNWU1OWUzZDY0YzQxNWI2Njc3MjQ1Y2Vh
OTNkYjA5YWVhMjIzMDA0Y2Q1ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsykvOY2rtz18GV3dsPJEZB08cEdoOEu/bP0Q3eVCyrByiZULUds7EDWGy3
262vznWcq41bnsyj/URFV/PtBcwoB7h63F1vfu9M/6etuynQunr0WU0NCCyZOx7+
+nqpQ/4tTnKAB+SCPHkO4mkLA2ajXO8jEGlorbPyAcXdtUwZsy4EaCA7jtpNjFkc
fB1ygD57tU1ldBnGj1R4T4XaPRDsbOwp4831M3Ix+FaReM0pNKFLTGcDviY9YOyA
UqVm1CBcZ07Lwqk74S5vcmutJPZb6vExeDw/XcjU/Clb6QZdinCEW4OOpM78vklk
4lHxiXBHtW+u1GvadyOKcywPzJUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUqvJW
vIzG0bRpNc+yvmZwsf82zDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA5N2I2YjQtNDc1Zi00Zjk2LTlkNWUtODhjMDhmMmM1ODA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
gDANBgkqhkiG9w0BAQsFAAOCAQEADLP6Erd6IU9FgcfIHO/LKttgFbrp4WhCF02f
bF1FHMhEmJ/3DtO7MUpWLUNnfVQ8ZyaaUkQ07VxdcAFw8MTtOWfrPNSOrrCUa9hG
Qmg6/dvptwAfnGqkWTJti4VW/Hx6IsDGZSCouBSA2JbgdG6j1vHOaD84umzykEtI
Hk3VWEZ5Es7c96a2kp4jaUBHGdce0qAfbukAyEXLKiFAgtmqdFTJvysqoMyfUYPR
GCSgj9hpyA6HScG5mgi7iPN5VePgfsrcJUVwyYPosyA9z+IUH1NuwRaJV3Za24Yc
VijAJiM4Okz358AQP/rz+0GYvvgwQPnMWNRRZkoL4H0joS31BQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:55 2025 by rpki-client