Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
File: 417101f4-2159-4c08-aa5e-b16ba0461450.roa (raw, json)
Hash identifier: n8Fmbs5cU3j1z4BH1iHFQbu36xc5kV+fG45vpKXEW9Y=
Subject key identifier: 05:99:57:F6:D6:3D:4C:28:92:49:D7:88:DB:58:F3:9F:A2:62:86:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B765FA480435413EE1CF14B7CE28018A0432800
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:76:5f:a4:80:43:54:13:ee:1c:f1:4b:7c:e2:80:18:a0:43:28:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f910fa6d08c36690afc2d56f7485219006921d391953e03d2768078b061f8c8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:fb:8f:f4:14:c8:44:1e:3d:a4:4d:ad:d3:
7b:37:4b:01:68:9c:c5:e3:bb:3b:2e:6d:86:e8:68:
a1:37:1a:f8:dd:20:6d:bc:aa:60:e8:24:4a:8e:c3:
a7:e4:ae:31:3e:5e:f2:50:40:de:91:d8:0a:82:74:
fa:e2:9e:fb:bc:a7:2e:b7:01:6e:f9:2e:50:54:6d:
69:b2:d2:c1:71:54:b8:b1:14:58:80:6a:99:69:7f:
9d:08:d8:f7:42:bb:d3:9f:b6:b5:5e:72:48:2f:5a:
e8:ba:bd:38:e3:54:6e:34:08:41:0d:0b:24:1c:8a:
80:6b:6a:50:b4:2f:c5:6d:87:7c:d6:00:cb:12:18:
8b:ea:b3:25:19:52:f7:f2:e3:81:1f:9e:18:c4:24:
2b:c5:1b:6a:14:dc:78:6e:7c:30:4e:38:53:e9:2e:
19:29:22:97:f5:25:d5:b7:63:64:13:cf:d0:30:a2:
31:86:21:cf:5f:10:fd:2a:44:61:73:c4:13:4c:8a:
98:82:46:3f:fc:bd:75:e3:13:0f:57:10:78:73:07:
ee:a4:a7:bc:ba:d3:e1:97:24:ce:e3:62:66:1c:9e:
8f:21:2f:c0:ca:6c:f2:24:a8:57:c1:8e:8b:8d:8d:
2a:02:0f:99:83:6f:c3:92:9c:b8:c0:fb:ca:96:d2:
3b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:99:57:F6:D6:3D:4C:28:92:49:D7:88:DB:58:F3:9F:A2:62:86:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/417101f4-2159-4c08-aa5e-b16ba0461450.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
00:6a:c9:00:77:8c:b9:82:91:ae:75:62:60:15:a2:c7:63:88:
66:be:4f:1f:c2:3d:b6:c9:31:04:3a:d3:d6:31:06:bf:af:21:
5f:f8:6c:55:af:dc:23:87:bf:a9:19:33:8c:33:52:02:49:b3:
61:32:ba:27:43:a7:69:3d:22:78:d9:5d:f5:58:6e:37:7c:cb:
b0:50:10:8f:e7:6b:d7:be:6b:74:1a:0b:89:72:34:2b:92:32:
09:5f:3d:78:4e:ce:a5:59:0c:47:60:b9:e2:e3:3d:3e:1e:0b:
e7:62:79:2e:53:4d:cf:bf:5a:42:f5:81:52:ec:dc:77:fb:f9:
7c:cf:87:d3:6b:f4:5f:fe:1c:03:87:20:40:c7:2d:49:0e:be:
5c:c7:d1:b4:85:bd:6b:72:a7:ea:b6:c3:46:ce:de:c5:eb:38:
fb:84:1f:82:4c:a3:24:d2:ce:bf:79:f4:d0:98:cb:a4:45:9a:
15:c7:3c:c2:64:3f:08:86:a9:7e:6b:1f:f6:ca:64:6e:d8:84:
89:31:54:47:cc:90:e2:bd:42:d7:49:26:3c:a2:b8:7d:16:91:
33:24:84:aa:e5:66:f9:51:19:80:5e:d4:b9:38:48:2a:e0:c0:
5b:ba:54:a4:fc:5c:10:44:ca:4f:95:37:c8:4c:bc:75:d5:19:
e0:e9:5c:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG3ZfpIBDVBPuHPFLfOKAGKBDKAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MTBmYTZkMDhjMzY2OTBhZmMyZDU2Zjc0ODUyMTkwMDY5MjFkMzkxOTUz
ZTAzZDI3NjgwNzhiMDYxZjhjOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeZ+4/0FMhEHj2kTa3TezdLAWicxeO7Oy5thuhooTca+N0gbbyqYOgkSo7D
p+SuMT5e8lBA3pHYCoJ0+uKe+7ynLrcBbvkuUFRtabLSwXFUuLEUWIBqmWl/nQjY
90K705+2tV5ySC9a6Lq9OONUbjQIQQ0LJByKgGtqULQvxW2HfNYAyxIYi+qzJRlS
9/LjgR+eGMQkK8UbahTceG58ME44U+kuGSkil/Ul1bdjZBPP0DCiMYYhz18Q/SpE
YXPEE0yKmIJGP/y9deMTD1cQeHMH7qSnvLrT4ZckzuNiZhyejyEvwMps8iSoV8GO
i42NKgIPmYNvw5KcuMD7ypbSOzsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFmVf2
1j1MKJJJ14jbWPOfomKGgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDE3MTAxZjQtMjE1OS00YzA4LWFhNWUtYjE2YmEwNDYxNDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQAAaskAd4y5gpGudWJgFaLHY4hmvk8fwj22yTEE
OtPWMQa/ryFf+GxVr9wjh7+pGTOMM1ICSbNhMronQ6dpPSJ42V31WG43fMuwUBCP
52vXvmt0GguJcjQrkjIJXz14Ts6lWQxHYLni4z0+HgvnYnkuU03Pv1pC9YFS7Nx3
+/l8z4fTa/Rf/hwDhyBAxy1JDr5cx9G0hb1rcqfqtsNGzt7F6zj7hB+CTKMk0s6/
efTQmMukRZoVxzzCZD8Ihql+ax/2ymRu2ISJMVRHzJDivULXSSY8orh9FpEzJISq
5Wb5URmAXtS5OEgq4MBbulSk/FwQRMpPlTfITLx11Rng6Vyh
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:25:34 2025 by rpki-client