Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4277ae08-1702-42db-870f-5d701ebda87a.roa
File: 4277ae08-1702-42db-870f-5d701ebda87a.roa (raw, json)
Hash identifier: vHTqduLZIbhFpMMqz5A6YwOSqIHRk/Ycyfyy0AUg4QY=
Subject key identifier: 87:2D:39:A9:AA:8F:AF:4E:01:94:CE:21:11:28:EF:74:A2:69:8F:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 168BE7F510DF69F7B05F737ED658B34A16753B6C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4277ae08-1702-42db-870f-5d701ebda87a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:8b:e7:f5:10:df:69:f7:b0:5f:73:7e:d6:58:b3:4a:16:75:3b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=7225fbab9739589a50ff8eb631fa73ff30b9683fbf9bef161b0fbc795e627410, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fd:dd:f8:cc:a3:00:b5:06:d4:2a:76:44:9f:
f0:fb:5d:f2:26:af:be:b0:2a:b4:d2:63:79:b5:81:
32:1f:64:61:88:96:49:4a:3b:1d:f5:e6:5d:b8:5e:
49:cf:b9:4e:e7:52:e3:c7:15:ad:51:cb:6a:94:0f:
1f:06:f1:f9:b5:78:1b:98:02:18:a1:58:d6:3b:eb:
ce:31:15:f0:c9:66:f0:8a:d5:7d:a8:cc:77:11:45:
9c:09:51:c3:cc:78:d6:df:ac:5c:53:13:f0:af:dd:
03:6e:2e:b9:72:3a:81:e7:9b:4d:ee:fc:f2:ac:9d:
4a:d1:05:94:69:79:7e:4e:b1:3b:0b:65:0c:95:49:
c1:a1:6a:11:b6:c9:bb:c6:28:89:d9:63:fa:1b:9a:
69:a0:9c:7f:a1:06:21:ab:dd:c8:e0:cf:f1:b5:00:
d5:4b:db:3c:c8:6d:54:99:bf:0c:fd:46:ef:af:f0:
91:de:4f:72:86:60:80:b7:0a:52:5e:1f:65:7b:d5:
e5:47:55:93:99:7a:86:4f:ac:50:ce:83:8a:0d:8b:
6f:24:3f:ca:db:af:93:3d:ed:ac:95:28:0f:ac:46:
91:2a:a1:3d:be:f0:1b:a4:ca:8c:11:cb:a8:77:00:
92:ce:30:7d:10:a6:62:35:ce:22:df:15:c9:88:6c:
cf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2D:39:A9:AA:8F:AF:4E:01:94:CE:21:11:28:EF:74:A2:69:8F:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4277ae08-1702-42db-870f-5d701ebda87a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5040::/46
Signature Algorithm: sha256WithRSAEncryption
7b:29:a3:fb:67:39:c0:d3:ad:d5:ca:7b:ac:0a:80:25:45:c6:
ac:85:e2:16:60:76:5e:24:00:c2:b3:7b:c0:91:4d:bc:a8:96:
39:c0:b5:ae:80:ad:bb:5e:dc:e9:df:0b:22:86:18:58:75:94:
85:03:d5:32:27:15:7a:a0:4a:aa:8e:9d:cc:52:4a:32:95:27:
4e:70:67:b0:c1:34:5a:d5:ed:8c:0f:6f:17:f4:a5:b6:66:a9:
f6:67:d7:d1:09:60:e2:50:e3:1c:42:7b:7a:36:0f:e8:55:d8:
35:bf:43:86:76:8b:5d:f0:8b:b2:e7:9d:d1:96:8a:8a:bf:59:
50:cd:0c:d1:e3:9d:fe:9b:c5:5f:d9:2f:57:ce:b6:c3:3f:d0:
3b:e2:f9:a2:6c:86:77:6d:61:b2:62:d7:02:ba:a6:a4:30:3c:
e6:dc:2f:9b:05:90:bd:d6:cc:d4:ad:e7:e6:32:b2:bf:19:f4:
3c:fa:5c:11:f9:1d:bd:a3:71:77:9d:5f:e5:7b:35:19:10:7e:
b4:8b:32:6b:8c:b8:ff:94:7f:06:44:ed:57:63:de:dc:b6:3d:
0b:22:15:37:e1:3e:57:7b:fa:c2:7e:4c:85:f6:a0:44:3d:2d:
ca:f5:37:90:92:c6:c5:96:13:b4:f9:0f:23:12:c2:dc:31:a3:
69:66:67:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFovn9RDfafewX3N+1lizShZ1O2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMjVmYmFiOTczOTU4OWE1MGZmOGViNjMxZmE3M2ZmMzBiOTY4M2ZiZjli
ZWYxNjFiMGZiYzc5NWU2Mjc0MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL93fjMowC1BtQqdkSf8Ptd8iavvrAqtNJjebWBMh9kYYiWSUo7HfXmXbhe
Sc+5TudS48cVrVHLapQPHwbx+bV4G5gCGKFY1jvrzjEV8Mlm8IrVfajMdxFFnAlR
w8x41t+sXFMT8K/dA24uuXI6geebTe788qydStEFlGl5fk6xOwtlDJVJwaFqEbbJ
u8Yoidlj+huaaaCcf6EGIavdyODP8bUA1UvbPMhtVJm/DP1G76/wkd5PcoZggLcK
Ul4fZXvV5UdVk5l6hk+sUM6Dig2LbyQ/ytuvkz3trJUoD6xGkSqhPb7wG6TKjBHL
qHcAks4wfRCmYjXOIt8VyYhsz78CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHLTmp
qo+vTgGUziERKO90ommPLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDI3N2FlMDgtMTcwMi00MmRiLTg3MGYtNWQ3MDFlYmRhODdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAeymj+2c5wNOt1cp7rAqAJUXGrIXiFmB2XiQA
wrN7wJFNvKiWOcC1roCtu17c6d8LIoYYWHWUhQPVMicVeqBKqo6dzFJKMpUnTnBn
sME0WtXtjA9vF/Sltmap9mfX0Qlg4lDjHEJ7ejYP6FXYNb9DhnaLXfCLsued0ZaK
ir9ZUM0M0eOd/pvFX9kvV862wz/QO+L5omyGd21hsmLXArqmpDA85twvmwWQvdbM
1K3n5jKyvxn0PPpcEfkdvaNxd51f5Xs1GRB+tIsya4y4/5R/BkTtV2Pe3LY9CyIV
N+E+V3v6wn5MhfagRD0tyvU3kJLGxZYTtPkPIxLC3DGjaWZnWQ==
-----END CERTIFICATE-----
Generated at Fri May 2 14:42:58 2025 by rpki-client