Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
File: 42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa (raw, json)
Hash identifier: RKKtr7hV59oAGuY8l2FhsseMwaFAYHXjLitlrOjzMhc=
Subject key identifier: E0:81:8A:86:7D:E8:47:53:78:A1:77:08:2E:8C:09:10:5F:1F:1A:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D9A136AE69EEBB5A12100BBCE15FD93EC75EC6C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8090::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:9a:13:6a:e6:9e:eb:b5:a1:21:00:bb:ce:15:fd:93:ec:75:ec:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0091e0c067cea416eb86886126fba3e1493bbc2c8ab52b76bec9a9452bac2c02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e8:c6:61:a9:0e:df:ad:fc:41:7d:1a:31:2b:
95:38:6d:3e:4d:ef:4d:cc:87:15:49:00:3f:61:67:
33:a7:32:44:d6:7b:f4:2a:6d:57:4c:12:87:cd:ed:
50:ad:7e:c1:e0:b8:29:9b:f2:4b:05:0d:74:55:63:
18:1f:92:0a:ab:0f:b9:48:84:a7:dd:74:dc:3b:8d:
04:2d:7d:f8:e1:41:06:99:52:4d:9d:e5:e9:79:81:
11:82:7e:bd:3a:f7:d0:ad:6c:e9:40:4f:c7:bb:d6:
1f:1c:22:32:a2:ac:61:0e:55:e9:cf:ef:4f:7d:a4:
b1:c2:fb:22:64:a2:df:64:c0:29:c4:8d:dd:6e:1b:
5b:c5:d6:96:78:f2:b9:9a:2c:ee:81:5b:b4:27:d0:
d2:93:9a:92:25:c2:e7:42:b0:cd:74:05:2f:b7:c8:
9d:e5:3e:f1:a2:77:68:59:84:43:9d:02:a9:21:b3:
2e:a4:6b:12:60:6a:66:05:3e:bf:62:4d:d1:19:40:
37:82:90:a0:ee:6b:f9:ed:8f:fe:90:f3:4b:53:f5:
9a:09:42:ac:2c:b2:ce:db:78:21:48:df:e2:db:2c:
26:3b:8f:b8:06:49:f4:80:18:c8:3e:db:ca:a1:17:
8c:f6:56:0f:d5:08:1c:ad:92:05:ec:16:31:28:96:
e2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:81:8A:86:7D:E8:47:53:78:A1:77:08:2E:8C:09:10:5F:1F:1A:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8090::/48
Signature Algorithm: sha256WithRSAEncryption
4c:5d:28:3c:08:02:81:eb:e3:31:53:3b:59:31:38:e9:51:f5:
cf:34:94:3b:9f:7b:33:11:1d:e7:50:69:eb:44:89:c2:fe:a8:
a2:f5:7b:f3:d7:89:19:63:bc:86:a0:56:65:57:d4:28:6f:47:
83:8d:85:5e:16:57:62:03:99:c0:9e:ce:6d:fe:9c:5c:2d:a9:
ae:0e:38:83:1e:e5:d5:23:08:1b:ab:02:20:38:ca:39:3f:a6:
b4:04:c4:0f:46:7e:68:6f:57:d4:22:d3:72:6e:bc:0f:29:08:
c4:32:66:50:45:23:71:ee:eb:6c:9a:e7:7b:56:39:c7:9f:da:
da:a0:52:52:f4:cd:d9:16:c6:a0:b2:8f:b4:15:1f:d6:e7:d5:
ed:b2:ce:52:98:da:29:e3:cb:3a:c2:49:5a:9a:8f:99:0d:96:
aa:98:82:8e:a7:17:82:1c:73:9e:59:56:4f:a1:45:72:a7:bf:
85:12:a6:f1:b1:75:4e:22:86:37:3f:8b:8d:f8:51:e2:a2:74:
e6:5d:98:53:34:d9:ab:b4:46:e7:f4:2f:1f:fe:a7:fa:bb:bd:
68:d7:4c:52:d0:81:e0:06:8f:6a:f2:75:d3:b0:c2:db:16:89:
67:37:ae:11:d6:66:2f:b5:d9:3b:97:c3:ca:ec:73:f2:35:2d:
0c:6f:8e:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTZoTauae67WhIQC7zhX9k+x17GwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwOTFlMGMwNjdjZWE0MTZlYjg2ODg2MTI2ZmJhM2UxNDkzYmJjMmM4YWI1
MmI3NmJlYzlhOTQ1MmJhYzJjMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLoxmGpDt+t/EF9GjErlThtPk3vTcyHFUkAP2FnM6cyRNZ79CptV0wSh83t
UK1+weC4KZvySwUNdFVjGB+SCqsPuUiEp9103DuNBC19+OFBBplSTZ3l6XmBEYJ+
vTr30K1s6UBPx7vWHxwiMqKsYQ5V6c/vT32kscL7ImSi32TAKcSN3W4bW8XWlnjy
uZos7oFbtCfQ0pOakiXC50KwzXQFL7fIneU+8aJ3aFmEQ50CqSGzLqRrEmBqZgU+
v2JN0RlAN4KQoO5r+e2P/pDzS1P1mglCrCyyztt4IUjf4tssJjuPuAZJ9IAYyD7b
yqEXjPZWD9UIHK2SBewWMSiW4jkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTggYqG
fehHU3ihdwgujAkQXx8aKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJlZjdkODktYjliZi00NjBmLWI5MDYtNzQ0M2Q5NmY0YTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
kDANBgkqhkiG9w0BAQsFAAOCAQEATF0oPAgCgevjMVM7WTE46VH1zzSUO597MxEd
51Bp60SJwv6oovV789eJGWO8hqBWZVfUKG9Hg42FXhZXYgOZwJ7Obf6cXC2prg44
gx7l1SMIG6sCIDjKOT+mtATED0Z+aG9X1CLTcm68DykIxDJmUEUjce7rbJrne1Y5
x5/a2qBSUvTN2RbGoLKPtBUf1ufV7bLOUpjaKePLOsJJWpqPmQ2WqpiCjqcXghxz
nllWT6FFcqe/hRKm8bF1TiKGNz+LjfhR4qJ05l2YUzTZq7RG5/QvH/6n+ru9aNdM
UtCB4AaPavJ107DC2xaJZzeuEdZmL7XZO5fDyuxz8jUtDG+OOA==
-----END CERTIFICATE-----
Generated at Fri May 2 22:07:03 2025 by rpki-client