Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: QbRuo02Q0yOrjxADrcwiuUhlIkrJ2IHVcY+7bGraAmw=
Subject key identifier: BC:E1:91:11:58:BC:EE:70:AB:4F:F4:07:90:0A:E0:13:A7:6D:AD:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 410B5F9D4423DB5AF654F0B49BFF711AA9212B1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:0b:5f:9d:44:23:db:5a:f6:54:f0:b4:9b:ff:71:1a:a9:21:2b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=561e18f81b7358aaa9714515a8d876548f89c623e96f56d6fe6f49ca826f68d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:eb:7a:ff:9b:c6:da:be:2d:97:45:75:32:
a6:0d:d9:55:0d:e2:bb:64:6c:f4:fd:a1:e1:d4:c0:
b9:d9:b5:ec:23:32:25:20:2d:c9:ee:de:87:12:79:
37:70:cf:df:0b:dd:c9:3f:af:58:2d:86:94:46:a1:
89:b9:86:13:8a:55:77:00:7b:94:ad:4e:7f:8f:8f:
49:5b:af:a0:09:0e:48:5b:d7:5b:80:55:8b:24:f4:
8b:40:bd:1e:18:3d:99:ea:29:8c:c5:f2:a5:f1:32:
fd:79:94:6d:b0:a5:ff:e0:ad:77:33:d2:26:d2:96:
00:63:95:9a:a1:d6:42:21:31:63:d7:ad:14:7b:f2:
93:f6:24:b9:29:02:d3:fa:3d:1c:61:f1:67:e5:4e:
cf:38:c5:7a:6f:1d:9b:4c:a3:10:34:12:cc:d0:7f:
25:76:3d:d4:c3:22:f2:19:3d:7d:f0:05:79:0a:6e:
52:ad:ed:be:3e:d4:6d:58:cd:e0:0b:4d:7e:b4:2a:
f1:30:89:ca:7c:f0:ec:d6:94:45:df:eb:a7:4a:c0:
c1:50:bd:2a:2c:79:f7:ce:c3:47:76:c7:6b:15:8b:
42:3b:f6:e5:e1:a2:cc:53:4c:38:23:e9:96:4f:04:
9e:75:f0:d9:1f:ce:11:42:57:6c:e5:3a:5e:b3:8d:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E1:91:11:58:BC:EE:70:AB:4F:F4:07:90:0A:E0:13:A7:6D:AD:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
25:58:7f:47:02:8e:f5:aa:21:f2:db:70:12:c4:ef:31:5c:3f:
8b:96:8a:b6:45:70:55:b9:30:62:4f:35:46:71:0b:c1:6a:47:
c5:82:57:6f:b0:cc:c3:c3:f9:e6:82:17:96:c7:af:a0:6f:a3:
e6:26:b0:97:e9:5a:cc:5c:a7:d4:83:fe:7b:c1:39:b9:86:9c:
21:a7:85:53:2c:68:68:d7:86:1a:c7:71:fc:35:91:f4:52:69:
42:93:e2:3d:81:a4:6f:c0:1c:67:b5:b3:d5:6c:28:d6:30:bd:
40:0a:f1:22:93:6d:39:25:e4:e4:8c:01:07:76:35:b6:c0:87:
1e:db:da:85:3f:af:33:b5:db:3e:43:76:81:1b:2b:4c:e3:3d:
10:27:56:9c:04:d0:6d:01:4f:bc:00:6d:dc:52:ed:a6:d1:4a:
5b:23:67:75:8f:92:53:6f:35:e0:90:12:ca:b7:4b:e4:91:22:
d1:d2:1d:b1:84:a9:4c:86:ea:2f:04:96:3d:8e:2e:82:77:38:
36:c8:cc:85:ab:be:67:eb:d2:85:1b:31:38:99:36:2c:19:23:
d9:66:a8:98:cb:21:7d:c5:44:e0:6c:b3:16:b2:97:b0:b5:b2:
28:1e:c1:ef:b0:1f:a8:92:ad:5b:8a:ff:20:c1:89:dd:99:fa:
9c:d7:9f:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQQtfnUQj21r2VPC0m/9xGqkhKxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MWUxOGY4MWI3MzU4YWFhOTcxNDUxNWE4ZDg3NjU0OGY4OWM2MjNlOTZm
NTZkNmZlNmY0OWNhODI2ZjY4ZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzF63r/m8bavi2XRXUypg3ZVQ3iu2Rs9P2h4dTAudm17CMyJSAtye7ehxJ5
N3DP3wvdyT+vWC2GlEahibmGE4pVdwB7lK1Of4+PSVuvoAkOSFvXW4BViyT0i0C9
Hhg9meopjMXypfEy/XmUbbCl/+CtdzPSJtKWAGOVmqHWQiExY9etFHvyk/YkuSkC
0/o9HGHxZ+VOzzjFem8dm0yjEDQSzNB/JXY91MMi8hk9ffAFeQpuUq3tvj7UbVjN
4AtNfrQq8TCJynzw7NaURd/rp0rAwVC9Kix5987DR3bHaxWLQjv25eGizFNMOCPp
lk8EnnXw2R/OEUJXbOU6XrONxQECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS84ZER
WLzucKtP9AeQCuATp22tLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAJVh/RwKO9aoh8ttwEsTvMVw/i5aKtkVwVbkw
Yk81RnELwWpHxYJXb7DMw8P55oIXlsevoG+j5iawl+lazFyn1IP+e8E5uYacIaeF
UyxoaNeGGsdx/DWR9FJpQpPiPYGkb8AcZ7Wz1Wwo1jC9QArxIpNtOSXk5IwBB3Y1
tsCHHtvahT+vM7XbPkN2gRsrTOM9ECdWnATQbQFPvABt3FLtptFKWyNndY+SU281
4JASyrdL5JEi0dIdsYSpTIbqLwSWPY4ugnc4NsjMhau+Z+vShRsxOJk2LBkj2Wao
mMshfcVE4GyzFrKXsLWyKB7B77AfqJKtW4r/IMGJ3Zn6nNefwA==
-----END CERTIFICATE-----
Generated at Fri May 2 22:06:58 2025 by rpki-client