Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: 1nWuA/ptvvH1MDCdkHxYHGjycsEoTtsp6/uh28pzjLk=
Subject key identifier: 4C:B8:BF:BC:98:6C:FD:30:9A:06:2E:3D:57:51:44:E7:50:00:6D:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E179CDF030BD6BC1A262248430F7148CCB31A64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:17:9c:df:03:0b:d6:bc:1a:26:22:48:43:0f:71:48:cc:b3:1a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=58b5cb0938ab33b6a51816fefa37009cadf013804836c0e66c609c7a93b0f52f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:70:9a:10:38:81:a2:dd:f2:79:6a:62:50:
45:fa:37:1e:a1:f4:4c:05:16:a2:83:ee:71:3a:f5:
f1:29:77:8f:dd:4e:bd:35:d9:c8:84:8a:ce:99:32:
3f:f3:fb:4c:7e:72:ef:9e:66:b1:68:d5:4b:82:66:
ae:54:22:80:64:e2:41:bd:99:b7:f6:db:3b:49:b0:
ba:d8:b7:a9:d1:3a:f7:ca:f2:2e:04:e3:1c:a1:25:
32:2a:a5:a2:59:eb:6d:1d:f1:f1:6d:f2:e4:07:2c:
b9:f4:82:9e:ac:dd:98:da:ac:b9:3b:00:42:77:b1:
c3:af:07:99:9d:35:77:78:22:2f:fe:dd:71:16:53:
c5:ec:a1:1b:dc:ea:56:d3:3d:52:a4:fe:0e:e5:2c:
41:44:e2:12:7f:d4:2b:4f:a8:80:6c:d5:8e:33:b0:
2f:d3:45:1e:fb:1b:f5:fb:61:25:5f:1e:b2:e8:11:
9e:32:3e:68:91:d7:35:39:f7:fb:2d:ef:f5:18:db:
c2:cd:e2:4b:96:91:f4:9b:f3:ae:c4:9d:87:38:76:
d4:43:64:59:6e:05:a6:37:6c:b9:08:89:af:6c:c9:
f1:56:2f:20:d1:d6:79:35:f0:05:52:9a:9a:cb:82:
b0:a7:99:42:73:29:60:3d:3b:6a:25:00:4a:9f:9d:
6a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B8:BF:BC:98:6C:FD:30:9A:06:2E:3D:57:51:44:E7:50:00:6D:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
56:1b:b5:5e:4f:b9:d0:31:a0:29:47:08:03:e8:89:8f:71:c8:
90:e8:b2:65:da:0a:ce:89:f6:42:d0:43:13:aa:f4:cf:33:9b:
47:d7:b7:1b:2a:3d:0d:0f:af:11:b7:96:42:d8:3e:5b:ab:44:
cb:89:9b:17:0d:6d:aa:26:ec:20:fc:01:dd:49:95:f2:ee:5f:
cf:a1:0f:0a:e3:63:a0:14:0a:b0:2e:98:75:16:55:8e:20:99:
ca:a2:f5:2d:2c:89:8b:01:5e:cc:d1:a9:9c:d7:ec:12:b0:40:
09:79:4e:7b:e7:fb:05:27:00:34:30:9c:a8:1e:a6:8b:ef:c7:
4e:c4:fa:7f:37:80:4f:7d:cd:39:b9:9f:1c:54:13:5d:8b:5c:
5f:22:20:18:75:a5:d4:d7:25:93:30:ee:cc:89:20:94:6d:c7:
5c:99:3f:95:e0:56:61:8e:e8:7d:c1:1f:e0:58:2e:37:89:21:
bb:94:32:3b:db:fd:4f:c2:e6:f7:78:e0:07:6f:70:58:af:c3:
e4:09:31:9e:5d:cb:49:41:3d:f6:b6:a5:ea:1d:85:1d:e5:7c:
b4:2e:1e:ba:37:21:3c:b6:3d:f3:7f:1c:97:ce:69:5c:7d:19:
2a:1c:2d:e6:24:8e:47:2d:c7:49:a8:d1:3f:0a:57:a9:0b:ab:
c0:b9:e2:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfhec3wML1rwaJiJIQw9xSMyzGmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YjVjYjA5MzhhYjMzYjZhNTE4MTZmZWZhMzcwMDljYWRmMDEzODA0ODM2
YzBlNjZjNjA5YzdhOTNiMGY1MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLycJoQOIGi3fJ5amJQRfo3HqH0TAUWooPucTr18Sl3j91OvTXZyISKzpky
P/P7TH5y755msWjVS4JmrlQigGTiQb2Zt/bbO0mwuti3qdE698ryLgTjHKElMiql
olnrbR3x8W3y5AcsufSCnqzdmNqsuTsAQnexw68HmZ01d3giL/7dcRZTxeyhG9zq
VtM9UqT+DuUsQUTiEn/UK0+ogGzVjjOwL9NFHvsb9fthJV8esugRnjI+aJHXNTn3
+y3v9Rjbws3iS5aR9JvzrsSdhzh21ENkWW4FpjdsuQiJr2zJ8VYvINHWeTXwBVKa
msuCsKeZQnMpYD07aiUASp+datkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMuL+8
mGz9MJoGLj1XUUTnUABtnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAVhu1Xk+50DGgKUcIA+iJj3HIkOiyZdoKzon2
QtBDE6r0zzObR9e3Gyo9DQ+vEbeWQtg+W6tEy4mbFw1tqibsIPwB3UmV8u5fz6EP
CuNjoBQKsC6YdRZVjiCZyqL1LSyJiwFezNGpnNfsErBACXlOe+f7BScANDCcqB6m
i+/HTsT6fzeAT33NObmfHFQTXYtcXyIgGHWl1NclkzDuzIkglG3HXJk/leBWYY7o
fcEf4FguN4khu5QyO9v9T8Lm93jgB29wWK/D5Akxnl3LSUE99ral6h2FHeV8tC4e
ujchPLY9838cl85pXH0ZKhwt5iSORy3HSajRPwpXqQurwLniag==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:02 2025 by rpki-client