Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: EZzHCDyiTBy8UwA6usslONA6t1Eph5JzIu3w0yCfYbU=
Subject key identifier: 6B:EB:0F:2F:EA:93:37:5F:05:DA:1F:DA:15:57:64:2D:F0:AD:5A:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D2399479A035B369693D33F4CF73B400EA363C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:23:99:47:9a:03:5b:36:96:93:d3:3f:4c:f7:3b:40:0e:a3:63:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=c96345fa8a09603254777917749b4cf76d3641a559bb5a316cb7dfa9be3a26d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c5:0d:21:6f:b4:0d:49:8c:7b:75:c3:5f:a1:
df:cd:cf:8b:70:22:79:9a:b3:ba:2a:1b:76:4b:a2:
99:26:6f:8d:ce:c7:6d:9d:60:c5:08:7a:09:a9:76:
cb:ce:25:4d:46:7b:6d:15:27:a1:9c:02:a2:05:96:
46:cb:5f:83:05:80:35:d1:45:7b:5d:61:c9:54:fc:
b1:79:19:8d:79:e1:28:97:c1:ab:4b:05:52:39:8a:
7d:53:bc:2f:0f:69:f3:1b:6b:3d:68:f7:83:21:d7:
96:86:ed:ec:09:f5:61:d0:91:32:79:b5:d6:44:9f:
15:78:23:9b:f4:9d:82:91:86:b6:40:cc:0d:44:fd:
bb:c4:65:86:29:ce:21:f6:64:58:2d:a6:b6:cb:a7:
1d:c1:38:3c:e2:71:6f:e0:5e:c6:30:75:39:8b:8c:
37:5e:a8:1a:53:04:f9:73:c9:84:d2:45:b0:f0:65:
8d:4b:3f:3d:fa:05:87:4b:b0:66:16:8c:70:cd:a0:
6e:2f:bf:82:18:2d:4c:5f:c2:c4:50:ba:1a:ec:10:
7e:fc:6a:e8:8f:c1:b5:c5:75:b6:24:c6:58:2d:fa:
d2:05:fa:71:6b:49:14:69:d6:41:ec:6a:d1:c4:6a:
4b:07:46:3c:e9:cb:a1:0a:17:ef:a5:8f:03:6c:0c:
1a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EB:0F:2F:EA:93:37:5F:05:DA:1F:DA:15:57:64:2D:F0:AD:5A:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:c4:68:19:fb:47:52:74:d7:f7:47:c7:9d:fb:e9:5b:1e:02:
d8:fb:1c:84:ba:76:7e:8c:cf:80:36:59:2a:b0:3f:cc:b0:ea:
ed:79:87:a8:55:01:96:3b:51:ce:ec:58:b7:f4:5d:42:8b:b4:
52:e1:e3:7e:c4:00:ee:99:be:fa:d7:8d:0d:a5:88:28:99:96:
2d:73:c8:fc:05:ab:3b:90:fd:f4:94:42:04:44:0c:74:c6:0d:
2f:97:1f:59:70:91:99:93:58:3b:35:0d:f1:ee:e1:0f:34:35:
6b:77:91:85:10:6c:93:fa:83:01:9e:fa:25:df:52:53:92:3a:
91:5a:91:b2:5b:ee:3e:71:57:99:db:b5:a8:80:44:13:2f:05:
15:d3:a0:3e:74:ce:bb:3d:39:2e:3b:41:80:0b:6e:78:7b:1b:
a4:c6:c6:2c:2d:84:54:18:1e:48:c6:52:22:1d:ed:14:61:12:
a3:90:c5:4b:5b:93:33:ef:77:2a:69:55:a9:25:f2:55:a1:96:
36:3f:78:c3:d2:66:e1:55:00:7c:74:60:87:42:96:ca:61:4e:
0f:a0:40:e0:fc:b7:2f:25:74:bd:4a:e1:a6:c7:dd:d2:5d:ae:
56:76:d7:86:cd:df:12:d6:0b:5f:c3:cf:71:b3:84:d1:cf:e6:
67:f1:65:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbSOZR5oDWzaWk9M/TPc7QA6jY8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5NjM0NWZhOGEwOTYwMzI1NDc3NzkxNzc0OWI0Y2Y3NmQzNjQxYTU1OWJi
NWEzMTZjYjdkZmE5YmUzYTI2ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfFDSFvtA1JjHt1w1+h383Pi3AieZqzuiobdkuimSZvjc7HbZ1gxQh6Cal2
y84lTUZ7bRUnoZwCogWWRstfgwWANdFFe11hyVT8sXkZjXnhKJfBq0sFUjmKfVO8
Lw9p8xtrPWj3gyHXlobt7An1YdCRMnm11kSfFXgjm/SdgpGGtkDMDUT9u8RlhinO
IfZkWC2mtsunHcE4POJxb+BexjB1OYuMN16oGlME+XPJhNJFsPBljUs/PfoFh0uw
ZhaMcM2gbi+/ghgtTF/CxFC6GuwQfvxq6I/BtcV1tiTGWC360gX6cWtJFGnWQexq
0cRqSwdGPOnLoQoX76WPA2wMGqkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRr6w8v
6pM3XwXaH9oVV2Qt8K1aVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPxGgZ+0dSdNf3R8ed++lbHgLY+xyEunZ+jM+A
NlkqsD/MsOrteYeoVQGWO1HO7Fi39F1Ci7RS4eN+xADumb76140NpYgomZYtc8j8
Bas7kP30lEIERAx0xg0vlx9ZcJGZk1g7NQ3x7uEPNDVrd5GFEGyT+oMBnvol31JT
kjqRWpGyW+4+cVeZ27WogEQTLwUV06A+dM67PTkuO0GAC254exukxsYsLYRUGB5I
xlIiHe0UYRKjkMVLW5Mz73cqaVWpJfJVoZY2P3jD0mbhVQB8dGCHQpbKYU4PoEDg
/LcvJXS9SuGmx93SXa5WdteGzd8S1gtfw89xs4TRz+Zn8WWJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:35 2025 by rpki-client