Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: G2t77nLesYjjq+NuvUYnh6pp0/cMYDNwRqMIKPAM6+I=
Subject key identifier: 3A:40:74:D3:71:E4:B9:32:9C:33:CE:77:87:54:FD:4F:38:96:69:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11E15DF4D6B1D62F015A97C3587D1D389FA59995
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:e1:5d:f4:d6:b1:d6:2f:01:5a:97:c3:58:7d:1d:38:9f:a5:99:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a939d973d9f5d9974d190a0789d642655d3190cc81202feb1cf2d04e5e9a0728, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:41:73:d5:d1:4a:da:d7:23:1b:af:bc:d9:
7e:b7:ae:ed:8c:29:c4:b1:68:e4:e0:e3:20:ef:f2:
cf:38:ab:2b:e1:12:b7:08:16:07:b6:ff:71:a6:42:
3d:89:d4:0b:cf:4f:95:35:20:ba:1d:89:fe:d9:73:
b4:fe:07:6d:01:bb:96:25:73:a0:6e:a6:b7:bb:89:
61:b8:47:bf:55:db:9c:ae:ce:c9:24:e9:9a:32:25:
0d:e0:fd:06:68:31:a5:d9:a8:b4:0a:8f:51:7c:32:
a7:bb:5f:4b:32:f7:d6:60:6f:85:f5:d1:af:f1:72:
33:45:a5:59:97:30:8b:95:81:52:f8:48:18:26:08:
e0:e3:da:74:82:5a:da:6a:a3:65:69:b6:d3:9e:3b:
28:5c:2a:b7:80:14:04:85:a9:e7:ee:da:55:07:e3:
29:ba:f3:02:9a:3e:32:7e:ae:68:1f:34:f1:4b:43:
09:1c:37:8f:16:dd:e2:f3:22:70:b5:3b:42:58:eb:
79:68:7b:0a:b7:75:a5:0b:f9:39:da:af:a1:f5:ae:
6a:b9:18:d8:a0:95:9b:88:ff:f0:04:08:b9:7d:48:
57:fc:69:06:60:49:59:af:96:bd:04:cc:b0:97:08:
e7:c5:25:31:a2:ad:04:13:a3:1f:a3:7e:16:60:b2:
d3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:40:74:D3:71:E4:B9:32:9C:33:CE:77:87:54:FD:4F:38:96:69:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:81:06:06:74:9f:f5:84:56:3d:be:99:80:17:3b:78:e4:b4:
c2:1c:cf:bc:86:d7:be:0d:04:bc:84:ed:18:11:d7:1a:d0:b9:
93:b2:c2:98:4c:ad:45:81:ff:18:78:25:be:a9:ab:ae:ad:63:
6b:ad:0f:fa:2c:32:d9:a0:37:33:ad:8f:59:da:82:c2:64:f8:
62:b6:5c:a6:ff:f0:b3:f9:42:2f:bc:47:18:2c:e8:80:36:8a:
60:71:db:f6:04:0f:1d:4c:95:92:ca:e4:aa:f8:55:ef:d1:1b:
35:5d:b1:dc:d6:29:7e:33:fc:ae:25:bf:9b:4a:3b:09:1e:53:
cf:c6:7e:7a:b1:3c:0e:a8:34:dc:6b:98:ba:6a:71:9c:56:4f:
a8:c6:cf:d7:7e:a1:53:4c:44:83:9a:06:09:38:5b:27:f8:67:
b8:04:13:f4:fb:31:9f:41:bd:cc:c1:b0:08:96:4a:b8:1a:a7:
3b:ff:e0:b1:14:ff:6d:6c:de:a0:54:ce:76:1c:c6:cf:1a:2b:
23:a9:55:47:86:a9:67:9b:7b:32:07:32:23:b8:a2:41:33:a4:
90:49:cb:26:ac:34:95:f1:b5:9f:84:c4:f5:dd:65:e9:31:8e:
fe:c8:2c:70:9f:b9:97:6d:04:3b:06:ad:c6:05:8d:db:8e:1a:
8d:9b:60:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEeFd9Nax1i8BWpfDWH0dOJ+lmZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MzlkOTczZDlmNWQ5OTc0ZDE5MGEwNzg5ZDY0MjY1NWQzMTkwY2M4MTIw
MmZlYjFjZjJkMDRlNWU5YTA3MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjTQXPV0Ura1yMbr7zZfreu7YwpxLFo5ODjIO/yzzirK+EStwgWB7b/caZC
PYnUC89PlTUguh2J/tlztP4HbQG7liVzoG6mt7uJYbhHv1XbnK7OySTpmjIlDeD9
BmgxpdmotAqPUXwyp7tfSzL31mBvhfXRr/FyM0WlWZcwi5WBUvhIGCYI4OPadIJa
2mqjZWm20547KFwqt4AUBIWp5+7aVQfjKbrzApo+Mn6uaB808UtDCRw3jxbd4vMi
cLU7QljreWh7Crd1pQv5OdqvofWuarkY2KCVm4j/8AQIuX1IV/xpBmBJWa+WvQTM
sJcI58UlMaKtBBOjH6N+FmCy04cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6QHTT
ceS5MpwzzneHVP1POJZp7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQDBgQYGdJ/1hFY9vpmAFzt45LTCHM+8hte+DQS8
hO0YEdca0LmTssKYTK1Fgf8YeCW+qauurWNrrQ/6LDLZoDczrY9Z2oLCZPhitlym
//Cz+UIvvEcYLOiANopgcdv2BA8dTJWSyuSq+FXv0Rs1XbHc1il+M/yuJb+bSjsJ
HlPPxn56sTwOqDTca5i6anGcVk+oxs/XfqFTTESDmgYJOFsn+Ge4BBP0+zGfQb3M
wbAIlkq4Gqc7/+CxFP9tbN6gVM52HMbPGisjqVVHhqlnm3syBzIjuKJBM6SQScsm
rDSV8bWfhMT13WXpMY7+yCxwn7mXbQQ7Bq3GBY3bjhqNm2DF
-----END CERTIFICATE-----
Generated at Fri May 2 18:32:28 2025 by rpki-client