Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
File: 4622ab3d-f2d8-4bec-a18b-b056342928a8.roa (raw, json)
Hash identifier: cELb69EtYBKfKrCiRLNqaI7Kg1nAeK7CkT0wTQOeQu4=
Subject key identifier: A6:61:5F:32:75:F6:E4:63:58:05:79:10:17:A4:9C:59:68:98:C8:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CA47C51E411F80C3ED208EF8362EC7CD67B3547
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:a4:7c:51:e4:11:f8:0c:3e:d2:08:ef:83:62:ec:7c:d6:7b:35:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=bcbb58d6a1f1ff048a02c686b9313ba9f10a46105c5f0fcce8a3f6f271de27b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:45:5f:4a:fd:26:0e:98:f7:06:78:3a:11:4c:
b0:7c:1c:d9:d0:1c:e9:2c:be:45:d2:df:ed:fd:9f:
8c:e1:48:54:30:b1:b4:22:1d:c6:f9:9e:b2:af:78:
d4:d4:4c:c4:94:8c:eb:ce:1d:11:e1:fe:f2:88:89:
da:bb:05:8d:b7:cf:a8:81:e4:fc:8f:16:82:3f:83:
7a:58:3a:18:8a:9f:67:b4:96:8d:7e:85:78:6a:89:
45:a4:2e:3a:9b:bd:e4:bb:01:db:6e:7c:77:54:b7:
f6:37:02:df:7d:78:9f:02:8e:8e:5d:9f:21:83:bc:
9b:aa:86:a6:ff:e0:16:73:a1:69:e5:7d:82:1e:68:
0e:f2:cb:f3:0f:90:85:d0:a5:0b:0e:c9:00:d3:bf:
e3:6f:0e:06:69:ed:09:45:26:c6:7e:0b:11:fd:da:
a3:f2:e1:f5:6e:eb:13:bf:c2:43:51:e5:d9:e3:97:
6e:7c:cc:e6:55:f4:f0:95:05:69:89:c2:ee:af:45:
b5:bb:2a:f6:4c:37:43:2d:5b:fe:81:5e:b5:ff:df:
8f:8d:0e:2e:27:68:34:2d:9a:a4:0b:d9:d7:a2:a2:
84:02:c0:ac:21:66:2b:94:ac:8a:6f:e5:2f:70:ba:
cc:1b:b3:ee:0b:89:5b:99:4c:df:8a:39:4d:c8:41:
39:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:61:5F:32:75:F6:E4:63:58:05:79:10:17:A4:9C:59:68:98:C8:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a080::/48
Signature Algorithm: sha256WithRSAEncryption
60:1e:a7:de:f5:28:bf:17:eb:c3:40:49:05:77:99:2d:07:0f:
90:de:84:e3:70:37:0a:c3:29:6a:ba:af:a9:b1:6f:27:0f:ca:
a5:e2:74:0b:57:10:e0:b5:8d:b1:ec:fc:dd:f0:cd:7b:f5:59:
f5:df:fc:fd:39:b3:b8:d8:43:48:38:e0:76:c8:ed:01:0e:92:
ae:e5:7a:be:7d:57:05:13:4f:69:84:cb:85:d0:58:2d:16:d3:
1f:20:29:16:f1:51:94:a0:3d:07:86:1a:85:97:1f:a2:ed:61:
fe:4c:e8:5b:27:6c:40:a4:d2:0c:c9:ae:f5:c1:5a:de:44:98:
25:43:d7:ea:09:c5:04:82:b3:04:2e:63:2b:c5:0c:7e:37:a4:
2d:5a:5c:b3:52:8f:aa:d9:1e:d5:33:7c:ae:14:bf:17:33:9c:
a4:8d:99:c5:30:61:d6:91:88:d7:4a:91:c1:51:ca:c8:1b:b4:
54:64:34:f5:79:21:bb:ce:e6:ec:42:6a:c7:c3:f1:8c:1c:bb:
4e:fa:a6:f9:6f:dd:2f:dd:f9:27:43:44:1b:40:64:b5:d3:02:
1d:86:61:cb:2a:37:d3:50:3c:6e:0a:79:dc:a1:66:7e:32:ff:
33:37:bc:da:a0:76:fa:3a:68:d9:17:95:14:f1:88:95:2d:17:
f3:7d:f5:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULKR8UeQR+Aw+0gjvg2LsfNZ7NUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjYmI1OGQ2YTFmMWZmMDQ4YTAyYzY4NmI5MzEzYmE5ZjEwYTQ2MTA1YzVm
MGZjY2U4YTNmNmYyNzFkZTI3YjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5FX0r9Jg6Y9wZ4OhFMsHwc2dAc6Sy+RdLf7f2fjOFIVDCxtCIdxvmesq94
1NRMxJSM684dEeH+8oiJ2rsFjbfPqIHk/I8Wgj+Delg6GIqfZ7SWjX6FeGqJRaQu
Opu95LsB2258d1S39jcC3314nwKOjl2fIYO8m6qGpv/gFnOhaeV9gh5oDvLL8w+Q
hdClCw7JANO/428OBmntCUUmxn4LEf3ao/Lh9W7rE7/CQ1Hl2eOXbnzM5lX08JUF
aYnC7q9Ftbsq9kw3Qy1b/oFetf/fj40OLidoNC2apAvZ16KihALArCFmK5Ssim/l
L3C6zBuz7guJW5lM34o5TchBOdECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSmYV8y
dfbkY1gFeRAXpJxZaJjIOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDYyMmFiM2QtZjJkOC00YmVjLWExOGItYjA1NjM0MjkyOGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
gDANBgkqhkiG9w0BAQsFAAOCAQEAYB6n3vUovxfrw0BJBXeZLQcPkN6E43A3CsMp
arqvqbFvJw/KpeJ0C1cQ4LWNsez83fDNe/VZ9d/8/TmzuNhDSDjgdsjtAQ6SruV6
vn1XBRNPaYTLhdBYLRbTHyApFvFRlKA9B4YahZcfou1h/kzoWydsQKTSDMmu9cFa
3kSYJUPX6gnFBIKzBC5jK8UMfjekLVpcs1KPqtke1TN8rhS/FzOcpI2ZxTBh1pGI
10qRwVHKyBu0VGQ09Xkhu87m7EJqx8PxjBy7Tvqm+W/dL935J0NEG0BktdMCHYZh
yyo301A8bgp53KFmfjL/Mze82qB2+jpo2ReVFPGIlS0X8331jw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:04 2025 by rpki-client