Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json)
Hash identifier: FqYVZ5UZ+K4sU2QIgCz4TSWzDz97NWzfE/O8vP+hDQs=
Subject key identifier: FB:C6:52:F4:DB:9D:AB:2B:23:ED:53:D8:47:3A:6E:9E:18:83:93:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0287488A1C2BC1FDA31FF3811E53ACE0990A40E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:87:48:8a:1c:2b:c1:fd:a3:1f:f3:81:1e:53:ac:e0:99:0a:40:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=19c78d352b89f597c1467b1a9cec3faa488125a8f1505db3fc0c32a3055bf93e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fc:ea:c5:f0:93:cb:c7:ca:10:04:76:ce:1c:
74:a2:9e:47:cc:be:6b:09:19:76:eb:9e:86:df:9d:
1a:fa:c4:c1:6e:23:b7:24:3e:73:66:21:66:76:e5:
be:fd:d3:d6:0d:d6:ee:22:ca:0b:57:09:3f:61:1a:
e8:bb:ec:77:3f:78:53:05:40:cd:2c:11:d1:23:9d:
28:73:57:5e:29:b1:b3:e8:75:e0:24:25:bd:cd:19:
9d:3e:cd:fc:68:7e:f4:2e:fd:a1:cc:25:39:d6:12:
33:47:3b:63:64:82:8d:61:e2:db:0f:80:a0:44:f3:
8b:40:ec:61:c0:6e:ff:6a:5c:d9:f3:9a:56:22:de:
b4:ea:cb:f1:16:f3:31:07:50:43:e9:85:b0:ba:5e:
2e:28:5f:8b:33:d1:80:25:15:22:e2:81:03:d5:10:
3c:14:d5:c4:fc:ae:c5:77:61:45:ab:95:fa:d7:b4:
d7:fe:4a:bc:60:58:3b:f8:3a:7c:d4:4d:d3:01:f1:
c4:e4:0b:64:b4:ed:17:49:00:fb:8d:fc:d2:de:5c:
49:cf:ba:f5:64:77:71:11:f8:48:fd:ea:4f:4c:f1:
71:3b:98:2e:cd:b7:f5:a9:8d:68:a0:6a:93:33:28:
9b:87:ce:b6:c9:ea:05:10:9d:94:26:63:a7:f5:6b:
20:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C6:52:F4:DB:9D:AB:2B:23:ED:53:D8:47:3A:6E:9E:18:83:93:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4020::/48
Signature Algorithm: sha256WithRSAEncryption
39:9c:ea:4e:fa:f7:0f:78:d9:9d:5a:39:f6:b3:1c:52:14:ff:
d3:13:16:ea:43:54:3e:7d:25:2c:0d:0d:1b:5d:a5:fa:68:bd:
a5:6e:82:db:f3:db:dd:3e:a7:47:51:16:f0:ac:d4:9d:69:43:
30:e5:8a:47:c2:c3:5d:60:30:89:9c:5c:5d:a5:60:8c:7e:dc:
e8:91:7a:c0:be:99:3d:b0:56:02:18:d5:e9:e4:2a:eb:48:4b:
6a:f1:96:a6:59:9f:02:78:86:a6:45:3a:2c:6f:22:cc:77:f5:
1a:f2:52:6e:70:2f:5e:c8:eb:76:eb:60:af:dc:60:34:08:c1:
0d:11:83:04:eb:b8:df:69:49:65:77:04:1e:24:5c:92:6c:53:
f5:b1:a9:72:aa:be:a0:50:0a:34:7a:36:4b:cd:df:21:71:f3:
a5:16:6b:0e:0b:7c:b7:c6:62:c1:29:44:63:98:c6:5f:d8:ff:
57:24:89:73:e8:08:89:b4:03:e9:d7:35:46:33:1b:bc:a5:93:
6f:b5:da:3b:ce:6c:e0:eb:83:f1:62:f4:1b:c5:3e:98:be:9e:
4d:b7:1a:f1:8f:a3:7e:ed:59:5a:ab:84:8d:e9:4b:97:92:1b:
fd:93:e6:f1:dc:32:a9:9e:96:a5:5d:48:12:3f:5d:13:57:b7:
39:79:8d:19
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAodIihwrwf2jH/OBHlOs4JkKQOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5Yzc4ZDM1MmI4OWY1OTdjMTQ2N2IxYTljZWMzZmFhNDg4MTI1YThmMTUw
NWRiM2ZjMGMzMmEzMDU1YmY5M2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJT86sXwk8vHyhAEds4cdKKeR8y+awkZduueht+dGvrEwW4jtyQ+c2YhZnbl
vv3T1g3W7iLKC1cJP2Ea6Lvsdz94UwVAzSwR0SOdKHNXXimxs+h14CQlvc0ZnT7N
/Gh+9C79ocwlOdYSM0c7Y2SCjWHi2w+AoETzi0DsYcBu/2pc2fOaViLetOrL8Rbz
MQdQQ+mFsLpeLihfizPRgCUVIuKBA9UQPBTVxPyuxXdhRauV+te01/5KvGBYO/g6
fNRN0wHxxOQLZLTtF0kA+4380t5cSc+69WR3cRH4SP3qT0zxcTuYLs239amNaKBq
kzMom4fOtsnqBRCdlCZjp/VrIAUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7xlL0
252rKyPtU9hHOm6eGIOTpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
IDANBgkqhkiG9w0BAQsFAAOCAQEAOZzqTvr3D3jZnVo59rMcUhT/0xMW6kNUPn0l
LA0NG12l+mi9pW6C2/Pb3T6nR1EW8KzUnWlDMOWKR8LDXWAwiZxcXaVgjH7c6JF6
wL6ZPbBWAhjV6eQq60hLavGWplmfAniGpkU6LG8izHf1GvJSbnAvXsjrdutgr9xg
NAjBDRGDBOu432lJZXcEHiRckmxT9bGpcqq+oFAKNHo2S83fIXHzpRZrDgt8t8Zi
wSlEY5jGX9j/VySJc+gIibQD6dc1RjMbvKWTb7XaO85s4OuD8WL0G8U+mL6eTbca
8Y+jfu1ZWquEjelLl5Ib/ZPm8dwyqZ6WpV1IEj9dE1e3OXmNGQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:43 2025 by rpki-client