Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
File: 4a7b2b27-8130-47da-97da-78c91087b05e.roa (raw, json)
Hash identifier: +yJyYd/9FJshPP+rvkMG7HcrHxIxxeMJEe0UHXFQP0g=
Subject key identifier: E1:FD:FF:24:C3:FF:D5:B1:5A:5F:47:D2:A4:1F:84:ED:31:81:A4:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F82116A882384226516044C919BE098E72D8589
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:82:11:6a:88:23:84:22:65:16:04:4c:91:9b:e0:98:e7:2d:85:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=400a9aa9411f0d4bc38404674cd4a3b64c173ab4144470ebd30bd082eaacf44e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bd:55:21:b2:fe:f3:3a:5b:15:37:6f:d5:67:
18:ac:8a:3a:8b:18:a7:ff:16:c7:e6:9b:de:07:82:
c3:7b:8d:d8:26:46:f7:00:cb:f7:a9:1f:bc:13:03:
02:89:25:36:7a:cb:c8:3d:e0:49:59:da:91:69:6c:
81:01:be:36:00:39:cf:c5:ef:bd:07:1f:68:db:45:
b7:87:53:17:7f:28:bb:e1:96:b9:c5:76:ea:67:f6:
e3:75:ca:3a:33:cd:e1:1b:ea:86:d5:66:c1:91:c3:
0a:b0:09:42:48:1b:bc:82:df:b3:e6:40:b9:e3:b1:
84:24:13:ba:78:cb:07:4c:60:6c:27:c7:7f:7b:d5:
08:c8:30:50:70:e2:48:ac:3f:52:83:04:b8:3a:67:
7a:2d:34:48:3a:48:43:86:84:c1:5e:40:a9:af:20:
a4:6e:3c:2d:56:e4:93:77:ed:26:4a:e4:75:ca:6f:
b0:d6:14:cd:70:f6:d0:c0:ff:3e:fc:61:8d:c0:41:
a8:82:9e:36:1f:a2:03:77:ed:56:2a:64:31:0f:e6:
1a:a5:8c:50:85:01:68:69:e3:96:35:a6:3f:ca:8f:
aa:62:a8:8f:c1:c6:71:d0:e2:cc:fd:9f:53:1c:65:
6a:7b:00:55:f2:ce:89:8f:0a:18:a9:f6:03:25:3a:
0f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FD:FF:24:C3:FF:D5:B1:5A:5F:47:D2:A4:1F:84:ED:31:81:A4:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c040::/48
Signature Algorithm: sha256WithRSAEncryption
71:c6:8c:e3:b3:61:30:41:73:ac:b2:9d:5e:c6:13:3b:59:ba:
ee:21:63:d0:57:e3:41:d4:b6:ab:3b:4a:ac:60:08:92:f8:89:
4c:2f:90:92:6e:9a:af:08:77:ca:cf:a5:7d:52:06:66:75:3f:
09:4c:96:a0:f3:e4:2e:15:1a:34:b6:62:ee:31:64:73:ab:e6:
6e:72:0e:60:ee:3d:d8:26:6d:c2:1c:76:17:53:81:68:da:0f:
f6:8c:16:66:7f:ed:cc:a9:b1:bb:54:40:f3:20:03:b0:b6:07:
de:63:f5:e3:73:76:9c:37:76:f2:cd:7c:22:79:ef:8e:f6:ab:
6b:e9:0f:c5:23:8a:13:c6:58:8f:b3:b3:58:1e:5a:81:81:9e:
da:59:40:0b:47:b1:a3:de:e8:21:f4:38:c9:1c:ae:a6:6d:ac:
53:65:5a:6d:a5:37:54:e9:27:41:e3:65:40:74:cd:b5:c4:83:
8c:e7:5b:bc:f2:b5:cd:0a:99:de:1f:28:8b:b2:d3:f1:25:22:
a9:af:c0:02:16:04:31:33:72:13:8f:36:13:34:6a:ba:59:6e:
3c:3e:15:cf:db:85:cc:45:fe:bd:f0:cf:39:c3:7a:1d:9c:3c:
e6:b8:29:e0:75:b5:b1:66:fa:c5:e7:fb:06:b9:22:46:58:61:
5e:f5:31:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT4IRaogjhCJlFgRMkZvgmOcthYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwMGE5YWE5NDExZjBkNGJjMzg0MDQ2NzRjZDRhM2I2NGMxNzNhYjQxNDQ0
NzBlYmQzMGJkMDgyZWFhY2Y0NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKW9VSGy/vM6WxU3b9VnGKyKOosYp/8Wx+ab3geCw3uN2CZG9wDL96kfvBMD
AoklNnrLyD3gSVnakWlsgQG+NgA5z8XvvQcfaNtFt4dTF38ou+GWucV26mf243XK
OjPN4RvqhtVmwZHDCrAJQkgbvILfs+ZAueOxhCQTunjLB0xgbCfHf3vVCMgwUHDi
SKw/UoMEuDpnei00SDpIQ4aEwV5Aqa8gpG48LVbkk3ftJkrkdcpvsNYUzXD20MD/
PvxhjcBBqIKeNh+iA3ftVipkMQ/mGqWMUIUBaGnjljWmP8qPqmKoj8HGcdDizP2f
UxxlansAVfLOiY8KGKn2AyU6DxcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTh/f8k
w//VsVpfR9KkH4TtMYGk2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3YjJiMjctODEzMC00N2RhLTk3ZGEtNzhjOTEwODdiMDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
QDANBgkqhkiG9w0BAQsFAAOCAQEAccaM47NhMEFzrLKdXsYTO1m67iFj0FfjQdS2
qztKrGAIkviJTC+Qkm6arwh3ys+lfVIGZnU/CUyWoPPkLhUaNLZi7jFkc6vmbnIO
YO492CZtwhx2F1OBaNoP9owWZn/tzKmxu1RA8yADsLYH3mP143N2nDd28s18Innv
jvara+kPxSOKE8ZYj7OzWB5agYGe2llAC0exo97oIfQ4yRyupm2sU2VabaU3VOkn
QeNlQHTNtcSDjOdbvPK1zQqZ3h8oi7LT8SUiqa/AAhYEMTNyE482EzRqulluPD4V
z9uFzEX+vfDPOcN6HZw85rgp4HW1sWb6xef7BrkiRlhhXvUxmA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:46 2025 by rpki-client