Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: JQfH0g6ga/iBoVhGnkRFiJPFrdGpzbrozhsYXYRTbNc=
Subject key identifier: 34:06:9B:37:37:53:EF:55:76:83:F0:58:A6:BD:0D:1C:9E:4F:C7:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AB20E940FDF09E0E67B99DF545FC43A7F00AB10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b2:0e:94:0f:df:09:e0:e6:7b:99:df:54:5f:c4:3a:7f:00:ab:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=ae63721cce82dd55611f1c361857ecf70e247a34201680dd9d53a9423c3aa4e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:61:f7:37:ec:5b:43:b4:87:26:75:bb:de:97:
eb:fd:59:a6:da:de:06:81:e6:bc:b7:a4:70:23:fd:
df:d8:f8:78:b9:a2:8e:df:2d:bf:f8:e9:65:44:8b:
2b:18:91:32:d6:13:9b:9e:3c:4d:89:da:37:cf:4f:
93:d9:6f:22:18:29:ff:b9:44:c9:c8:8e:3a:e4:30:
8c:96:3e:a2:62:45:88:6b:88:85:e7:78:c3:4b:03:
63:5d:87:46:4d:73:7b:39:e1:86:88:4a:79:72:25:
c2:93:50:42:cf:85:3b:c3:d8:65:70:82:8e:f9:e1:
81:3e:5e:68:cc:23:d4:40:f1:34:7c:25:cc:7a:be:
86:4f:76:40:9f:30:29:bc:55:54:58:45:39:35:17:
c6:8f:3a:8e:49:33:8c:5e:6f:d8:a6:f2:94:10:0d:
aa:9d:eb:97:f3:54:4f:f9:4d:44:a8:89:7c:26:a1:
9f:fb:44:eb:ed:7d:16:92:73:f2:0c:33:5b:e3:e1:
c2:7b:dc:6a:fc:fc:dc:b3:4b:57:3d:23:45:25:1d:
6f:74:f1:9c:83:1e:49:f0:f8:ff:2c:a4:c4:b6:89:
33:51:88:4b:87:8b:f7:cc:87:9d:cf:9f:1a:6b:9f:
d4:96:57:5e:d0:14:64:3a:57:39:f4:aa:65:29:9b:
49:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:06:9B:37:37:53:EF:55:76:83:F0:58:A6:BD:0D:1C:9E:4F:C7:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
41:73:04:94:fa:65:38:d9:11:da:71:d4:80:e9:06:eb:f8:49:
31:8d:02:fe:f2:92:33:34:40:6f:13:e4:cd:2f:95:0a:b9:97:
4a:cc:ef:94:91:85:f0:b5:d5:56:e1:a0:dd:8e:1a:ff:11:99:
83:ee:5c:7d:4e:74:fc:d3:c5:c2:f6:85:43:33:b0:4e:42:b8:
0d:93:b1:46:34:5b:eb:9b:4e:1c:4a:41:92:86:77:d4:9b:13:
15:8e:93:46:15:87:b2:cc:36:d0:ce:99:d1:e7:dc:40:aa:be:
92:ca:8c:b7:10:c9:63:27:2d:ab:b5:0b:cc:82:49:06:16:30:
ca:96:bb:d3:4f:12:04:ff:2d:a3:1d:d6:9d:93:0c:b2:c1:cb:
58:03:51:a9:d6:8d:b1:f3:33:e0:0f:fc:0f:7f:ac:e4:37:1a:
eb:29:02:39:af:09:ba:bd:3e:fe:ae:4b:e5:c6:23:5d:db:29:
7e:e1:ca:45:53:5c:69:eb:cb:e6:25:9d:87:f4:63:8c:97:fc:
15:69:5b:38:68:39:60:3d:f0:f9:fb:13:ee:51:7f:b4:4e:35:
0e:89:16:29:5d:01:29:4f:67:6a:c3:55:e5:82:0d:2c:17:44:
aa:cb:55:5d:71:58:e5:08:e8:ea:66:06:ad:85:73:97:07:d3:
7c:b2:36:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOrIOlA/fCeDme5nfVF/EOn8AqxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNjM3MjFjY2U4MmRkNTU2MTFmMWMzNjE4NTdlY2Y3MGUyNDdhMzQyMDE2
ODBkZDlkNTNhOTQyM2MzYWE0ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhh9zfsW0O0hyZ1u96X6/1ZptreBoHmvLekcCP939j4eLmijt8tv/jpZUSL
KxiRMtYTm548TYnaN89Pk9lvIhgp/7lEyciOOuQwjJY+omJFiGuIhed4w0sDY12H
Rk1zeznhhohKeXIlwpNQQs+FO8PYZXCCjvnhgT5eaMwj1EDxNHwlzHq+hk92QJ8w
KbxVVFhFOTUXxo86jkkzjF5v2KbylBANqp3rl/NUT/lNRKiJfCahn/tE6+19FpJz
8gwzW+Phwnvcavz83LNLVz0jRSUdb3TxnIMeSfD4/yykxLaJM1GIS4eL98yHnc+f
Gmuf1JZXXtAUZDpXOfSqZSmbSZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0Bps3
N1PvVXaD8FimvQ0cnk/HczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBcwSU+mU42RHacdSA6Qbr+EkxjQL+8pIzNEBv
E+TNL5UKuZdKzO+UkYXwtdVW4aDdjhr/EZmD7lx9TnT808XC9oVDM7BOQrgNk7FG
NFvrm04cSkGShnfUmxMVjpNGFYeyzDbQzpnR59xAqr6Syoy3EMljJy2rtQvMgkkG
FjDKlrvTTxIE/y2jHdadkwyywctYA1Gp1o2x8zPgD/wPf6zkNxrrKQI5rwm6vT7+
rkvlxiNd2yl+4cpFU1xp68vmJZ2H9GOMl/wVaVs4aDlgPfD5+xPuUX+0TjUOiRYp
XQEpT2dqw1Xlgg0sF0Sqy1VdcVjlCOjqZgathXOXB9N8sjYi
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:57 2025 by rpki-client