Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: l3eSExxt0ZlDdLKIY/bdg7DAiYgupSb8NdDbmR1Lv2s=
Subject key identifier: C5:B3:69:61:BD:EE:04:BC:94:61:C3:F0:6E:ED:93:5A:F0:1B:84:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FCDB898F62C4541A4AEBEF9A9F6F0AE8166B2BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:cd:b8:98:f6:2c:45:41:a4:ae:be:f9:a9:f6:f0:ae:81:66:b2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=1db4dde2862035ce0045e275bffc3b1390b2320b617b3b9ed373330eb417af87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:8b:a9:3d:b3:8e:cf:58:e2:30:a2:74:c9:
b3:29:f3:34:9e:50:93:fe:32:11:bc:a3:a0:00:89:
04:58:77:6c:44:64:fd:ef:a2:80:95:0a:c8:8a:8f:
c7:d5:02:30:56:d2:01:b3:6d:67:79:0b:3c:83:a4:
6b:f9:e1:ca:22:60:51:85:84:16:13:60:cc:53:17:
9f:6a:e7:61:33:e9:eb:33:f6:56:2f:c6:ea:8f:8f:
92:5f:bb:db:12:eb:b1:b9:f7:59:8b:1d:bd:2e:c5:
c2:97:6c:86:95:4c:71:2c:4e:31:78:5c:9f:6b:cd:
1f:77:da:e0:35:26:9c:89:da:b2:98:36:86:d3:4b:
38:d4:f5:40:54:ca:db:f5:e3:50:36:5f:75:b5:27:
76:21:64:b0:28:aa:ec:7b:49:ed:9b:38:05:29:c0:
f6:ef:29:96:c4:ef:c1:65:3d:45:88:c0:e2:c0:32:
51:56:9c:41:d3:5a:e0:2d:bc:1e:fa:d3:dc:8f:88:
f6:05:fa:fd:ef:3e:27:31:df:2c:f1:d7:27:a8:9f:
03:a4:09:45:a5:07:2d:a6:2d:14:f3:64:63:57:2a:
ff:6e:fd:42:96:84:fd:b0:a2:5c:99:11:83:4e:11:
8e:b7:01:d2:7d:3b:d6:63:7e:79:83:6a:1d:0b:e2:
ea:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B3:69:61:BD:EE:04:BC:94:61:C3:F0:6E:ED:93:5A:F0:1B:84:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:27:ab:f7:21:a3:f7:df:4e:3b:b8:b0:8d:a3:6b:a4:a8:d4:
68:c6:20:50:66:61:42:b4:b1:41:67:c8:11:36:a2:ef:5d:b6:
29:b2:27:87:29:9f:58:ed:54:63:a5:52:86:22:f0:90:f2:9c:
e5:38:3b:bb:8a:20:82:36:23:f2:c1:d8:8e:5a:bc:8b:ab:b0:
fe:7a:26:5b:04:dc:23:1e:e7:81:9b:a5:06:8b:1d:c1:e6:b4:
ee:98:97:1f:e3:ac:a3:38:5f:8f:f5:5f:d9:a6:b0:90:9b:99:
dc:ce:d7:13:c9:60:45:13:df:5f:86:fc:72:89:88:4a:8c:bf:
f8:22:ad:ce:3a:da:2c:26:3a:7d:bf:b1:03:9e:e2:08:c6:09:
f7:61:0d:b0:73:a2:9f:ea:4e:8c:0c:27:5b:de:59:87:67:c3:
81:4b:cb:75:ea:a1:fb:9b:ba:b7:d4:cd:f6:cc:d6:c3:85:10:
b1:52:59:8d:7d:ae:76:cf:c2:fd:f3:cf:2e:22:2b:5f:35:5b:
21:56:80:da:37:6d:cd:63:00:46:90:00:4a:04:df:4f:a6:5a:
70:31:21:28:13:1c:15:94:9b:b4:6e:9c:f0:4c:76:5d:e5:61:
9a:c2:6c:99:5b:d4:cf:67:5a:a2:d9:d2:93:47:95:e9:ab:51:
69:2d:e7:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT824mPYsRUGkrr75qfbwroFmsrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkYjRkZGUyODYyMDM1Y2UwMDQ1ZTI3NWJmZmMzYjEzOTBiMjMyMGI2MTdi
M2I5ZWQzNzMzMzBlYjQxN2FmODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFYi6k9s47PWOIwonTJsynzNJ5Qk/4yEbyjoACJBFh3bERk/e+igJUKyIqP
x9UCMFbSAbNtZ3kLPIOka/nhyiJgUYWEFhNgzFMXn2rnYTPp6zP2Vi/G6o+Pkl+7
2xLrsbn3WYsdvS7FwpdshpVMcSxOMXhcn2vNH3fa4DUmnInaspg2htNLONT1QFTK
2/XjUDZfdbUndiFksCiq7HtJ7Zs4BSnA9u8plsTvwWU9RYjA4sAyUVacQdNa4C28
HvrT3I+I9gX6/e8+JzHfLPHXJ6ifA6QJRaUHLaYtFPNkY1cq/279QpaE/bCiXJkR
g04RjrcB0n071mN+eYNqHQvi6j0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFs2lh
ve4EvJRhw/Bu7ZNa8BuEPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQDHJ6v3IaP33047uLCNo2ukqNRoxiBQZmFCtLFB
Z8gRNqLvXbYpsieHKZ9Y7VRjpVKGIvCQ8pzlODu7iiCCNiPywdiOWryLq7D+eiZb
BNwjHueBm6UGix3B5rTumJcf46yjOF+P9V/ZprCQm5ncztcTyWBFE99fhvxyiYhK
jL/4Iq3OOtosJjp9v7EDnuIIxgn3YQ2wc6Kf6k6MDCdb3lmHZ8OBS8t16qH7m7q3
1M32zNbDhRCxUlmNfa52z8L9888uIitfNVshVoDaN23NYwBGkABKBN9PplpwMSEo
ExwVlJu0bpzwTHZd5WGawmyZW9TPZ1qi2dKTR5Xpq1FpLefL
-----END CERTIFICATE-----
Generated at Fri May 2 16:39:06 2025 by rpki-client