Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json)
Hash identifier: g+ivGaoqbyZKZYfL1kB86zP/JS7UAk4KhXCa2xYXkSo=
Subject key identifier: FE:23:B7:31:0D:0F:DF:68:B3:02:68:46:8B:15:0B:AC:B1:73:BB:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FAC791ABF9DFD22354067216768079BBC0653D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:ac:79:1a:bf:9d:fd:22:35:40:67:21:67:68:07:9b:bc:06:53:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=bd3d3a10a1950a259e396968b56868ad470f596fd9752c16903a3f6a734d00d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:fb:af:50:fc:4d:c1:72:63:75:0a:c4:87:
f1:6c:87:eb:64:46:cb:ac:b6:42:0c:b8:d9:4f:dd:
7d:f4:f3:69:bc:79:0a:78:85:c8:2c:c1:d7:79:de:
1f:2d:e3:88:04:f5:ea:77:98:e0:64:ee:c5:20:4b:
4f:0b:d7:1d:96:41:74:22:d0:59:2f:17:e7:5a:4d:
8f:62:71:df:ca:42:1c:7f:31:94:e6:02:9f:d2:2c:
5f:da:e5:3d:fc:72:95:15:03:bd:19:6e:c3:2b:53:
99:d0:da:f6:a7:01:3b:03:2c:14:45:cb:58:98:2d:
f6:f4:55:14:f1:c8:b4:81:6f:d0:a4:23:c6:c5:cd:
90:9a:7a:00:4a:f6:a4:88:77:48:29:66:7a:fc:34:
56:31:63:31:44:6d:bd:07:13:aa:15:57:a9:c1:31:
c1:1a:c8:13:a0:85:05:65:b2:bc:62:ec:57:4c:ee:
8d:89:ef:99:16:eb:e3:62:08:f6:39:c5:48:da:9a:
74:f8:94:94:a9:80:58:73:b4:22:ed:bf:7e:16:76:
13:17:7f:79:31:be:bd:a9:dd:0b:45:e6:4e:5a:d4:
02:80:2c:10:e5:05:5e:37:32:ca:bd:34:37:be:28:
22:b5:7f:2f:d5:dc:78:83:4d:ce:79:24:a0:69:1a:
80:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:23:B7:31:0D:0F:DF:68:B3:02:68:46:8B:15:0B:AC:B1:73:BB:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:9d:4a:88:24:01:74:a1:c2:7a:3c:5a:0c:46:52:de:78:51:
4a:4e:8a:06:1c:9c:fc:cd:f5:4c:98:bd:fb:11:1e:08:55:84:
c9:d1:b7:b9:1e:1a:39:94:d9:0b:3f:4d:10:ca:1a:87:8c:5d:
af:72:54:c8:ba:0a:19:82:75:c5:b5:e6:15:f1:30:89:25:58:
49:b6:e6:63:75:32:17:f1:b1:f9:86:af:31:d6:a2:05:a7:eb:
62:4e:cc:07:21:59:e5:ff:1e:b5:ce:c3:27:bf:0f:b7:e6:9f:
5f:97:b6:05:e1:cd:d6:dc:cf:0a:8e:a5:7e:77:53:12:70:4c:
c8:6c:b8:03:2b:47:d2:bf:c5:ad:d4:ca:95:e3:dc:49:e9:d3:
63:66:47:73:e8:b0:ea:50:43:84:2d:fb:e8:29:91:57:27:4f:
ad:ff:bd:f6:52:b2:84:9f:0a:bc:1b:f2:2d:14:c3:af:7e:ae:
6d:c0:41:93:1d:64:e9:cc:20:a6:56:1e:a3:8a:11:b6:71:7c:
ca:4e:3a:64:ea:ad:fc:e8:c6:e1:98:8e:ea:10:9f:cb:39:57:
62:0c:16:67:90:21:d1:50:cd:fe:34:7e:6c:69:a5:db:f4:5c:
23:3c:3f:aa:ab:38:2f:a6:6d:55:46:a9:48:d8:1c:ae:fb:99:
d6:a4:b1:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf6x5Gr+d/SI1QGchZ2gHm7wGU9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkM2QzYTEwYTE5NTBhMjU5ZTM5Njk2OGI1Njg2OGFkNDcwZjU5NmZkOTc1
MmMxNjkwM2EzZjZhNzM0ZDAwZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK86+69Q/E3BcmN1CsSH8WyH62RGy6y2Qgy42U/dffTzabx5CniFyCzB13ne
Hy3jiAT16neY4GTuxSBLTwvXHZZBdCLQWS8X51pNj2Jx38pCHH8xlOYCn9IsX9rl
PfxylRUDvRluwytTmdDa9qcBOwMsFEXLWJgt9vRVFPHItIFv0KQjxsXNkJp6AEr2
pIh3SClmevw0VjFjMURtvQcTqhVXqcExwRrIE6CFBWWyvGLsV0zujYnvmRbr42II
9jnFSNqadPiUlKmAWHO0Iu2/fhZ2Exd/eTG+vandC0XmTlrUAoAsEOUFXjcyyr00
N74oIrV/L9XceINNznkkoGkagEcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+I7cx
DQ/faLMCaEaLFQussXO7NTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A
MA0GCSqGSIb3DQEBCwUAA4IBAQChnUqIJAF0ocJ6PFoMRlLeeFFKTooGHJz8zfVM
mL37ER4IVYTJ0be5Hho5lNkLP00QyhqHjF2vclTIugoZgnXFteYV8TCJJVhJtuZj
dTIX8bH5hq8x1qIFp+tiTswHIVnl/x61zsMnvw+35p9fl7YF4c3W3M8KjqV+d1MS
cEzIbLgDK0fSv8Wt1MqV49xJ6dNjZkdz6LDqUEOELfvoKZFXJ0+t/732UrKEnwq8
G/ItFMOvfq5twEGTHWTpzCCmVh6jihG2cXzKTjpk6q386MbhmI7qEJ/LOVdiDBZn
kCHRUM3+NH5saaXb9FwjPD+qqzgvpm1VRqlI2Byu+5nWpLES
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:47 2025 by rpki-client