Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
File: 4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa (raw, json)
Hash identifier: 9PzwVyvs304IMjPSzzg+4VyFpTazSS6MxTVD+T+RBoE=
Subject key identifier: 28:4A:47:08:B1:F7:B0:26:91:B3:62:F5:CE:B4:A7:81:08:35:23:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0373518B6F0772A2DC4F68343A24814C3EF5F0F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:73:51:8b:6f:07:72:a2:dc:4f:68:34:3a:24:81:4c:3e:f5:f0:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=244b1d50227e90ac6c2efe1bd0115bf4282f507d5dbd8a87c0a2d34812bed89b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e5:e4:a6:7c:b9:a5:2b:40:76:30:01:4f:6b:
15:d1:da:a0:9d:67:ff:c8:cb:4a:86:84:9f:f5:9e:
9d:1c:3f:22:17:a8:40:0f:95:66:84:d1:82:51:40:
81:80:ff:5a:10:a5:36:e5:b9:50:72:38:0a:fc:af:
82:a2:07:be:e5:fc:c2:ce:ea:cf:f2:41:3e:4d:2b:
56:3b:bc:d8:6e:60:34:37:9b:f3:bd:98:e7:19:65:
c4:d4:88:1f:d8:c6:51:83:2e:c4:e8:63:19:e4:83:
e9:7b:99:98:11:dc:ca:b7:89:08:db:1c:60:48:d5:
3d:75:a3:29:7d:7b:8e:e4:89:94:5d:2b:21:92:31:
54:68:71:18:2e:80:29:45:ad:38:84:6a:e4:b5:a6:
34:9d:2f:07:13:5e:93:80:49:4d:f1:25:66:96:0f:
67:7d:b0:c4:03:9f:1d:f2:0f:dd:e9:12:65:46:b0:
65:0e:a2:96:1e:05:99:e6:4f:14:79:e0:4d:4c:b6:
3c:30:9c:7c:1b:67:14:36:10:f1:8c:90:7f:fc:b2:
30:c3:d7:7b:5d:02:04:3b:39:e3:f9:28:e5:e9:65:
17:c2:22:98:12:82:90:35:4b:15:5a:45:f7:25:13:
ae:59:54:23:38:56:5b:e3:5b:c6:ff:89:1b:f1:22:
b6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4A:47:08:B1:F7:B0:26:91:B3:62:F5:CE:B4:A7:81:08:35:23:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9080::/48
Signature Algorithm: sha256WithRSAEncryption
45:84:5d:0b:0c:ca:d8:c5:8c:e0:3c:5a:74:99:6b:16:50:bb:
a9:7d:87:9e:f1:cb:4d:6c:46:6b:90:ca:17:40:b1:5b:6c:38:
aa:8f:d5:f1:29:9b:67:ef:16:66:eb:00:8e:bf:99:ab:c0:b2:
90:1a:11:3c:e8:06:6d:25:30:83:f9:5b:1f:de:8d:c6:3c:ec:
c2:71:63:55:09:6a:78:09:29:04:f6:28:08:f5:0c:5c:15:72:
86:33:94:c9:77:88:df:7b:8a:23:2a:c1:8c:90:eb:7b:b9:dd:
a5:eb:dd:f8:8f:f3:a5:ad:93:72:98:b7:f2:ce:40:ed:6a:26:
d2:d4:56:85:14:75:32:51:5b:58:02:01:dd:0f:5b:9b:e1:07:
f8:62:fc:a1:ea:21:fd:43:6d:27:7b:04:d5:b5:97:b8:11:e8:
2d:bb:0d:b9:89:54:ea:66:76:6d:a1:c1:ce:8b:43:cf:57:73:
5d:63:5f:74:31:f3:0a:5c:70:6f:29:13:db:79:7f:03:78:e6:
c4:62:d2:e5:b8:fa:65:a3:db:ec:9b:a2:d6:0b:5c:08:42:c0:
5a:0f:75:ec:e8:25:52:eb:92:e3:c9:14:b7:5a:26:2b:79:7e:
4d:26:4b:93:1e:4e:1d:ae:97:f2:bc:5b:3d:24:84:77:5b:80:
47:08:4a:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUA3NRi28HcqLcT2g0OiSBTD718PAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0NGIxZDUwMjI3ZTkwYWM2YzJlZmUxYmQwMTE1YmY0MjgyZjUwN2Q1ZGJk
OGE4N2MwYTJkMzQ4MTJiZWQ4OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzl5KZ8uaUrQHYwAU9rFdHaoJ1n/8jLSoaEn/WenRw/IheoQA+VZoTRglFA
gYD/WhClNuW5UHI4CvyvgqIHvuX8ws7qz/JBPk0rVju82G5gNDeb872Y5xllxNSI
H9jGUYMuxOhjGeSD6XuZmBHcyreJCNscYEjVPXWjKX17juSJlF0rIZIxVGhxGC6A
KUWtOIRq5LWmNJ0vBxNek4BJTfElZpYPZ32wxAOfHfIP3ekSZUawZQ6ilh4FmeZP
FHngTUy2PDCcfBtnFDYQ8YyQf/yyMMPXe10CBDs54/ko5ellF8IimBKCkDVLFVpF
9yUTrllUIzhWW+Nbxv+JG/Eitv0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQoSkcI
sfewJpGzYvXOtKeBCDUjYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGUzYjY1MjMtMDc1Zi00ZmQ3LTk2YmUtZDAxYzJjNzc5ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
gDANBgkqhkiG9w0BAQsFAAOCAQEARYRdCwzK2MWM4DxadJlrFlC7qX2HnvHLTWxG
a5DKF0CxW2w4qo/V8SmbZ+8WZusAjr+Zq8CykBoRPOgGbSUwg/lbH96NxjzswnFj
VQlqeAkpBPYoCPUMXBVyhjOUyXeI33uKIyrBjJDre7ndpevd+I/zpa2Tcpi38s5A
7Wom0tRWhRR1MlFbWAIB3Q9bm+EH+GL8oeoh/UNtJ3sE1bWXuBHoLbsNuYlU6mZ2
baHBzotDz1dzXWNfdDHzClxwbykT23l/A3jmxGLS5bj6ZaPb7Jui1gtcCELAWg91
7OglUuuS48kUt1omK3l+TSZLkx5OHa6X8rxbPSSEd1uARwhKaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:58 2025 by rpki-client