Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
File: 4e95266c-c25e-4290-89ff-746c48b05733.roa (raw, json)
Hash identifier: jM8UizLur58xJULvWug8Z5USg9sLFzzFEgpaA360IiA=
Subject key identifier: 4B:BD:D4:C5:70:B3:01:40:C4:E2:82:77:F5:52:BA:5C:E2:D1:19:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58B2BFFD7EC05222B2A0877D51C54D2D00054AC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e0c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:b2:bf:fd:7e:c0:52:22:b2:a0:87:7d:51:c5:4d:2d:00:05:4a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=b13224910897966ae94b19b0970371607401ec3b2c650aa54b4af3737bb589d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7b:3a:d4:57:71:6c:91:aa:3a:8c:85:3f:97:
f0:7d:34:10:75:16:78:de:e6:75:54:98:6f:f0:25:
99:b6:9a:52:d9:04:bc:13:43:ca:8b:2a:cc:3f:3f:
01:22:a3:40:3d:87:66:ae:7d:6b:42:f9:58:3e:47:
dd:ac:44:d7:ce:20:4f:b7:f3:d4:70:9b:60:a7:30:
3f:05:4f:51:36:a3:7c:e7:6b:d2:61:f0:49:cc:84:
e0:bb:b5:cf:3f:10:06:41:c7:e0:43:37:e0:8c:18:
08:be:2d:93:6a:7f:07:56:24:28:4a:18:b8:ca:0a:
a9:a5:7e:8c:7f:49:1e:ec:d3:ac:76:ad:75:28:b0:
44:3b:0e:c9:a3:3e:63:d6:84:3a:b6:3e:45:48:a6:
56:2a:be:e7:d7:7a:79:28:eb:08:06:45:56:ce:3e:
2d:f9:2a:44:e6:ef:5e:67:98:b6:2c:07:20:f4:29:
12:cc:f5:aa:06:d9:22:ff:63:52:f0:b1:94:6b:f2:
5a:dc:36:f4:bc:d3:d6:be:49:d9:8a:da:58:6e:c1:
61:26:20:95:0b:61:c2:32:e0:6b:26:3e:50:ec:8f:
df:3b:13:d3:2b:1b:e5:1c:b2:ff:d8:1c:10:a8:0e:
bd:e3:f8:70:e3:81:a0:25:92:99:51:08:c3:25:09:
2b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BD:D4:C5:70:B3:01:40:C4:E2:82:77:F5:52:BA:5C:E2:D1:19:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
69:41:7e:59:d1:93:4b:3d:fb:27:44:ea:df:53:f7:a9:98:aa:
af:91:9b:67:05:ef:4d:16:6b:5b:08:78:d9:07:07:b0:67:0e:
9b:ca:47:ec:9f:91:7b:7e:11:59:af:ba:47:81:cd:00:3e:6a:
a9:6c:f7:21:2b:14:17:dd:91:94:47:a4:3d:fa:15:c9:ab:54:
e6:58:73:ce:8d:ad:fe:5b:58:0f:f8:c6:a8:a0:50:1a:5b:04:
a4:40:08:0c:38:94:6f:8d:01:48:cb:2a:70:6f:db:ac:06:b3:
e5:4c:3d:b0:0c:6f:59:87:38:45:70:e4:01:3c:36:cd:4a:ec:
e0:3f:64:fc:ce:81:a1:ce:62:ec:54:b3:4f:01:c5:8b:b2:2a:
8d:b3:da:6d:02:17:5e:61:84:1c:1a:ef:fa:3c:9b:40:50:d7:
52:8a:bf:6c:75:d1:ba:2d:26:e9:f0:1b:ab:49:c8:95:67:ba:
ca:1e:2a:7c:d2:b2:39:e6:fd:84:08:fa:42:3c:5e:62:27:51:
67:f9:2a:1c:7a:42:2c:81:66:ed:ac:50:c1:d5:1e:75:2d:1d:
18:71:fc:65:57:39:bd:48:d7:55:17:33:13:83:d1:7d:d2:e2:
c5:61:8e:01:b7:e0:e6:42:0e:f0:91:2f:10:ea:e6:0b:2e:05:
0c:38:fb:25
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWLK//X7AUiKyoId9UcVNLQAFSsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMzIyNDkxMDg5Nzk2NmFlOTRiMTliMDk3MDM3MTYwNzQwMWVjM2IyYzY1
MGFhNTRiNGFmMzczN2JiNTg5ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJx7OtRXcWyRqjqMhT+X8H00EHUWeN7mdVSYb/AlmbaaUtkEvBNDyosqzD8/
ASKjQD2HZq59a0L5WD5H3axE184gT7fz1HCbYKcwPwVPUTajfOdr0mHwScyE4Lu1
zz8QBkHH4EM34IwYCL4tk2p/B1YkKEoYuMoKqaV+jH9JHuzTrHatdSiwRDsOyaM+
Y9aEOrY+RUimViq+59d6eSjrCAZFVs4+LfkqRObvXmeYtiwHIPQpEsz1qgbZIv9j
UvCxlGvyWtw29LzT1r5J2YraWG7BYSYglQthwjLgayY+UOyP3zsT0ysb5Ryy/9gc
EKgOveP4cOOBoCWSmVEIwyUJK68CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLvdTF
cLMBQMTignf1Urpc4tEZ3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU5NTI2NmMtYzI1ZS00MjkwLTg5ZmYtNzQ2YzQ4YjA1NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
wDANBgkqhkiG9w0BAQsFAAOCAQEAaUF+WdGTSz37J0Tq31P3qZiqr5GbZwXvTRZr
Wwh42QcHsGcOm8pH7J+Re34RWa+6R4HNAD5qqWz3ISsUF92RlEekPfoVyatU5lhz
zo2t/ltYD/jGqKBQGlsEpEAIDDiUb40BSMsqcG/brAaz5Uw9sAxvWYc4RXDkATw2
zUrs4D9k/M6Boc5i7FSzTwHFi7IqjbPabQIXXmGEHBrv+jybQFDXUoq/bHXRui0m
6fAbq0nIlWe6yh4qfNKyOeb9hAj6QjxeYidRZ/kqHHpCLIFm7axQwdUedS0dGHH8
ZVc5vUjXVRczE4PRfdLixWGOAbfg5kIO8JEvEOrmCy4FDDj7JQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:10 2025 by rpki-client