Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
File: 4ec3ef54-a209-4902-b036-4d329fe00df1.roa (raw, json)
Hash identifier: WLgu1ftakYztmvKwx+9QUNYlUm1pR887RZ0xsCOk+8w=
Subject key identifier: 6F:EE:51:BE:A1:E2:0D:06:E6:E9:9A:88:0E:9B:8F:B0:9C:90:2D:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39D310F7F58BAF13DF16E663502CA8AEA41C5020
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8020::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:d3:10:f7:f5:8b:af:13:df:16:e6:63:50:2c:a8:ae:a4:1c:50:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6b13f9ef7d6409c7e2128b3ebaecd20b79101f6a708a663938ffb6b01a203851, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:49:4e:42:a5:90:8b:d1:07:3a:c0:03:80:9b:
8c:ac:0a:aa:2b:45:12:51:0b:bd:9b:64:fa:9f:c6:
23:08:8e:c6:db:dd:15:e7:67:66:b5:ae:49:65:4a:
4f:27:8c:61:9e:2f:13:33:19:15:30:61:54:25:df:
1c:45:f9:3e:f3:b9:13:29:de:64:14:f8:41:71:61:
96:af:e4:e6:25:70:d5:a3:6f:53:5a:92:a7:7d:e6:
85:83:1a:50:34:67:35:1c:3c:f3:20:77:88:5f:8c:
01:59:a1:5b:70:f5:b2:21:a5:cc:5f:dc:c6:1a:be:
15:3e:4f:84:ab:2d:52:48:ef:90:16:08:f9:26:b0:
39:f0:64:23:97:58:4b:2d:15:e1:ef:15:85:91:fd:
e1:d4:dc:66:f2:3f:9d:c6:fa:aa:b4:13:db:6e:db:
34:8a:b4:e9:4d:be:a8:14:1e:52:3b:c4:a9:98:64:
72:df:60:20:43:81:41:8d:8b:8b:36:4a:4a:0c:38:
69:ce:81:36:ec:f2:c6:dc:29:82:d3:c5:d7:5f:5d:
34:05:fc:7e:fb:ee:d8:d3:53:62:50:ee:65:8e:f2:
84:10:8b:4a:57:f1:38:8d:cc:99:16:8e:cb:e9:ab:
b2:90:33:29:b8:05:2f:09:58:79:98:d8:b1:6b:60:
c4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EE:51:BE:A1:E2:0D:06:E6:E9:9A:88:0E:9B:8F:B0:9C:90:2D:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8020::/46
Signature Algorithm: sha256WithRSAEncryption
58:26:0b:9f:c1:4e:31:17:7d:0b:d3:d2:44:71:ae:d2:38:33:
3e:43:27:15:52:5c:df:bc:98:f6:52:a6:e0:90:40:70:83:0c:
4d:8d:cb:3a:c1:e9:89:8c:50:a7:bd:8e:cb:f2:27:0c:ec:37:
ac:7f:fa:1e:f8:84:f9:54:66:67:77:49:09:b7:0c:24:58:68:
86:76:29:f4:f3:b7:27:18:02:bc:29:32:33:42:b1:7b:ab:b6:
a2:8d:3e:41:68:99:e7:80:f0:e7:45:a3:00:33:2d:90:fa:42:
6c:3f:1a:16:12:6d:c6:05:8d:75:f5:4f:e7:72:73:ab:d7:42:
ec:61:d9:aa:ad:63:c6:77:24:8f:eb:cf:11:df:17:15:f6:08:
c8:b3:72:4c:ca:67:cb:c0:00:0b:77:d7:ad:dc:cc:e7:6d:eb:
7e:f5:f8:5f:8f:fd:71:38:1a:4f:01:13:73:40:7b:3b:74:17:
50:b8:e6:27:77:2d:bd:05:43:96:b7:87:0f:97:a4:ef:37:0d:
ed:b6:49:77:a5:ba:a3:f9:bc:de:bb:1d:33:c2:da:f9:60:6b:
ab:53:e8:75:25:cd:44:1f:94:9c:fd:16:e5:10:b1:78:ae:5f:
09:62:6c:71:e8:b8:e1:02:94:78:f1:c3:ef:f1:ee:33:7e:75:
20:1e:09:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOdMQ9/WLrxPfFuZjUCyorqQcUCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMTNmOWVmN2Q2NDA5YzdlMjEyOGIzZWJhZWNkMjBiNzkxMDFmNmE3MDhh
NjYzOTM4ZmZiNmIwMWEyMDM4NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1JTkKlkIvRBzrAA4CbjKwKqitFElELvZtk+p/GIwiOxtvdFednZrWuSWVK
TyeMYZ4vEzMZFTBhVCXfHEX5PvO5EyneZBT4QXFhlq/k5iVw1aNvU1qSp33mhYMa
UDRnNRw88yB3iF+MAVmhW3D1siGlzF/cxhq+FT5PhKstUkjvkBYI+SawOfBkI5dY
Sy0V4e8VhZH94dTcZvI/ncb6qrQT227bNIq06U2+qBQeUjvEqZhkct9gIEOBQY2L
izZKSgw4ac6BNuzyxtwpgtPF119dNAX8fvvu2NNTYlDuZY7yhBCLSlfxOI3MmRaO
y+mrspAzKbgFLwlYeZjYsWtgxDcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRv7lG+
oeINBubpmogOm4+wnJAtOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVjM2VmNTQtYTIwOS00OTAyLWIwMzYtNGQzMjlmZTAwZGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
IDANBgkqhkiG9w0BAQsFAAOCAQEAWCYLn8FOMRd9C9PSRHGu0jgzPkMnFVJc37yY
9lKm4JBAcIMMTY3LOsHpiYxQp72Oy/InDOw3rH/6HviE+VRmZ3dJCbcMJFhohnYp
9PO3JxgCvCkyM0Kxe6u2oo0+QWiZ54Dw50WjADMtkPpCbD8aFhJtxgWNdfVP53Jz
q9dC7GHZqq1jxnckj+vPEd8XFfYIyLNyTMpny8AAC3fXrdzM523rfvX4X4/9cTga
TwETc0B7O3QXULjmJ3ctvQVDlreHD5ek7zcN7bZJd6W6o/m83rsdM8La+WBrq1Po
dSXNRB+UnP0W5RCxeK5fCWJscei44QKUePHD7/HuM351IB4Jwg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:25:10 2025 by rpki-client