Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json)
Hash identifier: BYtn+oyFuhsX6+Vv+JRP/pJqQD9oG+1RcxgOaYsjtI0=
Subject key identifier: 7A:40:2C:19:D1:39:76:A7:CA:A3:05:EA:ED:FB:99:8B:10:D7:E7:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3429EC8D824FE39E9D0E9FD5AB76D32885E61790
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:29:ec:8d:82:4f:e3:9e:9d:0e:9f:d5:ab:76:d3:28:85:e6:17:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=c2bdaca89851fadcbd9e79f442ae818e6069e6c0d9e65c8d9603031e63be33c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:94:23:32:db:07:b2:25:c6:ef:29:09:11:40:
c7:e6:ae:a2:42:b1:44:a9:fc:28:bf:cb:8f:69:1d:
e3:a4:5c:d8:d8:8f:24:7f:fd:68:74:e3:fe:12:2e:
93:1b:61:dd:2f:98:a8:3b:1b:13:e2:f3:98:89:7b:
9c:b8:42:a5:9e:e8:9d:77:99:69:a4:b5:93:59:ae:
f6:4d:c0:e7:8e:60:be:3a:1a:11:42:f7:07:11:32:
3b:ea:8c:28:ed:9c:74:66:6b:3f:41:ad:fc:83:be:
20:a5:28:f1:7d:f8:b0:10:71:3b:c8:a5:42:cd:f6:
ee:9f:06:09:93:45:d3:85:4b:20:9a:a6:ed:af:d4:
6d:b8:37:c9:09:e7:f7:58:c3:ea:26:28:58:9f:5c:
2c:3d:36:dd:07:f3:41:e0:fc:f7:5b:b5:8a:7f:d0:
f2:80:95:89:24:ea:91:04:37:64:05:59:9b:46:57:
d4:ae:bd:69:0f:8a:ec:26:4b:70:67:c8:a6:ff:0f:
8e:2a:0e:33:f3:e2:9f:59:22:87:b2:80:c8:a8:13:
6a:21:43:72:91:fe:72:fc:53:d9:8f:58:72:14:c1:
12:fc:dc:e6:47:fb:c6:8c:9a:93:26:a3:02:a9:8b:
ec:56:86:b9:06:7b:3f:fb:df:c3:09:c8:68:77:bb:
8d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:40:2C:19:D1:39:76:A7:CA:A3:05:EA:ED:FB:99:8B:10:D7:E7:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:ef:02:40:bd:04:1b:63:8d:12:60:14:32:1d:ab:b0:0f:ad:
e0:27:69:75:59:53:1e:1f:6d:4a:82:66:1e:6d:03:ec:84:d3:
6f:6c:b6:3b:3a:df:d6:d3:17:64:51:6d:d0:f8:69:e6:38:4f:
33:60:bd:05:d6:d3:d6:19:0c:df:c6:ba:34:b7:9f:ef:64:ee:
cb:37:b3:6e:36:e4:1e:b7:18:7f:e9:3e:aa:90:7f:e4:2e:be:
8d:d9:1a:61:c0:8f:4a:85:54:0e:cf:20:b5:de:c0:8d:24:76:
74:53:b9:40:50:8e:60:bc:18:70:e9:a8:04:99:d5:37:0f:4e:
ee:fb:87:cf:21:68:68:c4:3b:8a:7c:37:8f:3a:fc:05:03:2a:
3b:38:1c:b0:4e:7d:9d:71:da:45:ae:3b:37:46:0c:9d:92:c1:
a3:ab:8a:53:5b:19:0c:8d:85:5e:49:50:51:39:4e:34:83:6d:
73:37:26:6e:2d:42:56:0e:71:d1:9e:81:c0:03:30:7f:90:ad:
94:7d:e9:8d:73:71:9f:1b:14:91:13:85:fe:76:59:e0:02:d0:
34:28:ce:25:c1:21:f1:41:c3:a3:8b:10:46:b2:fd:93:b0:bc:
d9:4d:2b:93:63:c6:21:57:41:4e:3e:3e:d3:5f:3d:85:89:16:
6a:8e:5c:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNCnsjYJP456dDp/Vq3bTKIXmF5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyYmRhY2E4OTg1MWZhZGNiZDllNzlmNDQyYWU4MThlNjA2OWU2YzBkOWU2
NWM4ZDk2MDMwMzFlNjNiZTMzYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCUIzLbB7Ilxu8pCRFAx+auokKxRKn8KL/Lj2kd46Rc2NiPJH/9aHTj/hIu
kxth3S+YqDsbE+LzmIl7nLhCpZ7onXeZaaS1k1mu9k3A545gvjoaEUL3BxEyO+qM
KO2cdGZrP0Gt/IO+IKUo8X34sBBxO8ilQs327p8GCZNF04VLIJqm7a/Ubbg3yQnn
91jD6iYoWJ9cLD023QfzQeD891u1in/Q8oCViSTqkQQ3ZAVZm0ZX1K69aQ+K7CZL
cGfIpv8PjioOM/Pin1kih7KAyKgTaiFDcpH+cvxT2Y9YchTBEvzc5kf7xoyakyaj
AqmL7FaGuQZ7P/vfwwnIaHe7jSMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6QCwZ
0Tl2p8qjBert+5mLENfnoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCM7wJAvQQbY40SYBQyHauwD63gJ2l1WVMeH21K
gmYebQPshNNvbLY7Ot/W0xdkUW3Q+GnmOE8zYL0F1tPWGQzfxro0t5/vZO7LN7Nu
NuQetxh/6T6qkH/kLr6N2RphwI9KhVQOzyC13sCNJHZ0U7lAUI5gvBhw6agEmdU3
D07u+4fPIWhoxDuKfDePOvwFAyo7OBywTn2dcdpFrjs3RgydksGjq4pTWxkMjYVe
SVBROU40g21zNyZuLUJWDnHRnoHAAzB/kK2UfemNc3GfGxSRE4X+dlngAtA0KM4l
wSHxQcOjixBGsv2TsLzZTSuTY8YhV0FOPj7TXz2FiRZqjlzK
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:00 2025 by rpki-client