Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: skEpCqE+daMMD0Jkk6/vb89irq+zUXO5FqeXUn6+cTY=
Subject key identifier: 81:BB:62:A3:5A:7B:32:51:9F:FA:38:72:09:CB:31:13:1A:C5:5E:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45ABD96242F10F88BF39E1A3157CAE161B7B7107
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:ab:d9:62:42:f1:0f:88:bf:39:e1:a3:15:7c:ae:16:1b:7b:71:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=85b8377a932835b8334092a03ee69b09085c60d83f9c9cca1f4b4ea9effb70bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:47:50:bb:ab:f4:97:9a:72:21:79:55:6c:
1f:75:e9:cf:d3:c3:07:c9:2b:79:92:53:e1:cc:e6:
9c:7e:1e:19:df:92:fc:e4:a0:f1:c9:1d:97:08:8f:
33:ac:54:fd:39:ae:19:63:84:09:8e:48:c1:e7:73:
f8:50:12:03:21:21:2a:b2:02:ac:a1:6b:41:ed:d4:
a7:65:73:a9:23:5b:87:ba:78:27:60:2a:93:0e:d6:
45:c9:02:26:8f:e1:77:30:0b:cb:6b:2d:31:89:1d:
a3:2c:1a:c8:83:90:60:09:bd:d1:4d:af:d3:a8:51:
74:b0:e1:b6:f0:48:9f:5d:a0:93:44:91:5f:d5:57:
be:65:61:eb:30:38:43:e9:8f:d5:6b:83:d6:21:7c:
f2:ba:1b:8a:eb:4e:c3:77:01:3a:0a:08:b2:19:8b:
5c:9b:c4:64:e4:20:7a:2b:59:5f:c5:12:f1:d1:f7:
89:11:19:87:6d:d7:93:ed:e3:ee:8f:f5:ea:f8:c0:
bf:da:c4:54:56:00:63:b5:36:01:70:af:c2:93:42:
28:f8:09:39:45:21:7a:0e:55:9c:6f:6e:81:11:05:
be:1b:11:86:87:17:3c:31:d3:7d:e0:0b:53:65:ba:
5c:2a:d7:48:51:0f:23:8c:26:8d:da:c4:1e:b9:89:
fd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BB:62:A3:5A:7B:32:51:9F:FA:38:72:09:CB:31:13:1A:C5:5E:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
81:f1:6c:19:78:28:9b:39:39:fe:3d:52:c7:ee:1f:09:b4:3a:
b0:5a:14:0e:0d:a0:19:8e:47:5b:5a:0c:fa:d3:cc:b1:7c:e2:
99:5d:e6:cb:d1:ed:db:11:0e:40:12:26:8e:39:29:0b:3d:ec:
d8:c9:44:b0:56:71:38:d3:77:4f:f4:a4:0f:59:29:c2:45:54:
1a:b6:2a:6b:79:aa:b4:dd:dd:fd:31:56:f2:a2:f4:01:e8:09:
25:c0:57:d8:ab:89:73:c7:06:f6:0a:b3:89:7a:95:3e:1f:a8:
b5:c4:33:d0:83:21:0f:b6:09:a5:43:cf:eb:b7:ba:76:66:43:
38:48:c9:e2:22:92:25:35:e4:11:42:ca:c6:33:e1:07:01:73:
46:8e:04:3d:08:ed:18:b4:28:d1:34:bb:e7:e5:f6:c4:58:08:
80:02:65:27:0f:09:0c:89:3c:e6:aa:c8:17:42:fe:6f:57:37:
cf:04:32:6b:8d:43:85:53:5b:9b:1c:86:fc:5d:ab:f9:82:b3:
f5:81:f2:c0:8f:68:d2:f5:d5:a8:b8:56:f5:2f:8f:e5:a7:1f:
81:42:5d:90:c5:8b:76:4c:0c:06:d9:21:1a:c7:4a:f9:fc:f1:
cd:ce:a2:69:b8:2e:fd:bf:ff:7b:89:36:1a:4e:dc:80:75:14:
89:66:b4:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURavZYkLxD4i/OeGjFXyuFht7cQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YjgzNzdhOTMyODM1YjgzMzQwOTJhMDNlZTY5YjA5MDg1YzYwZDgzZjlj
OWNjYTFmNGI0ZWE5ZWZmYjcwYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2bR1C7q/SXmnIheVVsH3Xpz9PDB8kreZJT4czmnH4eGd+S/OSg8ckdlwiP
M6xU/TmuGWOECY5Iwedz+FASAyEhKrICrKFrQe3Up2VzqSNbh7p4J2Aqkw7WRckC
Jo/hdzALy2stMYkdoywayIOQYAm90U2v06hRdLDhtvBIn12gk0SRX9VXvmVh6zA4
Q+mP1WuD1iF88robiutOw3cBOgoIshmLXJvEZOQgeitZX8US8dH3iREZh23Xk+3j
7o/16vjAv9rEVFYAY7U2AXCvwpNCKPgJOUUheg5VnG9ugREFvhsRhocXPDHTfeAL
U2W6XCrXSFEPI4wmjdrEHrmJ/ZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBu2Kj
WnsyUZ/6OHIJyzETGsVevTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCB8WwZeCibOTn+PVLH7h8JtDqwWhQODaAZjkdb
Wgz608yxfOKZXebL0e3bEQ5AEiaOOSkLPezYyUSwVnE403dP9KQPWSnCRVQatipr
eaq03d39MVbyovQB6AklwFfYq4lzxwb2CrOJepU+H6i1xDPQgyEPtgmlQ8/rt7p2
ZkM4SMniIpIlNeQRQsrGM+EHAXNGjgQ9CO0YtCjRNLvn5fbEWAiAAmUnDwkMiTzm
qsgXQv5vVzfPBDJrjUOFU1ubHIb8Xav5grP1gfLAj2jS9dWouFb1L4/lpx+BQl2Q
xYt2TAwG2SEax0r5/PHNzqJpuC79v/97iTYaTtyAdRSJZrQv
-----END CERTIFICATE-----
Generated at Fri May 2 16:06:59 2025 by rpki-client