Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: gE9jJerel3H7Ik3Qh9HJc2CuAGh4aVVNgqLBudlneUc=
Subject key identifier: CF:61:83:C6:F6:97:4A:F8:18:48:18:58:ED:BE:AB:F6:60:45:40:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1851BFC87F403D5EECA7AE9056F68ACF53281B43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:51:bf:c8:7f:40:3d:5e:ec:a7:ae:90:56:f6:8a:cf:53:28:1b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=126ca08f883fff78cbd55b5c8d957efc9d38c05a5055675826f638ed6dced0b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f7:f9:0e:f1:7d:8b:79:29:95:6a:02:0b:b3:
b3:76:43:2f:23:c1:b5:f7:d5:64:7d:bc:41:28:4e:
25:0c:5f:06:30:12:a7:68:41:e2:3c:fb:2f:3f:54:
97:b5:98:df:00:8d:ec:0b:ca:d6:9a:22:31:66:20:
c2:f5:68:e2:34:f2:66:b2:b1:cd:34:3d:2d:ce:e1:
09:95:c1:fb:f1:06:64:c2:b8:80:7e:2e:e7:e9:4e:
43:c8:70:b8:c9:fc:0a:ca:1e:da:37:81:dc:c7:ac:
50:56:94:31:0c:cd:4c:ca:1e:6a:49:03:73:1d:1e:
77:9b:44:ca:f7:6b:30:e0:0f:ed:58:96:c3:5c:0a:
21:f6:ed:64:12:92:5b:21:c3:e1:5d:08:0e:9e:93:
d3:a7:d0:41:58:ab:3b:bc:36:00:17:39:e7:d0:43:
5a:16:7f:29:d8:a0:4e:6d:0c:f9:92:44:a8:8c:4a:
a6:8e:de:f3:65:f6:4d:f8:4d:47:4f:8e:40:08:8b:
e1:b1:87:e6:4c:56:81:69:9f:31:fc:31:c4:4f:9a:
c4:ad:a2:69:ea:9b:1b:2e:eb:dd:f0:c3:1b:fa:30:
7a:49:01:b1:d0:3b:da:96:ab:65:7f:97:cd:79:6b:
f2:f3:da:6e:9d:07:1f:f2:84:94:1b:df:39:97:55:
e5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:61:83:C6:F6:97:4A:F8:18:48:18:58:ED:BE:AB:F6:60:45:40:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
77:ce:a0:2a:df:e8:fc:c6:bb:d2:bc:ee:89:57:e4:e6:f7:7c:
f9:51:f7:06:9f:c7:bf:57:25:f1:e7:e3:57:0f:e5:c5:36:02:
66:21:4d:1c:13:f3:2b:8d:48:a8:7b:fe:89:9e:f4:8b:d9:fa:
f3:2e:cd:0d:45:4c:a7:95:99:c7:28:19:ba:1e:46:28:69:6b:
85:44:4f:4f:65:48:28:4a:1a:5e:0c:87:27:b3:75:17:16:39:
45:00:76:0d:aa:0b:6a:db:71:a9:10:d5:21:eb:58:37:5a:d1:
80:87:16:01:77:7d:f1:82:23:d4:ae:58:30:30:74:c4:10:dd:
29:f1:84:cf:d8:8f:7e:d6:21:9b:53:18:71:ac:95:04:c8:1d:
72:8c:b3:b8:a8:eb:25:61:d3:c5:7f:8a:dd:d5:80:98:66:67:
06:d4:df:ef:ce:2f:b1:b2:1c:29:6f:ae:76:5f:ec:84:f5:35:
fe:a4:2d:ec:b1:a9:9f:ad:4b:d0:b4:d0:08:46:51:12:ba:20:
7d:81:0a:69:97:48:af:67:23:9a:32:3f:5a:cf:ce:a4:e5:ee:
f3:48:1c:7d:2c:51:68:89:86:26:fa:9b:5f:7f:8e:46:59:73:
69:03:66:9d:b4:2b:57:9c:2d:e3:66:db:6b:4a:b4:4d:72:15:
a2:63:b9:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGFG/yH9APV7sp66QVvaKz1MoG0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNmNhMDhmODgzZmZmNzhjYmQ1NWI1YzhkOTU3ZWZjOWQzOGMwNWE1MDU1
Njc1ODI2ZjYzOGVkNmRjZWQwYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP3+Q7xfYt5KZVqAguzs3ZDLyPBtffVZH28QShOJQxfBjASp2hB4jz7Lz9U
l7WY3wCN7AvK1poiMWYgwvVo4jTyZrKxzTQ9Lc7hCZXB+/EGZMK4gH4u5+lOQ8hw
uMn8Csoe2jeB3MesUFaUMQzNTMoeakkDcx0ed5tEyvdrMOAP7ViWw1wKIfbtZBKS
WyHD4V0IDp6T06fQQVirO7w2ABc559BDWhZ/KdigTm0M+ZJEqIxKpo7e82X2TfhN
R0+OQAiL4bGH5kxWgWmfMfwxxE+axK2iaeqbGy7r3fDDG/owekkBsdA72parZX+X
zXlr8vPabp0HH/KElBvfOZdV5R8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPYYPG
9pdK+BhIGFjtvqv2YEVAfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB3zqAq3+j8xrvSvO6JV+Tm93z5UfcGn8e/VyXx
5+NXD+XFNgJmIU0cE/MrjUioe/6JnvSL2frzLs0NRUynlZnHKBm6HkYoaWuFRE9P
ZUgoShpeDIcns3UXFjlFAHYNqgtq23GpENUh61g3WtGAhxYBd33xgiPUrlgwMHTE
EN0p8YTP2I9+1iGbUxhxrJUEyB1yjLO4qOslYdPFf4rd1YCYZmcG1N/vzi+xshwp
b652X+yE9TX+pC3ssamfrUvQtNAIRlESuiB9gQppl0ivZyOaMj9az86k5e7zSBx9
LFFoiYYm+ptff45GWXNpA2adtCtXnC3jZttrSrRNchWiY7le
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:15 2025 by rpki-client