Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
File: 548c7809-c2c8-4bf5-a33c-448c8e554df7.roa (raw, json)
Hash identifier: zWuObTxSjELcvFXoqijliq9VJ2gNSqfdl7QV+k9R6GQ=
Subject key identifier: C1:1B:D7:64:8D:7F:5C:C7:60:20:4C:A4:A6:E1:39:D7:FF:5F:00:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0817A230EE20636163F6A7414F8F595D5F27951C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:90c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:17:a2:30:ee:20:63:61:63:f6:a7:41:4f:8f:59:5d:5f:27:95:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=7f05197bea0c61ad02af64a9e67ca261e23986d1ff59358cc8e2525300be246a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5a:e6:a0:37:c6:8f:70:45:9a:34:2a:f7:e1:
5d:b3:a0:b8:6a:2e:3b:d6:08:e5:ca:79:5c:7e:eb:
cf:f3:61:95:e1:ce:15:e2:77:18:ca:c6:da:8a:4a:
2d:ec:0e:6d:cc:48:fe:6d:b7:ff:30:25:27:95:dc:
a1:ad:84:25:ae:98:8b:14:e8:d1:5a:8f:62:41:b6:
f6:7f:af:e9:5b:98:f2:3b:b4:0b:4e:8b:44:90:09:
da:94:24:59:5a:ca:b3:b6:05:e4:f3:b4:21:32:c7:
bd:de:38:47:a2:e2:2f:58:cc:f1:e3:2b:7d:94:41:
e4:3b:31:62:1d:2e:fd:b1:f3:75:48:4a:90:fa:ef:
cc:70:17:e7:4a:51:13:93:5d:38:8b:05:84:08:8b:
26:cf:c4:fe:61:3b:be:03:01:2a:2d:8a:da:9f:10:
43:b1:69:bb:3a:53:78:50:59:34:4c:0f:4f:9d:c6:
20:80:f8:18:c6:ac:7b:d0:49:5e:d0:c1:b4:14:06:
3d:12:f8:81:61:a3:23:70:95:50:01:d2:16:ea:4c:
83:32:07:2f:85:29:42:5b:9c:01:d8:6d:56:8d:6c:
f0:41:31:7c:8c:0a:55:1f:ce:4a:fe:ca:32:f9:a0:
c0:a6:cb:5b:b7:a6:01:20:d4:f2:3a:51:14:9e:ae:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1B:D7:64:8D:7F:5C:C7:60:20:4C:A4:A6:E1:39:D7:FF:5F:00:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
83:f1:cf:ee:8d:f0:d9:be:d0:57:8e:58:64:95:07:de:27:15:
5b:95:b8:22:ca:12:14:e6:1f:1b:48:a2:4e:1c:72:ab:ae:19:
c4:c2:e0:18:06:5c:fc:c1:f8:3d:c5:79:6c:2c:dd:80:16:f2:
fa:e3:91:0f:48:5e:41:4e:d9:a3:e5:84:51:95:3e:80:8b:47:
c5:02:3c:92:e8:59:ab:cf:37:27:e3:1b:27:62:64:54:90:6a:
bd:6a:d5:34:13:f4:46:0a:4a:9c:a2:b6:bc:58:99:71:34:1f:
49:3d:96:c8:e9:c8:3c:64:ff:17:be:78:48:46:9f:0f:c5:7e:
65:6a:b7:f6:e2:da:81:9b:d1:86:b4:08:db:c2:b5:99:1d:1e:
54:05:e3:fc:d3:6f:3b:f0:ca:ef:38:fc:3a:b0:e8:a0:24:77:
1a:44:02:0a:fe:23:f5:5f:c3:33:5e:45:32:66:18:aa:c8:9a:
0d:86:15:d4:ac:f4:1d:2e:0f:06:02:9f:63:2e:c2:e5:98:ff:
ec:29:ce:e8:4b:3f:39:8a:d1:c2:e5:81:31:4d:06:5b:98:02:
3e:bb:d0:31:77:81:e2:79:4c:f8:07:4e:38:56:4e:f6:a7:cd:
86:3c:70:d0:04:f6:69:04:38:26:ee:92:9f:43:8b:f9:29:b7:
12:b3:a8:2d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCBeiMO4gY2Fj9qdBT49ZXV8nlRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMDUxOTdiZWEwYzYxYWQwMmFmNjRhOWU2N2NhMjYxZTIzOTg2ZDFmZjU5
MzU4Y2M4ZTI1MjUzMDBiZTI0NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9a5qA3xo9wRZo0KvfhXbOguGouO9YI5cp5XH7rz/NhleHOFeJ3GMrG2opK
LewObcxI/m23/zAlJ5Xcoa2EJa6YixTo0VqPYkG29n+v6VuY8ju0C06LRJAJ2pQk
WVrKs7YF5PO0ITLHvd44R6LiL1jM8eMrfZRB5DsxYh0u/bHzdUhKkPrvzHAX50pR
E5NdOIsFhAiLJs/E/mE7vgMBKi2K2p8QQ7FpuzpTeFBZNEwPT53GIID4GMase9BJ
XtDBtBQGPRL4gWGjI3CVUAHSFupMgzIHL4UpQlucAdhtVo1s8EExfIwKVR/OSv7K
MvmgwKbLW7emASDU8jpRFJ6ubV0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBG9dk
jX9cx2AgTKSm4TnX/18AWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ4Yzc4MDktYzJjOC00YmY1LWEzM2MtNDQ4YzhlNTU0ZGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAg/HP7o3w2b7QV45YZJUH3icVW5W4IsoSFOYf
G0iiThxyq64ZxMLgGAZc/MH4PcV5bCzdgBby+uORD0heQU7Zo+WEUZU+gItHxQI8
kuhZq883J+MbJ2JkVJBqvWrVNBP0RgpKnKK2vFiZcTQfST2WyOnIPGT/F754SEaf
D8V+ZWq39uLagZvRhrQI28K1mR0eVAXj/NNvO/DK7zj8OrDooCR3GkQCCv4j9V/D
M15FMmYYqsiaDYYV1Kz0HS4PBgKfYy7C5Zj/7CnO6Es/OYrRwuWBMU0GW5gCPrvQ
MXeB4nlM+AdOOFZO9qfNhjxw0AT2aQQ4Ju6Sn0OL+Sm3ErOoLQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:04 2025 by rpki-client