Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58380c09-9a88-4034-951d-fc94a6187f3a.roa
File: 58380c09-9a88-4034-951d-fc94a6187f3a.roa (raw, json)
Hash identifier: mMWxZWh292JkBlARj8viom5w1pt1jEio+oJs671GViQ=
Subject key identifier: 75:DA:56:F1:AF:28:85:17:7D:9B:EB:71:60:B6:C0:F3:06:13:C0:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E7B4592836F72C5B78CA1C3F3DB7D63A519A0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58380c09-9a88-4034-951d-fc94a6187f3a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e7:b4:59:28:36:f7:2c:5b:78:ca:1c:3f:3d:b7:d6:3a:51:9a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a315aa006cccc1dd7f767c681bcd283199f587770e877b6858edb77e90273d64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f7:96:a6:2d:33:86:a4:2f:9d:75:b0:cb:dd:
43:2e:4b:29:f7:06:00:7a:da:a3:df:96:5b:74:1c:
4a:fd:2e:e7:cd:75:22:45:5b:38:a4:91:7e:3a:e8:
61:f6:17:7f:c9:b7:91:db:a1:52:04:85:5c:6d:80:
b6:90:bc:53:5f:d3:43:65:67:12:40:12:43:cb:17:
44:c3:34:13:21:13:51:78:e8:3b:6d:38:87:b1:0b:
ba:64:d6:72:c5:6e:21:07:96:47:ed:44:cc:69:67:
68:61:43:0a:2f:46:fd:19:a9:c8:0e:67:7b:e3:bc:
71:16:2b:b8:8b:5c:4c:53:6c:b9:41:7b:51:c9:f7:
35:f5:1f:79:37:90:42:03:ec:93:f6:10:17:1b:e4:
75:15:0b:b4:3b:08:7b:d4:bc:41:7a:83:8d:7f:11:
15:dd:af:10:0f:b8:a3:05:04:19:54:42:2d:cf:50:
0b:b2:6c:79:b7:4b:4d:bb:39:f4:78:9f:9a:8c:4a:
af:01:0e:a0:ef:74:84:8a:05:ce:f5:f6:ef:02:6a:
94:31:05:1a:9a:76:b3:71:01:48:36:8f:d6:bd:d4:
f7:98:39:b6:a1:6b:ef:99:87:eb:6d:a5:78:e8:b8:
ae:0c:fb:42:25:b7:73:c6:82:19:dd:f3:dd:ec:f7:
13:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DA:56:F1:AF:28:85:17:7D:9B:EB:71:60:B6:C0:F3:06:13:C0:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58380c09-9a88-4034-951d-fc94a6187f3a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:4b:09:71:f9:63:cf:cf:e3:af:93:0d:98:6e:41:67:60:7c:
69:af:07:ee:af:d6:dc:be:ad:b2:12:c1:d6:f6:6b:b5:df:14:
65:4f:7c:ef:b3:b3:c6:57:69:0f:1a:f6:b6:a9:a9:6d:18:d2:
6b:6c:63:c5:8c:d5:2f:35:64:e9:3c:17:3a:64:e4:2c:9a:e2:
bf:e7:76:00:22:88:cd:b9:21:b4:df:c3:3f:d7:b8:53:8d:9b:
59:1b:33:0f:ee:f3:ed:7d:98:0c:2e:b0:f7:76:3d:12:59:e4:
1f:2d:7b:50:c0:c8:81:0c:a4:68:64:22:bd:d0:b4:f4:e9:93:
31:1b:bd:b8:a5:a9:97:f0:55:72:1b:10:dc:0c:4f:05:c5:7d:
d8:05:07:2f:ba:75:f1:ec:7e:31:c6:d6:c6:ca:f2:4f:84:bf:
75:87:02:d5:9a:9e:dc:f8:ca:0c:ca:63:de:64:df:21:7c:6a:
4f:9a:e7:14:75:3c:52:1f:07:01:87:3e:bc:21:6e:1e:2d:0c:
94:f0:06:5b:86:0d:73:f5:40:5c:1a:36:e9:3a:98:15:fe:25:
d3:cc:11:a7:2c:fd:af:7e:97:64:8c:38:18:fc:f6:1e:cf:d0:
4f:c8:f8:46:aa:99:cc:93:db:97:b5:8a:77:c9:c6:2b:0f:0e:
2d:3b:7b:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaee0WSg29yxbeMocPz231jpRmg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMTVhYTAwNmNjY2MxZGQ3Zjc2N2M2ODFiY2QyODMxOTlmNTg3NzcwZTg3
N2I2ODU4ZWRiNzdlOTAyNzNkNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOv3lqYtM4akL511sMvdQy5LKfcGAHrao9+WW3QcSv0u5811IkVbOKSRfjro
YfYXf8m3kduhUgSFXG2AtpC8U1/TQ2VnEkASQ8sXRMM0EyETUXjoO204h7ELumTW
csVuIQeWR+1EzGlnaGFDCi9G/RmpyA5ne+O8cRYruItcTFNsuUF7Ucn3NfUfeTeQ
QgPsk/YQFxvkdRULtDsIe9S8QXqDjX8RFd2vEA+4owUEGVRCLc9QC7JsebdLTbs5
9HifmoxKrwEOoO90hIoFzvX27wJqlDEFGpp2s3EBSDaP1r3U95g5tqFr75mH622l
eOi4rgz7QiW3c8aCGd3z3ez3ExsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR12lbx
ryiFF32b63FgtsDzBhPAZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgzODBjMDktOWE4OC00MDM0LTk1MWQtZmM5NGE2MTg3ZjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
wDANBgkqhkiG9w0BAQsFAAOCAQEAGksJcfljz8/jr5MNmG5BZ2B8aa8H7q/W3L6t
shLB1vZrtd8UZU9877OzxldpDxr2tqmpbRjSa2xjxYzVLzVk6TwXOmTkLJriv+d2
ACKIzbkhtN/DP9e4U42bWRszD+7z7X2YDC6w93Y9ElnkHy17UMDIgQykaGQivdC0
9OmTMRu9uKWpl/BVchsQ3AxPBcV92AUHL7p18ex+McbWxsryT4S/dYcC1Zqe3PjK
DMpj3mTfIXxqT5rnFHU8Uh8HAYc+vCFuHi0MlPAGW4YNc/VAXBo26TqYFf4l08wR
pyz9r36XZIw4GPz2Hs/QT8j4RqqZzJPbl7WKd8nGKw8OLTt7ng==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:38:21 2025 by rpki-client