Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa
File: 5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa (raw, json)
Hash identifier: 6dZuWhh/61tpSx+b97pBXRfuSTxz9twTioA9C6AQdHs=
Subject key identifier: D9:59:BC:B3:91:5E:45:13:1A:B0:96:42:92:9B:95:4F:F5:44:8F:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BC0E4A6FA5A4154E8B09591F091BB521A437960
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:c00::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:c0:e4:a6:fa:5a:41:54:e8:b0:95:91:f0:91:bb:52:1a:43:79:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c555524a216ae5ff12d70e427a528cdecbedc9fabadb94c5de3890571a7e9a5b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ec:d2:c9:1e:b7:31:30:4d:33:ab:50:d9:8f:
5a:b5:b1:da:d7:26:03:b7:d9:61:99:94:dc:d6:97:
66:c4:05:5a:c1:91:57:f0:b1:0b:90:8b:c3:7b:9f:
1c:5e:a0:3b:e4:df:e5:a6:d6:ca:5d:ca:9f:de:3e:
36:b7:eb:25:3c:ba:95:c9:fb:f0:01:a1:d8:51:98:
46:b3:d3:e3:fe:9a:ac:65:d9:30:06:53:c1:fa:63:
7c:49:8d:2b:0c:b3:e0:58:3e:bb:ce:3d:a7:09:ba:
d2:89:84:6b:d6:7b:5e:d4:5e:f0:91:06:1d:ea:c6:
c5:e5:1b:7d:96:4e:21:25:54:6b:95:a4:83:22:d4:
b1:f0:3c:20:78:19:52:0b:d6:38:c0:02:eb:76:dc:
f4:5d:62:56:41:e9:5e:4d:98:8f:30:89:2d:3f:c4:
db:85:28:b1:16:bc:c4:84:9f:10:7c:b1:60:b2:62:
96:41:67:ba:ab:ef:b7:37:89:58:60:e9:73:a7:9a:
59:f7:06:28:1a:28:5d:ec:3f:e1:c0:14:04:84:15:
cc:60:63:68:ca:b8:89:c6:16:25:f4:9b:1e:a2:02:
54:f8:ed:8a:32:0c:62:76:15:24:32:cc:35:ce:a2:
44:86:b7:0a:86:f6:c0:1d:f3:a4:ea:41:6c:3d:b1:
19:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:59:BC:B3:91:5E:45:13:1A:B0:96:42:92:9B:95:4F:F5:44:8F:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:c00::/38
Signature Algorithm: sha256WithRSAEncryption
25:dd:e4:5c:e2:82:5a:a6:52:88:0d:54:f4:75:37:28:15:8e:
ec:2f:ea:c0:92:29:b8:58:46:75:93:d5:b9:6f:41:3a:38:84:
69:09:cb:c6:9a:fa:45:b6:7c:df:34:3f:e5:7c:5a:3a:eb:e0:
81:64:3b:ae:5a:75:9f:c6:cd:2a:68:7d:43:a8:dc:d4:ee:dd:
c8:f3:9b:6f:39:77:d8:9e:ff:6d:39:6a:1d:a7:7f:6b:14:54:
3c:0d:c3:37:e0:36:38:f9:d6:9b:ee:5d:72:c0:a5:3d:70:22:
7b:43:23:30:84:0a:3d:d5:fe:e7:7c:6f:3f:76:d7:ea:04:da:
09:e5:00:9b:2e:da:b6:3e:32:39:1d:d7:95:cf:fe:71:8e:e1:
19:66:04:b7:78:e4:b1:d8:88:03:80:53:74:d8:a1:20:12:6a:
78:6e:1c:40:e1:2e:be:e2:9a:62:89:31:df:c6:ad:30:ce:e2:
1c:b3:ad:c7:b5:04:98:20:db:b0:bc:8c:06:54:e3:83:ac:de:
51:c0:a9:ac:50:67:55:2a:a2:b0:9a:a1:e7:bd:83:36:9d:97:
92:4b:e6:79:4a:35:66:61:1b:c3:17:eb:6b:d4:a0:64:a0:03:
9a:6c:46:b6:9f:f5:7d:6a:d5:69:38:00:65:10:a2:a5:84:8b:
c8:34:b2:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK8DkpvpaQVTosJWR8JG7UhpDeWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NTU1MjRhMjE2YWU1ZmYxMmQ3MGU0MjdhNTI4Y2RlY2JlZGM5ZmFiYWRi
OTRjNWRlMzg5MDU3MWE3ZTlhNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTs0sketzEwTTOrUNmPWrWx2tcmA7fZYZmU3NaXZsQFWsGRV/CxC5CLw3uf
HF6gO+Tf5abWyl3Kn94+NrfrJTy6lcn78AGh2FGYRrPT4/6arGXZMAZTwfpjfEmN
Kwyz4Fg+u849pwm60omEa9Z7XtRe8JEGHerGxeUbfZZOISVUa5WkgyLUsfA8IHgZ
UgvWOMAC63bc9F1iVkHpXk2YjzCJLT/E24UosRa8xISfEHyxYLJilkFnuqvvtzeJ
WGDpc6eaWfcGKBooXew/4cAUBIQVzGBjaMq4icYWJfSbHqICVPjtijIMYnYVJDLM
Nc6iRIa3Cob2wB3zpOpBbD2xGR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZWbyz
kV5FExqwlkKSm5VP9USPMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NGUwNmEtYzgyNS00MGZlLWJmNTEtNWI3N2QzYmE0ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYM
MA0GCSqGSIb3DQEBCwUAA4IBAQAl3eRc4oJaplKIDVT0dTcoFY7sL+rAkim4WEZ1
k9W5b0E6OIRpCcvGmvpFtnzfND/lfFo66+CBZDuuWnWfxs0qaH1DqNzU7t3I85tv
OXfYnv9tOWodp39rFFQ8DcM34DY4+dab7l1ywKU9cCJ7QyMwhAo91f7nfG8/dtfq
BNoJ5QCbLtq2PjI5HdeVz/5xjuEZZgS3eOSx2IgDgFN02KEgEmp4bhxA4S6+4ppi
iTHfxq0wzuIcs63HtQSYINuwvIwGVOODrN5RwKmsUGdVKqKwmqHnvYM2nZeSS+Z5
SjVmYRvDF+tr1KBkoAOabEa2n/V9atVpOABlEKKlhIvINLJx
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:48 2025 by rpki-client