Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
File: 5f28c807-572d-4641-be39-53109963f4c3.roa (raw, json)
Hash identifier: Upla3SarJac0kpTua/qOi5XKstsJK8fKsPEUwgIAdvM=
Subject key identifier: 02:E3:FE:5D:C1:8E:AC:AA:83:77:B6:87:C5:31:50:95:53:4F:4F:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7715ACAC538C11C55684DCA8509800C6CBDA1AE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:a000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:15:ac:ac:53:8c:11:c5:56:84:dc:a8:50:98:00:c6:cb:da:1a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a519bb424a3025f935837c6eb0b9177824538e52518bc053a2623aa7580c5cee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dd:f1:ee:b7:54:58:4b:bd:45:d3:ad:39:66:
f2:c8:be:8d:d1:11:67:b6:85:8d:01:72:26:a0:86:
84:1d:80:a0:b9:61:5f:56:76:f9:e5:a2:f2:7d:c3:
59:4c:23:81:f3:83:f0:15:7a:08:60:59:46:4c:96:
39:4d:76:ad:a1:ee:20:80:e8:78:96:8d:29:2a:50:
fe:60:a1:6d:a2:f7:91:eb:4c:5d:5b:c0:c8:6e:33:
bc:b8:b0:4c:c5:22:f3:59:85:be:54:83:6f:09:bf:
9f:5d:fc:93:60:9b:43:81:16:d6:66:87:39:3b:8a:
7a:9b:74:e4:6c:5a:3a:5f:2a:56:2e:25:90:42:1e:
02:80:f5:46:71:d5:90:d8:60:75:74:cc:3f:50:27:
45:c0:87:b0:0c:55:60:65:04:44:04:d9:c5:8c:54:
a2:d0:78:a7:9a:3b:76:fd:c6:51:c8:0a:57:9b:4b:
d9:a0:2f:a1:42:98:27:79:68:42:c1:df:ed:7f:b9:
7c:fd:f8:4c:74:42:f5:19:1b:43:12:34:04:de:09:
6a:33:75:17:a7:67:a8:ee:42:09:bf:12:91:c2:35:
99:b4:d3:be:53:ff:a5:c5:70:4b:b3:bc:62:34:d9:
99:e2:8f:78:a3:a9:0f:f4:c5:76:6f:41:53:90:6c:
a5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E3:FE:5D:C1:8E:AC:AA:83:77:B6:87:C5:31:50:95:53:4F:4F:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:a000::/40
Signature Algorithm: sha256WithRSAEncryption
62:08:62:71:15:f9:89:53:74:9e:a0:d3:7c:4c:f0:b6:3a:79:
f1:a9:4e:f8:bc:f5:e8:72:8d:45:d6:cf:e1:e4:04:5f:97:63:
ad:33:1d:b7:96:c0:b1:a0:6a:b8:e6:c9:c2:5c:c7:ac:54:eb:
85:4c:5a:0f:a2:6c:6c:43:ba:86:8d:af:47:46:c4:13:df:80:
53:f6:92:fe:2c:02:94:ac:0a:ad:2e:26:b8:1f:ac:f0:e5:51:
f9:00:08:28:40:f8:a5:96:ed:ae:2f:39:24:38:87:7a:52:54:
e6:82:9b:aa:da:9e:1c:2f:03:5b:e7:30:5b:78:e2:14:bc:34:
0b:6f:30:6e:1f:dd:b2:7b:be:95:1b:4d:9b:f7:0e:cd:be:4a:
94:80:5e:f7:a3:5d:5a:4e:bb:0b:df:4d:eb:db:0d:2f:e9:c0:
94:6e:5c:a5:6c:dc:6a:bf:23:85:07:65:10:a5:fc:6a:06:df:
de:9b:f4:8e:37:b4:a2:d1:26:95:34:f9:3e:d1:85:a4:14:49:
ba:a6:29:c2:29:80:d5:66:7b:be:60:94:8d:15:e0:e0:a1:d0:
b4:9e:04:f8:32:37:a1:24:d7:87:59:73:a0:c7:e3:f4:b1:75:
59:ed:3d:01:63:e0:32:cc:37:70:74:dc:ca:79:c2:65:a3:ac:
5e:86:df:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdxWsrFOMEcVWhNyoUJgAxsvaGuQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MTliYjQyNGEzMDI1ZjkzNTgzN2M2ZWIwYjkxNzc4MjQ1MzhlNTI1MThi
YzA1M2EyNjIzYWE3NTgwYzVjZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjd8e63VFhLvUXTrTlm8si+jdERZ7aFjQFyJqCGhB2AoLlhX1Z2+eWi8n3D
WUwjgfOD8BV6CGBZRkyWOU12raHuIIDoeJaNKSpQ/mChbaL3ketMXVvAyG4zvLiw
TMUi81mFvlSDbwm/n138k2CbQ4EW1maHOTuKept05GxaOl8qVi4lkEIeAoD1RnHV
kNhgdXTMP1AnRcCHsAxVYGUERATZxYxUotB4p5o7dv3GUcgKV5tL2aAvoUKYJ3lo
QsHf7X+5fP34THRC9RkbQxI0BN4JajN1F6dnqO5CCb8SkcI1mbTTvlP/pcVwS7O8
YjTZmeKPeKOpD/TFdm9BU5BspRkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQC4/5d
wY6sqoN3tofFMVCVU09PBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYyOGM4MDctNTcyZC00NjQxLWJlMzktNTMxMDk5NjNmNGMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dag
MA0GCSqGSIb3DQEBCwUAA4IBAQBiCGJxFfmJU3SeoNN8TPC2OnnxqU74vPXoco1F
1s/h5ARfl2OtMx23lsCxoGq45snCXMesVOuFTFoPomxsQ7qGja9HRsQT34BT9pL+
LAKUrAqtLia4H6zw5VH5AAgoQPillu2uLzkkOId6UlTmgpuq2p4cLwNb5zBbeOIU
vDQLbzBuH92ye76VG02b9w7NvkqUgF73o11aTrsL303r2w0v6cCUblylbNxqvyOF
B2UQpfxqBt/em/SON7Si0SaVNPk+0YWkFEm6pinCKYDVZnu+YJSNFeDgodC0ngT4
MjehJNeHWXOgx+P0sXVZ7T0BY+AyzDdwdNzKecJlo6xeht8h
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:01:59 2025 by rpki-client