Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json)
Hash identifier: HO2YE3lOVqhKbKBQ0Z1hPPwHlhZvJQ+OBLiIfhK8t2o=
Subject key identifier: B6:8F:87:FB:D7:7C:DD:0F:C9:33:AA:FF:F9:FE:C4:2D:39:C3:68:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E8E7B2BB87F2A685A00EE74963ED6D04D3C5903
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:8e:7b:2b:b8:7f:2a:68:5a:00:ee:74:96:3e:d6:d0:4d:3c:59:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=e7bae8af26c842ad3cadb88c6f9fadec7ffc7ebc39e83727a1db25a5a96bfd09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0d:72:f1:70:2a:00:f2:a9:07:02:99:a6:e4:
5b:e0:e8:3a:6a:48:cc:48:12:0a:76:f6:8c:be:b6:
0b:78:aa:94:2b:55:45:59:a4:74:3c:91:8b:c5:9f:
db:8e:a2:1f:76:e9:40:8e:b5:a0:d9:2c:05:2e:ba:
b0:5a:25:97:90:37:2f:fc:5d:3c:d6:a1:1d:6e:54:
4b:2b:4a:2b:02:59:bd:30:18:0f:15:69:44:6e:08:
02:9f:c0:f1:66:bd:54:34:1d:2d:8c:dc:59:e2:6d:
68:53:4f:60:de:74:c1:4f:06:95:ce:da:90:91:02:
74:2c:00:c0:95:0a:d6:3f:6d:8d:1d:bf:d8:a7:e8:
e2:21:ff:80:62:28:2a:ba:13:e4:d4:a4:54:88:07:
f8:32:d2:2f:02:ac:52:c9:ad:a5:be:59:a6:b1:c1:
c2:30:fc:b3:02:31:55:30:d3:22:09:82:c0:97:6c:
4c:b9:6a:14:07:c4:5e:e4:10:f3:3c:7e:75:45:fd:
06:ec:a0:37:ec:f8:42:34:c4:d6:72:a9:bc:71:22:
4f:52:a9:d7:aa:54:14:da:93:b0:b6:03:0f:6e:59:
9f:d8:67:a3:af:f5:d7:f3:48:8b:2e:5d:61:2d:11:
b6:82:2c:a1:75:24:29:69:dc:19:43:e3:ee:c0:4d:
4b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:8F:87:FB:D7:7C:DD:0F:C9:33:AA:FF:F9:FE:C4:2D:39:C3:68:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:400::/38
Signature Algorithm: sha256WithRSAEncryption
81:2d:3f:33:86:72:0a:03:cf:cf:9a:bf:62:55:ea:54:de:b1:
71:65:65:7c:0b:d7:36:38:9d:5e:a4:01:24:dd:34:ff:71:3f:
70:4c:41:0a:24:e1:a3:18:f8:bb:e8:a0:6d:f6:f2:9c:db:d3:
a6:a5:55:b8:fe:40:c6:1f:25:8c:d0:12:0a:77:9c:9a:ba:de:
33:37:74:4f:3e:5e:50:7b:88:73:75:af:1e:d2:b4:37:f9:5b:
c5:af:57:9c:ae:f2:07:69:17:0a:62:39:17:49:f0:63:4d:fa:
92:bf:8c:dc:41:dd:ae:c0:b9:f2:17:54:7e:0b:ab:f0:63:75:
0b:60:96:24:55:47:6b:d3:b0:ae:dd:a8:2f:e5:c2:70:74:e3:
cb:ce:5f:af:ea:29:67:5c:83:f7:57:32:1c:c5:c2:99:6b:8f:
96:01:5f:35:40:b3:70:d9:b9:e2:2a:a6:57:0c:cc:0d:5a:23:
a6:18:ef:06:7e:4e:da:64:1d:76:69:75:52:23:d9:60:46:aa:
11:26:77:6b:2f:06:2a:ff:76:c5:b5:9e:ac:9a:f8:79:5d:82:
a4:15:0a:35:68:67:e2:f5:c5:4f:0f:db:a9:cd:44:e7:37:be:
df:62:87:c3:9d:e5:07:8a:f0:03:aa:f9:69:53:40:90:e4:6b:
70:ed:9b:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULo57K7h/KmhaAO50lj7W0E08WQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3YmFlOGFmMjZjODQyYWQzY2FkYjg4YzZmOWZhZGVjN2ZmYzdlYmMzOWU4
MzcyN2ExZGIyNWE1YTk2YmZkMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMENcvFwKgDyqQcCmabkW+DoOmpIzEgSCnb2jL62C3iqlCtVRVmkdDyRi8Wf
246iH3bpQI61oNksBS66sFoll5A3L/xdPNahHW5USytKKwJZvTAYDxVpRG4IAp/A
8Wa9VDQdLYzcWeJtaFNPYN50wU8Glc7akJECdCwAwJUK1j9tjR2/2Kfo4iH/gGIo
KroT5NSkVIgH+DLSLwKsUsmtpb5ZprHBwjD8swIxVTDTIgmCwJdsTLlqFAfEXuQQ
8zx+dUX9BuygN+z4QjTE1nKpvHEiT1Kp16pUFNqTsLYDD25Zn9hno6/11/NIiy5d
YS0RtoIsoXUkKWncGUPj7sBNSykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2j4f7
13zdD8kzqv/5/sQtOcNoXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE
MA0GCSqGSIb3DQEBCwUAA4IBAQCBLT8zhnIKA8/Pmr9iVepU3rFxZWV8C9c2OJ1e
pAEk3TT/cT9wTEEKJOGjGPi76KBt9vKc29OmpVW4/kDGHyWM0BIKd5yaut4zN3RP
Pl5Qe4hzda8e0rQ3+VvFr1ecrvIHaRcKYjkXSfBjTfqSv4zcQd2uwLnyF1R+C6vw
Y3ULYJYkVUdr07Cu3agv5cJwdOPLzl+v6ilnXIP3VzIcxcKZa4+WAV81QLNw2bni
KqZXDMwNWiOmGO8Gfk7aZB12aXVSI9lgRqoRJndrLwYq/3bFtZ6smvh5XYKkFQo1
aGfi9cVPD9upzUTnN77fYofDneUHivADqvlpU0CQ5Gtw7ZuE
-----END CERTIFICATE-----
Generated at Fri May 2 17:24:24 2025 by rpki-client