Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
File: 62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa (raw, json)
Hash identifier: j2kL3R/5mzfcKiTjfewkaRZKnpPF5ceUtBVQ7FFLGwY=
Subject key identifier: C3:4F:5B:03:56:25:C2:A1:33:3F:F9:AC:70:DD:0B:67:F0:9C:80:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C881A5C181BC829400C8FCA6066F8F51690D19C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:88:1a:5c:18:1b:c8:29:40:0c:8f:ca:60:66:f8:f5:16:90:d1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=2e9ce70ea0746d7575e5f7cac9b2e80c228843fa9ca7326c6be2a0473276c739, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cd:92:7e:62:77:89:fb:1e:18:e5:68:6a:8b:
ae:4d:00:dc:73:09:35:02:0f:f5:fe:82:09:b2:dd:
ed:f3:9f:ca:36:ed:35:59:f6:70:2a:b0:e2:5f:a5:
1b:3d:07:9b:0f:17:c0:0f:b8:5b:45:14:73:5d:5f:
d0:73:9e:ff:3f:48:d7:4b:18:8b:cf:e8:d4:e0:64:
1d:e8:b8:da:3d:fc:91:77:a7:0b:c3:dc:ce:f7:e9:
b8:5b:56:e7:52:88:24:af:ce:21:a3:5a:2b:c1:3f:
a5:59:a5:44:f4:8e:a9:80:9d:12:3e:73:1e:bf:23:
ce:f6:e6:45:32:2c:77:0d:b1:8d:23:2a:00:ec:d7:
7c:ea:fd:6a:b5:c5:c3:2a:6d:f4:d5:f1:1c:df:1e:
f9:28:6e:9c:27:a3:68:56:f3:d8:a7:02:04:9f:4e:
56:a8:f2:8f:56:71:c9:8e:6f:8d:13:2e:7e:a0:b5:
ff:1a:a1:e2:a2:6c:c2:65:24:a8:72:97:9e:3b:ea:
e0:26:c1:68:6d:f3:36:90:fa:27:8c:88:69:41:f7:
e9:14:0f:89:3f:83:79:0b:ff:9f:69:ef:18:d7:9d:
a7:00:75:a3:c0:a3:dd:e6:35:7e:1a:a8:82:a3:a9:
da:d3:a9:5d:18:a4:66:3c:70:4a:3e:8e:53:77:ea:
18:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:4F:5B:03:56:25:C2:A1:33:3F:F9:AC:70:DD:0B:67:F0:9C:80:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ff4e5e-9e65-44fc-af7f-4e44935ceb42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1080::/48
Signature Algorithm: sha256WithRSAEncryption
2d:a0:03:2c:b0:be:93:23:7b:de:46:66:3f:56:03:5e:c9:67:
90:c1:e5:09:b1:a9:8b:7c:1e:aa:16:00:ae:1f:12:9f:22:fd:
5f:60:fe:c5:2c:63:6b:83:97:dc:e2:05:d2:f4:f3:1f:04:a4:
ab:bf:6a:bc:d8:e7:d2:27:d9:cf:07:26:ca:f8:df:60:76:ec:
a2:ee:a9:c1:e9:99:93:66:8a:f6:19:61:d2:c9:a1:85:d1:e2:
c2:b6:86:0a:c9:16:c6:7e:69:86:24:3b:0c:b3:b8:b6:2a:0a:
d2:82:62:c5:82:55:33:1a:f9:1c:c5:f6:29:b5:c3:d7:9e:61:
e3:90:21:d0:85:53:ed:85:15:86:cd:b0:11:24:fb:aa:07:23:
d6:fa:0e:be:cc:79:81:e0:10:48:0e:a6:2e:15:5b:ea:e6:b9:
97:52:81:0e:ac:6c:28:b3:79:3c:b8:24:40:f5:42:77:33:5e:
2f:cb:bc:98:a4:18:da:71:0d:d1:9a:ea:2b:a4:18:cd:4f:2a:
55:c4:98:a8:55:48:d5:3f:dd:3c:e1:87:97:2b:6f:38:da:e6:
d4:ab:b9:a0:e9:c1:8f:06:74:52:ff:0e:65:43:bc:ca:08:6b:
34:fd:38:a5:d3:cc:64:23:5f:21:ae:e8:f4:e9:61:d9:6e:2b:
fc:fe:82:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbIgaXBgbyClADI/KYGb49RaQ0ZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlOWNlNzBlYTA3NDZkNzU3NWU1ZjdjYWM5YjJlODBjMjI4ODQzZmE5Y2E3
MzI2YzZiZTJhMDQ3MzI3NmM3MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfNkn5id4n7HhjlaGqLrk0A3HMJNQIP9f6CCbLd7fOfyjbtNVn2cCqw4l+l
Gz0Hmw8XwA+4W0UUc11f0HOe/z9I10sYi8/o1OBkHei42j38kXenC8PczvfpuFtW
51KIJK/OIaNaK8E/pVmlRPSOqYCdEj5zHr8jzvbmRTIsdw2xjSMqAOzXfOr9arXF
wypt9NXxHN8e+ShunCejaFbz2KcCBJ9OVqjyj1ZxyY5vjRMufqC1/xqh4qJswmUk
qHKXnjvq4CbBaG3zNpD6J4yIaUH36RQPiT+DeQv/n2nvGNedpwB1o8Cj3eY1fhqo
gqOp2tOpXRikZjxwSj6OU3fqGJ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDT1sD
ViXCoTM/+axw3Qtn8JyAXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJmZjRlNWUtOWU2NS00NGZjLWFmN2YtNGU0NDkzNWNlYjQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
gDANBgkqhkiG9w0BAQsFAAOCAQEALaADLLC+kyN73kZmP1YDXslnkMHlCbGpi3we
qhYArh8SnyL9X2D+xSxja4OX3OIF0vTzHwSkq79qvNjn0ifZzwcmyvjfYHbsou6p
wemZk2aK9hlh0smhhdHiwraGCskWxn5phiQ7DLO4tioK0oJixYJVMxr5HMX2KbXD
155h45Ah0IVT7YUVhs2wEST7qgcj1voOvsx5geAQSA6mLhVb6ua5l1KBDqxsKLN5
PLgkQPVCdzNeL8u8mKQY2nEN0ZrqK6QYzU8qVcSYqFVI1T/dPOGHlytvONrm1Ku5
oOnBjwZ0Uv8OZUO8yghrNP04pdPMZCNfIa7o9Olh2W4r/P6CcA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:49 2025 by rpki-client