Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
File: 63af811a-6e40-455f-b7a8-223951036a11.roa (raw, json)
Hash identifier: iKQzkK5oNq8n7fr22z8N0aQyX2EaBbvgXCZE372l70A=
Subject key identifier: 7F:9B:93:60:A2:83:A1:C6:44:DF:86:B8:13:DB:C0:43:3B:87:7D:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E905026CF64DCBD9676F159A8071EB8B7FE5E25
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:90:50:26:cf:64:dc:bd:96:76:f1:59:a8:07:1e:b8:b7:fe:5e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=06c22beff6c6b9df304609a641965c2b25e3a9c3ec32be265d03288e7c5ae548, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:cc:7d:a0:c1:9f:e8:4d:23:97:6a:4f:1d:
82:73:e8:ce:1d:f5:4b:5a:55:2e:30:db:dc:32:93:
b4:f2:70:c8:61:74:7f:fa:6d:5c:79:3d:71:62:81:
ea:d4:af:d8:29:bb:69:45:d6:08:78:13:af:f8:ec:
27:ce:f5:26:8d:21:c7:ab:c4:d9:40:60:79:69:7b:
f1:56:7a:55:a8:7a:d2:ba:85:cf:87:5b:7b:19:ff:
e2:3e:58:a6:b7:f1:49:16:f2:a9:53:80:88:97:cc:
0f:26:a1:d5:e7:4b:96:a2:a2:58:fb:53:ca:43:1e:
10:71:c4:ef:4e:8c:c7:bd:c8:0d:f3:d4:6f:24:5d:
7b:2d:ea:c4:f5:32:fd:aa:a1:c5:07:68:93:e5:a3:
ed:ee:ac:9b:67:99:2d:c3:af:12:5f:2c:52:9e:ef:
d0:f8:b9:0b:90:dd:7d:8c:ae:68:73:12:50:ba:4c:
1e:fc:87:d9:00:e3:24:c3:3a:da:65:6a:fe:9b:5f:
2f:10:50:1c:8e:84:b6:57:25:0c:02:f1:df:75:bc:
07:ca:81:ee:8c:3a:53:e0:2e:3a:1d:44:f3:7a:8a:
15:1d:59:99:7a:1b:9d:3f:44:03:eb:19:88:b8:2e:
28:60:4e:49:0d:e2:d3:54:89:b4:6a:7e:99:a7:1e:
88:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:9B:93:60:A2:83:A1:C6:44:DF:86:B8:13:DB:C0:43:3B:87:7D:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9000::/40
Signature Algorithm: sha256WithRSAEncryption
01:07:d9:ae:f2:ef:44:67:ff:b0:aa:82:5c:53:87:d4:b9:48:
83:4d:eb:ab:39:2d:ac:20:4f:18:33:a3:ea:a6:45:fa:f3:f0:
41:a8:be:d4:c9:e4:1d:7c:9f:7b:08:10:ac:7b:76:db:8b:07:
49:78:f1:44:f2:9d:97:a9:3c:22:17:90:eb:a4:48:63:a9:57:
10:0d:18:0f:73:a7:3e:b8:75:b5:f8:8b:51:a0:63:24:94:f3:
a4:b4:2f:e4:7d:b4:a7:83:94:e6:f5:62:93:29:a9:a5:45:e1:
e1:f4:15:6d:b2:75:c5:53:b7:4a:41:73:91:35:5f:76:65:04:
30:a8:3e:ce:94:b6:ef:ed:ec:49:3f:fb:9c:15:f0:e7:9f:48:
5c:04:3b:41:3e:d2:e7:8f:a9:78:7c:53:9b:81:1d:78:50:c8:
f9:30:4b:5c:40:49:95:f0:40:76:b1:79:3f:1e:9a:27:82:6c:
3d:91:b2:49:5f:78:86:1d:4a:59:f7:48:83:67:5e:be:01:f8:
5c:e4:c6:91:0a:f9:aa:16:40:03:49:85:c4:89:66:89:e0:ed:
e3:84:3e:d6:78:33:e5:45:c9:cc:de:a7:97:17:58:7c:7b:b5:
5f:13:35:d7:2c:4f:20:d4:79:a8:f7:89:24:49:f0:73:3e:3a:
75:5b:45:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULpBQJs9k3L2WdvFZqAceuLf+XiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2YzIyYmVmZjZjNmI5ZGYzMDQ2MDlhNjQxOTY1YzJiMjVlM2E5YzNlYzMy
YmUyNjVkMDMyODhlN2M1YWU1NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjvzH2gwZ/oTSOXak8dgnPozh31S1pVLjDb3DKTtPJwyGF0f/ptXHk9cWKB
6tSv2Cm7aUXWCHgTr/jsJ871Jo0hx6vE2UBgeWl78VZ6Vah60rqFz4dbexn/4j5Y
prfxSRbyqVOAiJfMDyah1edLlqKiWPtTykMeEHHE706Mx73IDfPUbyRdey3qxPUy
/aqhxQdok+Wj7e6sm2eZLcOvEl8sUp7v0Pi5C5DdfYyuaHMSULpMHvyH2QDjJMM6
2mVq/ptfLxBQHI6EtlclDALx33W8B8qB7ow6U+AuOh1E83qKFR1ZmXobnT9EA+sZ
iLguKGBOSQ3i01SJtGp+maceiL0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/m5Ng
ooOhxkTfhrgT28BDO4d9WzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjNhZjgxMWEtNmU0MC00NTVmLWI3YTgtMjIzOTUxMDM2YTExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQABB9mu8u9EZ/+wqoJcU4fUuUiDTeurOS2sIE8Y
M6PqpkX68/BBqL7UyeQdfJ97CBCse3bbiwdJePFE8p2XqTwiF5DrpEhjqVcQDRgP
c6c+uHW1+ItRoGMklPOktC/kfbSng5Tm9WKTKamlReHh9BVtsnXFU7dKQXORNV92
ZQQwqD7OlLbv7exJP/ucFfDnn0hcBDtBPtLnj6l4fFObgR14UMj5MEtcQEmV8EB2
sXk/Hpongmw9kbJJX3iGHUpZ90iDZ16+Afhc5MaRCvmqFkADSYXEiWaJ4O3jhD7W
eDPlRcnM3qeXF1h8e7VfEzXXLE8g1Hmo94kkSfBzPjp1W0XO
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:08 2025 by rpki-client