Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
File: 64b71704-2a76-40c8-a5e1-57ebfb451913.roa (raw, json)
Hash identifier: FFf2UI/L6xfvwldvrRWOafD73iqE8rEoj+E/X2/Moo8=
Subject key identifier: DC:E2:BB:4D:54:1B:9C:2C:45:50:B4:1D:85:6B:3B:C9:28:A0:71:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76C83F021308832E26F317FA29C3739A56CC5595
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c8:3f:02:13:08:83:2e:26:f3:17:fa:29:c3:73:9a:56:cc:55:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=e9d4d69433d8d9830a41fc29fa910468d65a5788b4634ccb7f252080ce2dcdf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8b:4b:9f:a7:78:13:cb:f8:2a:15:74:9d:85:
3e:49:30:e4:29:3f:9f:8e:9b:a5:e7:88:4f:20:b6:
9b:e5:b0:6a:f4:c2:ec:4a:3e:ed:1b:70:0b:57:77:
66:b2:eb:20:cc:27:2f:21:cc:5c:7b:22:2e:96:c0:
15:dd:0b:9c:c7:0c:96:f3:fd:cb:8e:41:63:e8:6d:
2f:c7:0e:69:3f:c8:7d:d7:23:2b:12:b8:cb:08:88:
ce:03:37:b3:66:e7:fc:8d:4f:d3:46:3b:47:e7:c7:
d6:b6:b8:e6:a0:52:11:36:57:24:cb:51:69:d8:bb:
ca:45:fc:4d:18:79:2f:7c:59:91:91:41:92:61:01:
16:1f:3e:2b:b0:6f:49:97:d3:a2:9f:5e:0c:6e:97:
c3:74:bc:b9:87:7f:cb:92:41:e0:b6:c2:a3:0b:49:
8d:fd:78:0a:8a:b7:9f:73:97:8c:13:8c:33:f4:c4:
17:8a:3b:54:9f:08:ec:75:70:f3:60:ef:4d:13:4b:
31:c8:be:f7:8a:31:90:40:c4:05:76:6f:3a:94:42:
2d:20:e9:97:ee:df:a5:43:dd:e0:61:2c:48:bd:c6:
39:b5:56:29:4c:29:7c:f9:c0:5f:f0:95:c0:73:79:
63:c5:08:2b:6b:9f:a6:4d:ea:ac:30:d3:0c:16:bc:
54:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E2:BB:4D:54:1B:9C:2C:45:50:B4:1D:85:6B:3B:C9:28:A0:71:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e080::/46
Signature Algorithm: sha256WithRSAEncryption
13:aa:01:9d:28:f2:87:0c:98:aa:f6:e3:54:7f:1a:3f:5f:05:
59:88:5e:a6:fb:18:c6:25:d8:78:37:c6:da:84:43:6d:b2:06:
f6:f3:82:56:13:fc:47:ef:59:d1:eb:4e:ae:c6:e5:9b:2b:06:
12:0d:f1:62:c1:57:b6:3c:d8:2f:b9:0f:db:59:e9:3c:90:ef:
3d:38:55:47:06:2d:ed:cd:d3:52:42:94:fc:41:fa:e6:5e:d3:
fe:89:c0:4b:7a:c6:5e:88:06:c6:08:12:56:00:7b:bd:d4:a2:
cc:73:7e:97:b3:f0:d0:14:a2:f0:59:8e:ce:8b:6e:e8:f5:48:
f0:1b:b9:69:69:63:40:e2:a5:74:40:60:74:19:0a:7d:93:eb:
60:4d:81:2f:ad:dc:6d:b7:4b:81:ed:25:fb:ec:55:b0:f2:6e:
11:a2:cb:95:ad:9c:98:fb:97:d0:3e:a8:9b:69:85:23:b6:48:
99:4b:9b:06:30:5f:40:fd:01:2e:0f:1c:ae:cf:c5:19:71:a0:
ab:c6:8a:eb:08:90:d4:23:1f:3c:1c:15:2c:d2:11:1c:1c:59:
e6:3b:84:9d:05:d8:6b:c7:bf:7d:1e:2e:09:e5:63:08:e7:74:
5e:5d:20:14:69:ef:e4:b1:39:05:d0:74:7f:b7:9b:00:c5:26:
de:8b:d1:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdsg/AhMIgy4m8xf6KcNzmlbMVZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZDRkNjk0MzNkOGQ5ODMwYTQxZmMyOWZhOTEwNDY4ZDY1YTU3ODhiNDYz
NGNjYjdmMjUyMDgwY2UyZGNkZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiLS5+neBPL+CoVdJ2FPkkw5Ck/n46bpeeITyC2m+WwavTC7Eo+7RtwC1d3
ZrLrIMwnLyHMXHsiLpbAFd0LnMcMlvP9y45BY+htL8cOaT/IfdcjKxK4ywiIzgM3
s2bn/I1P00Y7R+fH1ra45qBSETZXJMtRadi7ykX8TRh5L3xZkZFBkmEBFh8+K7Bv
SZfTop9eDG6Xw3S8uYd/y5JB4LbCowtJjf14Coq3n3OXjBOMM/TEF4o7VJ8I7HVw
82DvTRNLMci+94oxkEDEBXZvOpRCLSDpl+7fpUPd4GEsSL3GObVWKUwpfPnAX/CV
wHN5Y8UIK2ufpk3qrDDTDBa8VAsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTc4rtN
VBucLEVQtB2FazvJKKBx2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjRiNzE3MDQtMmE3Ni00MGM4LWE1ZTEtNTdlYmZiNDUxOTEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
gDANBgkqhkiG9w0BAQsFAAOCAQEAE6oBnSjyhwyYqvbjVH8aP18FWYhepvsYxiXY
eDfG2oRDbbIG9vOCVhP8R+9Z0etOrsblmysGEg3xYsFXtjzYL7kP21npPJDvPThV
RwYt7c3TUkKU/EH65l7T/onAS3rGXogGxggSVgB7vdSizHN+l7Pw0BSi8FmOzotu
6PVI8Bu5aWljQOKldEBgdBkKfZPrYE2BL63cbbdLge0l++xVsPJuEaLLla2cmPuX
0D6om2mFI7ZImUubBjBfQP0BLg8crs/FGXGgq8aK6wiQ1CMfPBwVLNIRHBxZ5juE
nQXYa8e/fR4uCeVjCOd0Xl0gFGnv5LE5BdB0f7ebAMUm3ovR2Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:28 2025 by rpki-client