Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
File: 669652b6-0b22-49a0-b29f-dfb51835c988.roa (raw, json)
Hash identifier: v1xOeEjekaLFd2W+zu1VPVc5HuBLp6YLD3MEUPwCwcU=
Subject key identifier: C5:47:A8:01:2E:18:38:EA:EA:17:53:B8:9E:DB:8D:0E:9B:C8:8A:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 098330D21E73DCFA0BAB22A4F73FE2B4FC8FBBFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:83:30:d2:1e:73:dc:fa:0b:ab:22:a4:f7:3f:e2:b4:fc:8f:bb:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=9a4ab946e81d762aa46b8ce0a16ecaf4625ad53f3817b497d5336233de08a39d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1c:08:de:c9:9d:90:88:ca:68:22:5d:79:0a:
e4:86:5a:6c:49:96:aa:e0:e9:b5:9f:e4:e1:33:38:
c4:4f:5f:a7:68:c6:48:01:c6:ff:b9:a3:0b:dd:31:
8c:df:4c:98:fb:75:e7:f6:a6:4a:3d:5e:1d:38:23:
e0:4b:ea:33:c6:59:28:75:ad:36:88:dc:bd:93:4e:
be:1b:1c:61:52:15:52:6c:14:de:9e:1c:f9:86:06:
f9:eb:ad:b3:b2:59:fb:d2:d2:1c:09:d6:d7:5c:3f:
e1:99:8d:99:bd:ed:d8:7d:a4:a5:2e:64:5f:98:bd:
3f:a3:ed:cc:d4:33:bd:c8:b9:27:21:4e:b5:c2:6d:
8b:00:db:d7:f5:3d:7c:12:c3:69:bf:4b:dc:f8:57:
13:24:b0:b0:7e:27:60:04:1d:39:c0:ca:60:15:97:
b0:f6:8a:a5:f4:59:96:61:57:5d:b6:18:c7:7c:c1:
bd:5d:b0:23:99:5a:b9:93:83:94:bc:6c:99:b2:3d:
6b:a9:c0:44:4b:26:80:91:75:7c:bd:a1:66:6a:5e:
71:7b:78:d8:e3:ba:e5:ed:9c:02:ef:b9:e4:b3:7f:
5c:4e:a8:61:17:db:b5:87:8b:17:d8:bf:f0:41:21:
00:38:33:46:ab:f0:0a:d9:9a:ef:7a:89:bb:02:db:
e6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:47:A8:01:2E:18:38:EA:EA:17:53:B8:9E:DB:8D:0E:9B:C8:8A:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/38
Signature Algorithm: sha256WithRSAEncryption
29:3c:ca:a6:4f:fd:a6:56:fc:c9:5b:79:e4:b1:77:8d:ce:38:
18:74:4a:86:9f:cd:13:45:29:9e:32:90:af:3e:70:7f:71:02:
5e:93:93:3a:48:cc:09:2a:3f:c5:a3:6a:a9:95:9a:2c:e9:81:
4f:4e:1b:ca:50:19:42:ac:08:18:24:cb:b8:4f:7c:d3:6e:96:
f1:bc:ff:ad:12:eb:b2:cd:84:27:10:9d:c9:03:97:00:e3:70:
05:f5:ee:0c:3c:73:ae:7e:05:d6:eb:f3:0f:f0:87:45:fc:b1:
d6:dc:14:22:c6:83:66:4a:5b:b7:c8:fa:00:48:c5:5a:6f:2b:
07:f5:e7:8e:da:c8:b4:85:9d:b6:c7:df:74:58:6c:38:90:b7:
d4:c2:ef:31:0f:d8:c8:72:0d:73:37:5b:66:35:18:10:00:de:
48:e9:f8:58:24:d3:ef:02:e6:8a:29:9a:3b:08:1d:ff:8b:f2:
24:63:43:81:17:4b:66:4a:6f:91:06:f9:3a:bb:c3:fc:d1:20:
e2:34:bf:1e:af:f2:ae:e5:0c:e3:7a:be:d8:f7:9d:23:f8:0d:
12:b4:a9:6e:ee:a2:75:72:05:97:67:ba:14:c8:84:1c:23:cf:
67:a8:93:f5:31:4a:28:07:c0:6c:d0:d1:e6:ef:a3:a6:a4:c0:
2e:25:35:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCYMw0h5z3PoLqyKk9z/itPyPu/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNGFiOTQ2ZTgxZDc2MmFhNDZiOGNlMGExNmVjYWY0NjI1YWQ1M2YzODE3
YjQ5N2Q1MzM2MjMzZGUwOGEzOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgcCN7JnZCIymgiXXkK5IZabEmWquDptZ/k4TM4xE9fp2jGSAHG/7mjC90x
jN9MmPt15/amSj1eHTgj4EvqM8ZZKHWtNojcvZNOvhscYVIVUmwU3p4c+YYG+eut
s7JZ+9LSHAnW11w/4ZmNmb3t2H2kpS5kX5i9P6PtzNQzvci5JyFOtcJtiwDb1/U9
fBLDab9L3PhXEySwsH4nYAQdOcDKYBWXsPaKpfRZlmFXXbYYx3zBvV2wI5lauZOD
lLxsmbI9a6nAREsmgJF1fL2hZmpecXt42OO65e2cAu+55LN/XE6oYRfbtYeLF9i/
8EEhADgzRqvwCtma73qJuwLb5pECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFR6gB
Lhg46uoXU7ie240Om8iKrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjY5NjUyYjYtMGIyMi00OWEwLWIyOWYtZGZiNTE4MzVjOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQApPMqmT/2mVvzJW3nksXeNzjgYdEqGn80TRSme
MpCvPnB/cQJek5M6SMwJKj/Fo2qplZos6YFPThvKUBlCrAgYJMu4T3zTbpbxvP+t
EuuyzYQnEJ3JA5cA43AF9e4MPHOufgXW6/MP8IdF/LHW3BQixoNmSlu3yPoASMVa
bysH9eeO2si0hZ22x990WGw4kLfUwu8xD9jIcg1zN1tmNRgQAN5I6fhYJNPvAuaK
KZo7CB3/i/IkY0OBF0tmSm+RBvk6u8P80SDiNL8er/Ku5Qzjer7Y950j+A0StKlu
7qJ1cgWXZ7oUyIQcI89nqJP1MUooB8Bs0NHm76OmpMAuJTWb
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:21 2025 by rpki-client