Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json)
Hash identifier: eoO/eVLbmtBEZZP/zf5hB/1fKavd/NWRLPvQvaArgQM=
Subject key identifier: EF:5F:87:55:7B:DD:31:D1:FC:FE:E8:AC:56:95:FB:E0:B0:3F:84:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29179E02F4E48834A98D9B81B0E7BAF734C0DD64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:17:9e:02:f4:e4:88:34:a9:8d:9b:81:b0:e7:ba:f7:34:c0:dd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3c8fd8ebb523ff2567746b2ceb035eba1d257425a38de8569a5c3b724c5648b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7d:f5:08:17:37:77:84:34:86:ab:eb:a7:f7:
95:d8:51:34:79:e0:14:a7:dc:47:1d:f1:c6:ba:e3:
9a:50:f2:2c:b9:81:89:fe:36:df:31:67:ac:b4:4c:
7c:70:fc:13:b0:15:bb:42:b4:4c:9d:99:e1:75:6c:
c4:40:a8:3e:21:d7:86:60:ac:e1:43:b2:bc:20:a0:
73:22:33:fb:51:a1:10:e1:1f:03:77:f9:bc:c1:04:
ea:b9:df:01:1f:65:99:56:54:3e:97:f3:98:46:6e:
51:6b:d7:aa:c4:54:f1:df:2f:a6:49:db:ec:d5:bd:
10:bf:6c:3d:05:3a:d9:ba:4b:0d:aa:f6:78:b6:46:
46:38:0b:20:fc:96:d6:e3:e2:c7:51:cc:ad:93:4d:
5e:8a:67:11:39:31:25:34:2e:09:2e:74:5c:5a:48:
65:f9:4b:b8:d7:24:01:8c:e4:b5:55:87:6b:97:ad:
60:41:ad:63:4a:50:87:f1:4d:a2:dd:3e:99:51:1b:
cb:89:06:3d:d6:dc:42:be:7a:a1:7f:53:64:b7:3f:
92:2f:0a:18:68:f7:05:7b:38:a4:ca:f9:76:3b:1b:
a6:c8:d7:13:32:10:e2:32:5e:fd:47:4d:63:12:24:
45:dd:bd:8c:42:62:e7:38:af:4c:e3:d9:7f:41:48:
98:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5F:87:55:7B:DD:31:D1:FC:FE:E8:AC:56:95:FB:E0:B0:3F:84:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:a000::/40
Signature Algorithm: sha256WithRSAEncryption
79:a3:88:32:a8:d0:69:bc:ce:ee:84:60:d5:58:12:3a:63:86:
34:42:85:bd:cf:c0:d6:4e:ee:6f:b6:f8:d2:68:3e:85:b8:a5:
29:ae:6b:05:07:22:47:f4:16:78:db:07:d7:10:68:cc:f9:84:
ac:d7:71:7b:c0:e2:62:c2:ff:c9:0a:04:89:f3:08:a1:71:a7:
63:a8:33:42:59:99:68:0d:d3:a6:12:43:0f:c3:7d:40:2f:4d:
6d:5b:6a:dc:00:6d:c8:0f:3c:c2:5d:9f:c9:3c:44:b9:2d:c6:
5a:4d:ec:1e:df:01:3e:d8:f8:19:2a:de:cf:f6:06:d7:38:af:
cc:9b:ce:4b:57:ea:c2:74:2d:96:b3:9a:66:70:f9:32:17:b5:
79:f2:09:53:07:67:72:f4:e4:da:1c:0a:00:40:1a:f4:bc:4d:
92:14:46:34:82:96:6b:84:71:18:7f:f8:1f:0e:91:11:41:e3:
76:07:c4:0c:50:d6:ab:74:39:18:83:ed:24:86:da:ac:79:08:
55:20:4e:7b:fc:1c:3a:08:a3:a3:54:c1:f6:b5:77:d6:fd:80:
7d:f1:a4:87:9b:60:f5:76:5e:e0:59:e1:30:f6:3d:66:20:2f:
22:a0:59:7f:b3:dc:c6:54:1a:96:4c:55:27:50:1f:8a:df:17:
01:a4:65:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKReeAvTkiDSpjZuBsOe69zTA3WQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjOGZkOGViYjUyM2ZmMjU2Nzc0NmIyY2ViMDM1ZWJhMWQyNTc0MjVhMzhk
ZTg1NjlhNWMzYjcyNGM1NjQ4YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK599QgXN3eENIar66f3ldhRNHngFKfcRx3xxrrjmlDyLLmBif423zFnrLRM
fHD8E7AVu0K0TJ2Z4XVsxECoPiHXhmCs4UOyvCCgcyIz+1GhEOEfA3f5vMEE6rnf
AR9lmVZUPpfzmEZuUWvXqsRU8d8vpknb7NW9EL9sPQU62bpLDar2eLZGRjgLIPyW
1uPix1HMrZNNXopnETkxJTQuCS50XFpIZflLuNckAYzktVWHa5etYEGtY0pQh/FN
ot0+mVEby4kGPdbcQr56oX9TZLc/ki8KGGj3BXs4pMr5djsbpsjXEzIQ4jJe/UdN
YxIkRd29jEJi5zivTOPZf0FImHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvX4dV
e90x0fz+6KxWlfvgsD+EXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig
MA0GCSqGSIb3DQEBCwUAA4IBAQB5o4gyqNBpvM7uhGDVWBI6Y4Y0QoW9z8DWTu5v
tvjSaD6FuKUprmsFByJH9BZ42wfXEGjM+YSs13F7wOJiwv/JCgSJ8wihcadjqDNC
WZloDdOmEkMPw31AL01tW2rcAG3IDzzCXZ/JPES5LcZaTewe3wE+2PgZKt7P9gbX
OK/Mm85LV+rCdC2Ws5pmcPkyF7V58glTB2dy9OTaHAoAQBr0vE2SFEY0gpZrhHEY
f/gfDpERQeN2B8QMUNardDkYg+0khtqseQhVIE57/Bw6CKOjVMH2tXfW/YB98aSH
m2D1dl7gWeEw9j1mIC8ioFl/s9zGVBqWTFUnUB+K3xcBpGVP
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:38 2025 by rpki-client