Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/69802baa-274e-464f-9528-c2e45ae56d0d.roa
File: 69802baa-274e-464f-9528-c2e45ae56d0d.roa (raw, json)
Hash identifier: qDpfV9R/JbCFVaGxvmwq19CUY2f3q25pq1ovjNZJDVI=
Subject key identifier: 35:2D:8A:E7:86:CF:3A:18:D9:7F:57:D2:05:D8:47:22:B7:6B:96:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15E5D59A2A5BFA460EAA7FD04213E70D0E1B2E5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/69802baa-274e-464f-9528-c2e45ae56d0d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:e5:d5:9a:2a:5b:fa:46:0e:aa:7f:d0:42:13:e7:0d:0e:1b:2e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c97653fd8054987a960d7823513ea485f802bef42dc8803ead628dbe226872a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6f:46:0a:28:90:af:6d:db:90:13:f8:b0:5e:
62:d4:62:4e:33:ea:af:41:76:0d:5a:ff:bd:31:e4:
dd:2c:6d:03:eb:81:8c:b3:13:01:56:4d:fc:98:88:
68:9c:22:ef:d0:f5:a4:de:b0:f5:48:f5:4b:31:a1:
a7:3c:67:50:92:fd:eb:76:5e:f2:c3:a3:29:37:d7:
1f:b5:9f:4a:f4:4c:e9:c7:06:f2:9b:2a:43:3c:72:
f3:77:4b:34:71:78:8b:40:ba:f4:d4:78:ef:20:7c:
fb:9b:3e:5d:03:6b:d3:46:1f:a6:ca:d6:6a:b2:7f:
ef:85:08:4c:b8:f3:c4:8f:1e:bb:a2:e9:17:9c:c2:
3f:e9:4f:03:b3:fa:b9:9a:45:61:c2:3f:40:35:da:
70:a2:42:b2:62:bc:e1:dc:63:a8:8d:16:26:ef:94:
c9:18:5e:f6:32:42:9f:e6:38:14:f1:fb:ae:9d:48:
8e:a9:aa:b1:b1:cb:98:84:b1:35:68:c3:6b:b6:9b:
d0:58:b9:1e:55:f3:45:e1:50:ac:d0:cb:b3:a3:7d:
47:11:d2:78:72:87:3d:d4:47:9b:84:b6:fb:7c:28:
79:15:ec:1e:02:44:c3:2f:e5:52:a1:f5:2c:5d:c8:
d7:4a:a8:fe:72:52:45:41:7e:1c:2f:5a:e6:93:72:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2D:8A:E7:86:CF:3A:18:D9:7F:57:D2:05:D8:47:22:B7:6B:96:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/69802baa-274e-464f-9528-c2e45ae56d0d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e040::/48
Signature Algorithm: sha256WithRSAEncryption
2f:e3:42:df:13:db:7a:cb:0f:fc:ef:fc:f4:45:86:fa:d6:e4:
30:df:17:9b:9d:2a:a7:54:3a:08:83:d7:f3:86:0f:11:ff:af:
7e:93:34:90:a6:5e:44:a4:22:88:9f:ed:4d:01:55:37:18:ca:
70:c7:92:ea:33:ef:cf:3d:f7:6f:29:67:a7:22:e5:b5:95:65:
f0:f9:92:7d:a4:37:b5:5f:65:f4:f1:0b:0d:af:62:6b:7f:9a:
19:11:f8:11:c3:27:33:53:5d:97:fa:bd:4c:1b:17:cf:16:a7:
4e:42:af:08:16:03:d3:b1:94:a9:a4:57:4d:67:a4:33:86:77:
9b:2c:7d:5a:82:9a:df:ff:a6:42:0c:da:22:bb:3a:95:d3:b0:
27:aa:e0:13:49:b4:89:8e:fb:92:1b:45:4c:fc:32:aa:19:5f:
7e:ef:38:5a:16:ec:13:54:c4:98:78:39:ce:91:f7:82:71:b9:
45:d5:ca:ab:7e:14:c5:c4:bb:cd:38:ca:fd:2e:2e:fd:ef:27:
8e:d1:96:86:42:bb:05:e1:df:c0:75:af:db:fd:e9:73:82:87:
70:b8:33:ee:a1:7a:13:9d:f3:e1:b5:dc:08:cb:4d:5f:2f:8b:
95:a4:b8:26:2b:c6:2d:d4:b0:6f:69:70:9b:9d:c9:b7:47:ae:
00:67:19:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFeXVmipb+kYOqn/QQhPnDQ4bLl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5NzY1M2ZkODA1NDk4N2E5NjBkNzgyMzUxM2VhNDg1ZjgwMmJlZjQyZGM4
ODAzZWFkNjI4ZGJlMjI2ODcyYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9vRgookK9t25AT+LBeYtRiTjPqr0F2DVr/vTHk3SxtA+uBjLMTAVZN/JiI
aJwi79D1pN6w9Uj1SzGhpzxnUJL963Ze8sOjKTfXH7WfSvRM6ccG8psqQzxy83dL
NHF4i0C69NR47yB8+5s+XQNr00YfpsrWarJ/74UITLjzxI8eu6LpF5zCP+lPA7P6
uZpFYcI/QDXacKJCsmK84dxjqI0WJu+UyRhe9jJCn+Y4FPH7rp1IjqmqsbHLmISx
NWjDa7ab0Fi5HlXzReFQrNDLs6N9RxHSeHKHPdRHm4S2+3woeRXsHgJEwy/lUqH1
LF3I10qo/nJSRUF+HC9a5pNyvx8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ1LYrn
hs86GNl/V9IF2Ecit2uWujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk4MDJiYWEtMjc0ZS00NjRmLTk1MjgtYzJlNDVhZTU2ZDBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTg
QDANBgkqhkiG9w0BAQsFAAOCAQEAL+NC3xPbessP/O/89EWG+tbkMN8Xm50qp1Q6
CIPX84YPEf+vfpM0kKZeRKQiiJ/tTQFVNxjKcMeS6jPvzz33bylnpyLltZVl8PmS
faQ3tV9l9PELDa9ia3+aGRH4EcMnM1Ndl/q9TBsXzxanTkKvCBYD07GUqaRXTWek
M4Z3myx9WoKa3/+mQgzaIrs6ldOwJ6rgE0m0iY77khtFTPwyqhlffu84WhbsE1TE
mHg5zpH3gnG5RdXKq34UxcS7zTjK/S4u/e8njtGWhkK7BeHfwHWv2/3pc4KHcLgz
7qF6E53z4bXcCMtNXy+LlaS4JivGLdSwb2lwm53Jt0euAGcZ5A==
-----END CERTIFICATE-----
Generated at Sat May 3 02:34:37 2025 by rpki-client