Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: Wyd32oRiTkU54KnWcBXx1v6aeO51HeiQuTfumBQuvOY=
Subject key identifier: 5F:6C:16:D9:48:9A:9C:2C:B4:11:D7:0A:AB:A1:E6:1A:E6:B3:72:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F8D9F1FED042CEFA35EC048AA994435B4ED73E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:8d:9f:1f:ed:04:2c:ef:a3:5e:c0:48:aa:99:44:35:b4:ed:73:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=29e5c0f87feb646f360e3dbbd79b5fcedd9c9dfe8e9353a2adeb65ef64206ec3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:eb:f7:6d:41:e9:7e:2b:b4:04:0c:79:6e:4f:
1f:8a:cb:18:51:cc:cc:e6:49:04:87:0b:9b:c3:55:
e0:f3:6c:71:86:0c:2b:3a:09:f1:66:64:43:fa:28:
20:82:1b:be:e1:22:84:d3:8e:b6:e4:e0:4b:c7:53:
d1:b6:5a:cc:1a:36:3b:35:02:19:60:f6:16:4f:66:
94:b6:83:88:d3:d9:46:7f:d9:50:5f:df:b8:08:86:
5f:2f:d6:e0:7c:8c:ea:44:62:85:24:78:21:56:97:
d4:39:95:0e:90:ae:62:5e:8e:98:59:f8:b7:e9:3a:
00:7b:1c:7b:37:16:1b:1d:bf:c8:ab:36:49:af:11:
bc:5f:a3:00:ad:4d:a8:67:de:5c:66:3b:d8:86:82:
79:d2:ff:04:da:ea:98:50:9c:0f:7e:9a:4b:d3:6b:
a9:09:f3:ba:73:5a:91:c4:aa:62:1e:53:4a:28:16:
0b:0c:9f:4e:2c:f7:71:a0:90:41:75:1c:a1:61:05:
08:2d:93:55:5c:f7:69:8c:92:6c:e1:16:8a:5b:c4:
df:ec:cb:31:a4:0d:42:95:74:db:cc:e8:e0:5d:72:
e8:35:4b:18:64:0d:8c:ce:34:d0:d2:07:87:d9:8a:
8c:5f:78:ad:9b:0d:36:93:b3:ac:00:3e:31:33:8c:
41:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6C:16:D9:48:9A:9C:2C:B4:11:D7:0A:AB:A1:E6:1A:E6:B3:72:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
15:1f:ec:61:b8:d9:4e:47:c0:5d:8f:06:5a:c9:27:9f:15:cd:
cd:ee:e8:68:71:1c:59:8a:c9:92:ef:53:69:6b:54:c9:b9:a8:
cf:57:f1:ab:ff:b6:bd:c7:92:db:5a:36:b1:cf:c2:6a:dc:57:
04:83:5a:7a:a1:15:69:e2:73:ed:bd:26:47:c9:0c:f9:2a:17:
b7:98:0f:66:cc:a4:f1:ad:2f:63:28:11:ef:44:75:8a:27:3c:
da:1b:27:53:d5:73:25:75:81:26:9e:a9:80:b5:09:4f:59:1e:
1c:31:58:2d:b6:59:97:ab:50:50:65:cb:29:92:67:0a:48:89:
cb:80:27:43:58:67:51:62:26:08:bc:2a:80:40:2e:51:fa:e3:
6e:13:92:55:c4:57:ae:2a:18:d4:c9:b5:76:89:eb:91:ff:b4:
6f:dd:04:66:22:7c:9a:cd:84:b7:c5:5f:b0:81:91:3a:42:9b:
76:9f:94:22:23:b1:cf:c5:12:ad:bc:7a:c0:b0:0e:62:2b:c3:
d3:3a:ca:bd:16:58:65:16:a7:15:c5:c2:62:43:3a:93:f4:5d:
49:19:2a:8c:b1:d5:33:f5:72:ae:f5:e9:55:6e:f2:4a:11:62:
8e:5a:19:a2:70:79:97:74:64:58:78:11:4e:6b:ce:27:b8:ab:
5c:ae:60:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH42fH+0ELO+jXsBIqplENbTtc+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5ZTVjMGY4N2ZlYjY0NmYzNjBlM2RiYmQ3OWI1ZmNlZGQ5YzlkZmU4ZTkz
NTNhMmFkZWI2NWVmNjQyMDZlYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXr921B6X4rtAQMeW5PH4rLGFHMzOZJBIcLm8NV4PNscYYMKzoJ8WZkQ/oo
IIIbvuEihNOOtuTgS8dT0bZazBo2OzUCGWD2Fk9mlLaDiNPZRn/ZUF/fuAiGXy/W
4HyM6kRihSR4IVaX1DmVDpCuYl6OmFn4t+k6AHscezcWGx2/yKs2Sa8RvF+jAK1N
qGfeXGY72IaCedL/BNrqmFCcD36aS9NrqQnzunNakcSqYh5TSigWCwyfTiz3caCQ
QXUcoWEFCC2TVVz3aYySbOEWilvE3+zLMaQNQpV028zo4F1y6DVLGGQNjM400NIH
h9mKjF94rZsNNpOzrAA+MTOMQTsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRfbBbZ
SJqcLLQR1wqroeYa5rNyzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEAFR/sYbjZTkfAXY8GWsknnxXNze7oaHEcWYrJ
ku9TaWtUybmoz1fxq/+2vceS21o2sc/CatxXBINaeqEVaeJz7b0mR8kM+SoXt5gP
Zsyk8a0vYygR70R1iic82hsnU9VzJXWBJp6pgLUJT1keHDFYLbZZl6tQUGXLKZJn
CkiJy4AnQ1hnUWImCLwqgEAuUfrjbhOSVcRXrioY1Mm1donrkf+0b90EZiJ8ms2E
t8VfsIGROkKbdp+UIiOxz8USrbx6wLAOYivD0zrKvRZYZRanFcXCYkM6k/RdSRkq
jLHVM/VyrvXpVW7yShFijloZonB5l3RkWHgRTmvOJ7irXK5guw==
-----END CERTIFICATE-----
Generated at Sat May 3 01:08:38 2025 by rpki-client