Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: TiL3ZEGmPW+WOIy74XVFKqT7KEt0O1AXjMvwJ4B8Ca8=
Subject key identifier: 26:42:9C:70:37:8E:7B:36:F2:B5:27:CE:83:34:3B:7E:78:62:38:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21FF29B52DA5C2D80D14D0F829D1E568AA4A0383
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:ff:29:b5:2d:a5:c2:d8:0d:14:d0:f8:29:d1:e5:68:aa:4a:03:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d44d984be8b61f1aa5450ca2641287e7a9b0043b0de4aab20a7d3ad5f8cbecf4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fe:c6:13:73:3f:63:ae:dd:c4:d8:81:cf:82:
48:c9:fd:91:1e:4f:20:6b:7e:91:3b:42:2c:cd:05:
3a:8b:ce:ee:3f:9e:fc:8d:a4:f9:62:4f:47:08:d7:
2f:21:3a:1b:cb:26:dd:ab:da:ad:f4:08:13:8b:f0:
8e:ae:cb:06:c1:82:38:d1:fa:3a:ad:4c:4c:b0:fc:
ef:1b:85:14:be:43:68:15:1b:ad:c9:f2:17:91:5a:
af:ae:0b:1e:07:d0:7c:0d:56:57:ba:d8:82:49:fc:
c5:36:ea:2a:ec:62:18:35:40:08:f3:07:e2:fc:3d:
84:4d:97:64:09:d6:9f:50:e8:27:4b:b9:2e:0b:d2:
7d:c9:13:e9:7a:f7:50:f7:14:32:e8:3f:c9:9f:38:
ba:7e:9a:d7:a6:9e:a5:9d:73:96:40:15:f3:b1:aa:
b4:f1:76:5e:94:e9:ce:cd:fc:4b:fe:6e:8a:77:7d:
8f:ad:bf:c2:87:21:dd:40:3e:3c:a5:19:48:cb:f7:
63:c7:6c:ea:7c:91:c3:4e:76:ed:9a:da:14:56:6b:
67:54:4d:5b:52:1d:30:5d:cc:ed:b1:21:97:8f:22:
ef:fa:a0:8a:cc:4f:07:79:c2:e2:b9:63:75:df:c0:
4a:d4:25:d6:85:10:55:e9:5c:17:1b:97:3e:e2:19:
15:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:42:9C:70:37:8E:7B:36:F2:B5:27:CE:83:34:3B:7E:78:62:38:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
24:7d:2a:a9:29:b7:a5:50:3b:5c:f2:99:34:7a:99:94:82:5b:
fd:a2:ea:c6:ff:9f:ce:41:b5:49:3b:a5:ad:89:86:f3:4e:29:
23:f2:08:9d:68:96:db:32:2c:94:28:8a:52:e1:26:19:b4:e5:
32:07:c1:23:e6:61:c6:88:ca:c9:da:b8:d2:8b:ec:e4:75:e1:
2e:d4:48:db:ac:c2:f5:b1:08:5d:56:ec:50:d3:f6:a3:8b:f3:
70:72:64:c1:3a:99:c9:38:a6:e3:97:03:34:09:b0:62:c4:32:
38:ed:f2:80:bc:c2:a1:c5:7b:95:0f:98:ed:f3:6f:da:5f:7b:
77:7b:d8:96:7f:e5:1e:30:e8:50:75:91:b7:aa:35:20:06:f5:
e7:84:0a:00:10:60:b8:88:74:36:4a:18:11:84:aa:99:9d:12:
ee:a3:89:35:25:ea:60:e4:30:48:41:a8:82:0c:6f:eb:1f:1c:
9e:8c:52:80:09:71:35:17:1b:f5:3a:8b:c0:93:a6:52:95:e5:
c6:bf:38:4c:ab:16:7c:d0:fd:a9:18:a0:3d:7c:52:32:82:84:
18:0a:53:35:fb:dd:f2:db:5c:e5:32:3d:a6:f6:d7:00:c9:dd:
07:82:a9:06:bc:9a:89:ff:58:51:f6:11:78:47:31:e0:b5:b0:
25:f0:01:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIf8ptS2lwtgNFND4KdHlaKpKA4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NGQ5ODRiZThiNjFmMWFhNTQ1MGNhMjY0MTI4N2U3YTliMDA0M2IwZGU0
YWFiMjBhN2QzYWQ1ZjhjYmVjZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/+xhNzP2Ou3cTYgc+CSMn9kR5PIGt+kTtCLM0FOovO7j+e/I2k+WJPRwjX
LyE6G8sm3avarfQIE4vwjq7LBsGCONH6Oq1MTLD87xuFFL5DaBUbrcnyF5Far64L
HgfQfA1WV7rYgkn8xTbqKuxiGDVACPMH4vw9hE2XZAnWn1DoJ0u5LgvSfckT6Xr3
UPcUMug/yZ84un6a16aepZ1zlkAV87GqtPF2XpTpzs38S/5uind9j62/woch3UA+
PKUZSMv3Y8ds6nyRw0527ZraFFZrZ1RNW1IdMF3M7bEhl48i7/qgisxPB3nC4rlj
dd/AStQl1oUQVelcFxuXPuIZFTECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQmQpxw
N457NvK1J86DNDt+eGI4uTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEAJH0qqSm3pVA7XPKZNHqZlIJb/aLqxv+fzkG1
STulrYmG804pI/IInWiW2zIslCiKUuEmGbTlMgfBI+ZhxojKydq40ovs5HXhLtRI
26zC9bEIXVbsUNP2o4vzcHJkwTqZyTim45cDNAmwYsQyOO3ygLzCocV7lQ+Y7fNv
2l97d3vYln/lHjDoUHWRt6o1IAb154QKABBguIh0NkoYEYSqmZ0S7qOJNSXqYOQw
SEGoggxv6x8cnoxSgAlxNRcb9TqLwJOmUpXlxr84TKsWfND9qRigPXxSMoKEGApT
Nfvd8ttc5TI9pvbXAMndB4KpBryaif9YUfYReEcx4LWwJfABSg==
-----END CERTIFICATE-----
Generated at Fri May 2 18:06:20 2025 by rpki-client