Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: uGrNeUoecTrTh8vgRa1HLBpthAafwU16YCo9JN3y1JA=
Subject key identifier: C2:E8:C5:0B:B2:F6:E5:EF:25:42:8E:7A:F3:91:87:06:D4:9D:A2:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0529FE1BD0ABC1336D71492CE521045F17D65BF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:29:fe:1b:d0:ab:c1:33:6d:71:49:2c:e5:21:04:5f:17:d6:5b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=fb4681044a1896d4d3ab0b439f8467fb1ed39fae6ffe1054a0014e81aba70457, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d8:1f:14:1e:f4:18:ee:e0:b1:b4:a3:08:8f:
84:39:51:0d:28:88:22:6b:44:56:24:02:4a:02:98:
17:41:a1:95:0a:6c:f2:66:c4:cf:f2:11:67:8b:f0:
c2:42:fd:70:5d:e6:8d:72:a0:2e:9b:19:73:aa:29:
be:3b:7f:74:63:5f:7a:f6:2b:e0:ff:01:53:2a:86:
17:18:6a:9f:bf:cb:99:27:f7:f0:bc:1c:d5:9d:ac:
7e:78:5e:88:0f:d0:2f:d5:e3:95:ee:a5:01:e9:78:
6c:86:35:c1:49:40:08:73:10:83:c5:79:4f:02:c2:
8d:17:d4:c5:97:e8:64:21:f4:8e:3d:31:0d:17:90:
e5:2f:55:23:ef:25:e2:80:31:3b:9a:21:b1:6a:0b:
53:dc:9e:99:7c:e0:8c:97:1c:e6:c2:83:fd:da:5a:
bb:04:ee:9e:cc:d2:4f:87:06:ba:57:4c:c0:3d:da:
21:f4:9b:84:e0:bc:0f:6d:7b:0c:52:d8:10:be:4b:
bf:49:e3:8c:2a:bc:aa:f7:eb:ad:de:2f:1b:93:d6:
ef:e5:e1:cb:c5:08:13:16:41:d5:de:fc:e1:de:88:
65:5b:27:32:48:31:34:f2:bc:25:cc:a4:d1:b2:08:
1d:59:30:ab:fe:70:52:60:ca:b6:a8:12:32:d2:95:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E8:C5:0B:B2:F6:E5:EF:25:42:8E:7A:F3:91:87:06:D4:9D:A2:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
5e:41:cd:af:bf:11:fe:45:24:62:35:cb:4a:66:da:d8:01:84:
6a:f4:e1:0c:96:5e:08:12:3f:e8:37:a6:12:39:12:48:16:38:
cb:95:b3:b1:b2:a4:94:7d:89:3a:82:7a:72:b9:f9:89:02:67:
60:7e:98:60:e6:db:e5:c4:07:ba:74:cf:01:fc:c4:22:72:d7:
c1:35:83:b5:88:72:01:0b:41:6f:4b:cf:65:c9:53:6b:3e:19:
30:71:76:c4:b8:d4:85:f7:3a:2b:1d:65:bb:59:cf:f3:85:67:
33:a7:fe:c5:bb:4c:79:22:3d:ef:60:b7:2c:c8:74:e3:fa:53:
3e:d1:96:56:89:b1:c8:07:1d:c1:ff:66:3a:39:22:17:9f:8b:
e2:d1:10:0b:ba:43:16:48:49:04:25:a6:f9:fc:e1:1e:cf:b7:
53:f4:22:aa:d9:c3:79:1b:d4:b7:06:97:71:54:7d:2d:3a:9d:
b9:0b:e9:8e:e0:c5:23:83:6e:71:a4:64:33:f0:f7:7d:c1:4c:
16:e2:99:a8:17:56:0b:59:de:07:c5:9e:ff:28:7b:fe:60:0b:
91:b3:88:62:f0:07:01:ce:3c:7e:a3:ea:c9:e5:d7:4f:c4:37:
01:58:b2:56:8b:2d:fa:63:51:5a:b8:06:95:e6:7b:28:b1:a2:
f2:88:72:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBSn+G9CrwTNtcUks5SEEXxfWW/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNDY4MTA0NGExODk2ZDRkM2FiMGI0MzlmODQ2N2ZiMWVkMzlmYWU2ZmZl
MTA1NGEwMDE0ZTgxYWJhNzA0NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTYHxQe9Bju4LG0owiPhDlRDSiIImtEViQCSgKYF0GhlQps8mbEz/IRZ4vw
wkL9cF3mjXKgLpsZc6opvjt/dGNfevYr4P8BUyqGFxhqn7/LmSf38Lwc1Z2sfnhe
iA/QL9Xjle6lAel4bIY1wUlACHMQg8V5TwLCjRfUxZfoZCH0jj0xDReQ5S9VI+8l
4oAxO5ohsWoLU9yemXzgjJcc5sKD/dpauwTunszST4cGuldMwD3aIfSbhOC8D217
DFLYEL5Lv0njjCq8qvfrrd4vG5PW7+Xhy8UIExZB1d784d6IZVsnMkgxNPK8Jcyk
0bIIHVkwq/5wUmDKtqgSMtKVLfMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTC6MUL
svbl7yVCjnrzkYcG1J2iRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBeQc2vvxH+RSRiNctKZtrYAYRq9OEMll4IEj/o
N6YSORJIFjjLlbOxsqSUfYk6gnpyufmJAmdgfphg5tvlxAe6dM8B/MQictfBNYO1
iHIBC0FvS89lyVNrPhkwcXbEuNSF9zorHWW7Wc/zhWczp/7Fu0x5Ij3vYLcsyHTj
+lM+0ZZWibHIBx3B/2Y6OSIXn4vi0RALukMWSEkEJab5/OEez7dT9CKq2cN5G9S3
BpdxVH0tOp25C+mO4MUjg25xpGQz8Pd9wUwW4pmoF1YLWd4HxZ7/KHv+YAuRs4hi
8AcBzjx+o+rJ5ddPxDcBWLJWiy36Y1FauAaV5nsosaLyiHK+
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:56 2025 by rpki-client