Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: hn7me30MfxrLuefdiOHkkQBfeQuCqyml/MBxCnhH6sY=
Subject key identifier: B1:0D:3C:A1:2E:3C:77:F5:FB:85:61:84:9A:B7:51:28:4A:5A:16:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07817EE63732BF9461C8E89FF1B9A5BFCB19B3CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:81:7e:e6:37:32:bf:94:61:c8:e8:9f:f1:b9:a5:bf:cb:19:b3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=03351d2697f08f6da02b2638863a0762c02898f1091f92984167518cffc0cd07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b5:02:e4:11:0f:35:25:58:1e:86:fb:31:48:
6d:3c:34:41:fb:83:17:9d:90:63:05:16:6e:ba:0b:
49:ff:e8:42:db:1e:50:45:58:70:35:7c:6b:a9:93:
3f:af:e4:9c:1f:4f:b1:c1:4e:01:64:ff:c1:d5:10:
06:da:a5:d0:ee:f1:34:94:b4:5a:4b:40:68:e5:af:
94:4b:52:98:2b:58:0b:01:31:f0:ae:9e:f6:63:80:
0b:a6:f6:da:e0:f4:db:83:b2:d6:6c:8c:11:80:e5:
b3:5b:75:a7:eb:45:43:bd:63:88:7f:85:97:d4:13:
8c:46:50:d4:91:b7:96:f5:4f:4a:c8:8a:a0:8e:5c:
4c:5c:5f:9c:76:f2:d2:31:cf:0c:b2:b6:10:c4:2f:
d8:cf:2d:22:59:13:89:d2:49:8a:bd:d8:34:cf:50:
2d:95:ea:a0:a6:ad:3c:71:90:d0:1c:ec:19:94:a3:
50:e5:bd:0c:bb:78:3d:27:26:53:b0:8d:56:6a:c0:
5d:7f:b6:c6:1c:5e:bf:40:41:79:ed:b9:df:33:f3:
e7:3c:47:f5:76:8b:50:a6:6b:4f:ad:b3:61:99:bc:
77:4e:69:b5:72:d5:30:aa:b8:39:8e:3c:4a:8d:a3:
61:0a:f7:a5:a2:2b:23:03:4c:7b:a4:0f:3c:ce:78:
c6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0D:3C:A1:2E:3C:77:F5:FB:85:61:84:9A:B7:51:28:4A:5A:16:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
bc:50:9e:94:bd:ae:94:e7:ee:77:c7:ed:90:42:65:cb:c1:ea:
90:5d:45:94:f8:9e:9c:ad:a6:2d:32:a2:fe:26:e8:03:95:d8:
9f:63:fb:ff:82:4d:1e:62:3a:83:00:62:f7:2b:6f:71:c3:fc:
59:96:cb:a7:b7:6b:d4:92:94:67:da:07:f9:af:93:28:c8:87:
81:11:f5:3c:cc:48:72:8d:2b:40:a8:5f:d8:ee:da:73:88:35:
b3:a4:91:6e:d4:2e:63:33:3c:c1:25:5e:2d:37:93:3a:17:94:
d0:fe:7b:63:4c:ea:ea:ed:f2:23:4a:b7:6f:ed:58:a8:d1:93:
f9:55:97:20:cf:30:33:e6:9a:80:75:34:66:16:08:19:e9:d9:
7a:8c:d0:d6:b0:8e:1f:52:68:b9:64:47:52:27:db:12:86:1b:
aa:d6:03:da:57:fd:4f:7d:ed:c2:d4:75:72:a5:b9:86:7b:0c:
5d:d9:69:22:c1:02:44:9b:f1:02:40:d7:cb:cb:c7:03:e7:cb:
e0:b8:bb:97:a2:67:30:d0:b0:c6:d5:a1:44:3d:7a:b6:28:40:
64:a8:16:b6:3f:bf:fa:34:6e:de:98:36:37:64:2d:07:21:db:
5b:e6:06:35:71:ff:86:a8:f6:84:2e:89:8c:04:5f:e2:94:fe:
1c:09:44:db
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUB4F+5jcyv5RhyOif8bmlv8sZs80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMzUxZDI2OTdmMDhmNmRhMDJiMjYzODg2M2EwNzYyYzAyODk4ZjEwOTFm
OTI5ODQxNjc1MThjZmZjMGNkMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMi1AuQRDzUlWB6G+zFIbTw0QfuDF52QYwUWbroLSf/oQtseUEVYcDV8a6mT
P6/knB9PscFOAWT/wdUQBtql0O7xNJS0WktAaOWvlEtSmCtYCwEx8K6e9mOAC6b2
2uD024Oy1myMEYDls1t1p+tFQ71jiH+Fl9QTjEZQ1JG3lvVPSsiKoI5cTFxfnHby
0jHPDLK2EMQv2M8tIlkTidJJir3YNM9QLZXqoKatPHGQ0BzsGZSjUOW9DLt4PScm
U7CNVmrAXX+2xhxev0BBee253zPz5zxH9XaLUKZrT62zYZm8d05ptXLVMKq4OY48
So2jYQr3paIrIwNMe6QPPM54xv0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSxDTyh
Ljx39fuFYYSat1EoSloWZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBALxQnpS9rpTn7nfH7ZBCZcvB6pBdRZT4npytpi0y
ov4m6AOV2J9j+/+CTR5iOoMAYvcrb3HD/FmWy6e3a9SSlGfaB/mvkyjIh4ER9TzM
SHKNK0CoX9ju2nOINbOkkW7ULmMzPMElXi03kzoXlND+e2NM6urt8iNKt2/tWKjR
k/lVlyDPMDPmmoB1NGYWCBnp2XqM0Nawjh9SaLlkR1In2xKGG6rWA9pX/U997cLU
dXKluYZ7DF3ZaSLBAkSb8QJA18vLxwPny+C4u5eiZzDQsMbVoUQ9erYoQGSoFrY/
v/o0bt6YNjdkLQch21vmBjVx/4ao9oQuiYwEX+KU/hwJRNs=
-----END CERTIFICATE-----
Generated at Fri May 2 18:19:02 2025 by rpki-client