Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
File: 7037317e-bcf9-40f3-b066-0973d33451f2.roa (raw, json)
Hash identifier: l1zbG2x8bJIIJhsES25YYJ77DJVLEPBjAmVQcAkGWa0=
Subject key identifier: 51:51:55:48:D2:34:A0:4F:45:41:C8:C0:37:95:F6:57:6D:D8:2F:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46FA738684F17CF735DBA986B42F69F6187DF17F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:9000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:fa:73:86:84:f1:7c:f7:35:db:a9:86:b4:2f:69:f6:18:7d:f1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=68bfe379ccc3662fb316d42c787403d2ee05395b6230b98c5de5251c2d20f350, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:93:b0:b1:e5:ba:51:db:d5:61:69:be:8b:c6:
d1:1d:ac:b5:b5:c0:9b:d1:bb:63:d8:7f:38:3d:f6:
58:e5:c9:de:d2:34:8f:61:d1:01:3f:ac:59:2d:a0:
e7:53:10:8a:56:47:a9:2c:53:5a:70:99:84:cc:39:
56:42:50:cc:df:79:2c:fc:99:95:b6:0e:52:cd:76:
fb:5d:a2:c3:73:3c:38:90:be:2c:1e:bb:ea:44:91:
2f:2a:bd:e8:fc:00:46:99:65:5d:c5:78:89:6e:1e:
d2:cc:55:ff:bb:f5:6b:67:74:31:5e:69:72:cd:b2:
15:9f:76:61:c6:81:2b:26:4e:a0:d8:7f:b2:13:60:
a4:99:37:c7:ee:96:7f:d8:d3:49:9d:92:99:1f:b5:
dc:30:0a:db:c0:3e:10:fc:2a:6c:3a:ce:dd:ea:73:
23:27:65:d2:3c:e8:76:b4:17:3f:29:1d:36:61:7c:
96:b5:6b:4b:27:71:93:69:55:92:7a:bd:ba:dc:9f:
b2:46:a9:41:a1:5f:40:68:b3:5b:7d:37:7f:d2:22:
9e:08:22:73:ae:fb:17:93:53:d9:b4:a7:83:5c:5a:
8b:3d:4a:da:97:11:92:a2:a8:cf:c7:23:c5:f0:cf:
68:bd:b0:9c:17:21:03:4d:8a:c5:a1:33:77:59:d8:
21:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:51:55:48:D2:34:A0:4F:45:41:C8:C0:37:95:F6:57:6D:D8:2F:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:9000::/40
Signature Algorithm: sha256WithRSAEncryption
01:fd:ec:ba:83:7c:59:10:4d:52:27:4d:10:51:2a:c3:a0:d2:
ad:6a:93:a1:14:bf:65:8a:bb:74:b8:bb:5d:5f:cd:cd:bd:0f:
76:ed:6c:91:b7:6f:f5:40:15:2b:b2:82:66:a9:bf:09:b3:99:
cd:9b:3a:25:c6:e4:a3:64:49:22:31:10:7d:e9:c0:67:c0:64:
86:db:01:0a:2a:f5:b8:54:65:2e:04:6b:e5:1d:3b:fc:dc:1c:
ca:5d:ae:94:ed:c5:73:6f:a6:3a:f3:1e:96:ca:90:8f:0c:95:
c8:a4:ce:72:b3:a4:d9:d2:97:a7:c0:bc:7f:df:a0:00:ae:b1:
36:a2:91:cb:28:20:83:4c:6e:78:ad:40:0e:d9:10:8a:00:66:
97:c5:7b:57:9b:20:a5:7a:63:84:4b:7d:b4:71:32:a4:a6:9a:
22:4c:3d:82:4e:87:d1:cd:85:fe:8a:6a:a5:e0:62:8e:10:91:
ba:f0:80:47:d2:c0:ec:1a:45:e3:d6:d1:45:ea:c6:36:bf:34:
13:aa:a6:38:33:0c:17:4d:0c:79:1c:44:94:c1:ed:aa:1c:d1:
f1:3c:4b:83:9f:9c:a3:cc:a5:ee:49:ab:0d:ae:c5:23:bc:78:
70:00:a8:09:70:6a:fa:72:f0:29:5b:a5:33:80:0d:0a:a1:4d:
1d:df:61:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURvpzhoTxfPc126mGtC9p9hh98X8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4YmZlMzc5Y2NjMzY2MmZiMzE2ZDQyYzc4NzQwM2QyZWUwNTM5NWI2MjMw
Yjk4YzVkZTUyNTFjMmQyMGYzNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeTsLHlulHb1WFpvovG0R2stbXAm9G7Y9h/OD32WOXJ3tI0j2HRAT+sWS2g
51MQilZHqSxTWnCZhMw5VkJQzN95LPyZlbYOUs12+12iw3M8OJC+LB676kSRLyq9
6PwARpllXcV4iW4e0sxV/7v1a2d0MV5pcs2yFZ92YcaBKyZOoNh/shNgpJk3x+6W
f9jTSZ2SmR+13DAK28A+EPwqbDrO3epzIydl0jzodrQXPykdNmF8lrVrSydxk2lV
knq9utyfskapQaFfQGizW303f9Iinggic677F5NT2bSng1xaiz1K2pcRkqKoz8cj
xfDPaL2wnBchA02KxaEzd1nYIf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRUVVI
0jSgT0VByMA3lfZXbdgvyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzAzNzMxN2UtYmNmOS00MGYzLWIwNjYtMDk3M2QzMzQ1MWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAB/ey6g3xZEE1SJ00QUSrDoNKtapOhFL9lirt0
uLtdX83NvQ927WyRt2/1QBUrsoJmqb8Js5nNmzolxuSjZEkiMRB96cBnwGSG2wEK
KvW4VGUuBGvlHTv83BzKXa6U7cVzb6Y68x6WypCPDJXIpM5ys6TZ0penwLx/36AA
rrE2opHLKCCDTG54rUAO2RCKAGaXxXtXmyClemOES320cTKkppoiTD2CTofRzYX+
imql4GKOEJG68IBH0sDsGkXj1tFF6sY2vzQTqqY4MwwXTQx5HESUwe2qHNHxPEuD
n5yjzKXuSasNrsUjvHhwAKgJcGr6cvApW6UzgA0KoU0d32Hf
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:01 2025 by rpki-client