Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: yPA035++EKkHV8dNtTrHuKFV2c/5jZoPAer/jaC+1Pw=
Subject key identifier: 45:28:FD:88:3F:A3:9F:E6:63:02:7B:6A:0D:1B:D6:07:47:9D:6C:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BF06FF8BE4F1397608D1E7B2B732059705C8F3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:f0:6f:f8:be:4f:13:97:60:8d:1e:7b:2b:73:20:59:70:5c:8f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=07c11375ebc63062d35a71a751432ad589358607f525750b2b0ceb2df693fd13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:13:03:12:12:7b:c8:2f:9a:ff:10:18:f4:90:
e7:f7:02:df:54:e4:bd:81:56:b3:c9:f0:7a:2a:fe:
2f:c3:1b:e9:10:82:bc:b8:ae:21:01:00:4f:e7:9f:
a0:a5:a3:31:c7:d2:70:9d:8f:6d:0d:d0:9c:22:54:
d9:ac:4b:90:d7:24:7b:0e:7e:3c:2f:cd:35:4e:bc:
46:bf:97:37:08:eb:02:67:d8:01:35:70:ce:6a:44:
4a:d6:96:5e:d9:57:b7:0a:0b:bb:2a:30:f1:ee:56:
7d:ac:6a:86:10:69:a0:43:b9:33:44:13:af:e3:df:
3c:a2:32:26:3f:a8:2c:db:1a:09:4f:dd:1d:c5:be:
3d:5a:bb:7b:a6:1e:85:6c:16:9e:23:ac:88:ad:7f:
9d:fe:78:c0:f3:5d:af:85:bc:ba:d1:8a:26:c9:6d:
7c:ac:ab:13:20:70:43:40:ad:29:ff:7d:00:c7:2a:
37:45:0d:27:21:38:90:8e:2e:7a:a6:60:88:83:1f:
92:76:5f:d7:dc:0e:27:0e:69:01:bb:00:91:ce:4d:
30:8e:14:b6:e3:78:6f:ab:d9:23:93:9a:bd:66:34:
c5:2e:69:12:91:34:ce:17:26:22:8c:a6:b0:02:3f:
6b:dd:d7:e8:6a:4f:40:7e:e3:c4:b9:2f:d5:82:42:
54:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:28:FD:88:3F:A3:9F:E6:63:02:7B:6A:0D:1B:D6:07:47:9D:6C:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
71:f6:63:0a:db:5e:98:68:c6:ea:71:40:df:fa:ce:b0:d4:73:
88:2e:60:78:db:46:b4:07:84:fb:2a:8c:49:28:0a:da:d3:4b:
3e:71:b8:c9:01:a9:78:fc:53:66:21:d5:60:35:bc:ad:08:d3:
ee:2d:7d:2a:88:23:54:64:da:64:af:b9:b5:07:2a:70:88:93:
19:18:2f:d5:b0:35:25:13:55:6c:ef:8a:f9:92:d5:a5:bc:06:
c9:fe:29:3b:2f:e3:80:99:2e:6a:d1:6d:af:30:7e:3f:44:da:
d0:f9:7b:c5:d4:89:33:d3:e9:a4:54:e1:2f:fe:4c:79:d3:5e:
c8:c0:76:88:02:35:bd:a5:6a:a1:1d:16:36:c0:04:89:db:a6:
be:dc:3f:5a:37:78:bc:5d:fe:00:8c:6e:b6:5a:1b:39:7d:e3:
61:16:fe:5d:de:5c:7d:7b:16:8d:94:da:6b:5d:50:4f:76:9f:
8e:38:98:23:73:f2:e5:0a:5c:76:d5:a7:06:a7:63:44:26:b9:
7e:6e:90:c0:92:86:8c:d0:b4:2c:aa:5c:7a:af:de:28:b6:33:
43:98:ee:26:22:11:fb:b7:bd:13:b1:a7:05:34:2c:20:1a:4d:
0e:b8:6e:05:67:c5:97:4a:0b:25:1f:b5:06:f3:8e:95:ad:45:
79:2d:52:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUW/Bv+L5PE5dgjR57K3MgWXBcjz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3YzExMzc1ZWJjNjMwNjJkMzVhNzFhNzUxNDMyYWQ1ODkzNTg2MDdmNTI1
NzUwYjJiMGNlYjJkZjY5M2ZkMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQTAxISe8gvmv8QGPSQ5/cC31TkvYFWs8nweir+L8Mb6RCCvLiuIQEAT+ef
oKWjMcfScJ2PbQ3QnCJU2axLkNckew5+PC/NNU68Rr+XNwjrAmfYATVwzmpEStaW
XtlXtwoLuyow8e5WfaxqhhBpoEO5M0QTr+PfPKIyJj+oLNsaCU/dHcW+PVq7e6Ye
hWwWniOsiK1/nf54wPNdr4W8utGKJsltfKyrEyBwQ0CtKf99AMcqN0UNJyE4kI4u
eqZgiIMfknZf19wOJw5pAbsAkc5NMI4UtuN4b6vZI5OavWY0xS5pEpE0zhcmIoym
sAI/a93X6GpPQH7jxLkv1YJCVE0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRFKP2I
P6Of5mMCe2oNG9YHR51sXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAcfZjCttemGjG6nFA3/rOsNRziC5geNtGtAeE
+yqMSSgK2tNLPnG4yQGpePxTZiHVYDW8rQjT7i19KogjVGTaZK+5tQcqcIiTGRgv
1bA1JRNVbO+K+ZLVpbwGyf4pOy/jgJkuatFtrzB+P0Ta0Pl7xdSJM9PppFThL/5M
edNeyMB2iAI1vaVqoR0WNsAEidumvtw/Wjd4vF3+AIxutlobOX3jYRb+Xd5cfXsW
jZTaa11QT3afjjiYI3Py5QpcdtWnBqdjRCa5fm6QwJKGjNC0LKpceq/eKLYzQ5ju
JiIR+7e9E7GnBTQsIBpNDrhuBWfFl0oLJR+1BvOOla1FeS1SVQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:56 2025 by rpki-client