Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
File: 72da9f02-356c-4664-864e-e60b7c9e874d.roa (raw, json)
Hash identifier: pHqR1I6GZE1Frm2KlXAslJtAHUaXi/HwcZxwR1WdqDQ=
Subject key identifier: 4D:90:AF:01:44:33:33:E6:D2:BB:B4:53:E2:7B:8A:92:47:B1:6A:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73E0C8C9899A74E0B2199EFDA36D8357CE3ADDD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:e0:c8:c9:89:9a:74:e0:b2:19:9e:fd:a3:6d:83:57:ce:3a:dd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=7852430a57f8ee6132b4e7e463e34f5867bb29cd4a8be95a269c678fe540450b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b2:8d:66:c5:78:0f:5a:66:d3:45:28:0f:12:
d8:33:58:f4:dd:6c:2c:c2:07:58:52:d1:20:5b:16:
a5:3c:cf:85:23:05:76:e1:e0:9b:4c:8d:23:79:61:
32:dd:bb:1a:0c:15:0e:62:d4:15:71:97:16:96:89:
03:ac:8c:61:b0:52:ae:02:ed:cd:f4:42:1e:f0:b8:
25:b8:21:07:f1:2b:9f:7d:3e:d6:c4:30:05:b1:97:
bc:a4:9f:61:33:b3:c3:c3:67:03:99:af:fc:b3:dc:
ef:99:6d:bc:7a:60:55:7d:ba:3f:79:f6:2c:2f:1d:
9a:46:e7:59:67:d2:eb:90:21:57:77:26:c8:94:f4:
c8:04:36:63:94:d9:21:04:ba:29:49:cb:7b:15:c8:
78:b3:95:e7:4e:5c:ba:d5:5b:9b:5d:21:c1:7a:e7:
0c:9a:7d:f7:ab:12:e3:be:bf:83:fb:fa:f7:28:e5:
53:4c:a2:0d:fe:84:56:72:d8:28:86:92:66:1e:9c:
ea:cb:c6:93:42:ef:11:76:21:c3:a2:13:98:4b:1e:
37:f6:3b:4c:9a:10:8e:ac:55:17:8c:4e:ff:a2:db:
45:52:0d:e5:78:55:ac:56:b4:71:11:29:83:d9:9c:
38:60:b6:85:6b:34:b6:4b:5b:8b:7d:51:b1:68:18:
66:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:90:AF:01:44:33:33:E6:D2:BB:B4:53:E2:7B:8A:92:47:B1:6A:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c040::/46
Signature Algorithm: sha256WithRSAEncryption
0d:d3:e7:d8:1c:eb:b3:44:d9:36:1d:ac:c9:64:33:f8:c1:bc:
bc:fc:b4:be:e8:b8:7f:8c:44:1f:2c:a0:ca:58:c9:9f:5f:e0:
a3:45:60:c6:06:09:03:b0:25:85:7a:a6:98:da:aa:61:52:fd:
1f:60:1a:62:dd:70:ee:1b:14:3e:bf:a9:ae:79:a9:e9:42:9d:
c1:a5:12:c9:06:6b:fa:b2:9d:70:c1:b0:2b:4f:89:3f:79:d7:
ed:75:ae:35:a0:2b:df:57:cf:89:5e:cc:2d:c5:6a:69:2e:66:
fe:49:f7:63:37:65:b8:62:6c:5a:0b:1e:8c:ce:cd:9d:62:5a:
11:a4:0f:c2:22:0a:c4:5a:e7:55:8e:46:ab:6f:59:18:35:f0:
1f:10:72:64:b7:c7:fe:11:a1:3e:ea:db:1d:fb:26:51:aa:20:
9c:98:13:63:e2:d4:6c:68:93:48:cd:52:50:78:09:12:85:b2:
61:3e:ab:03:a9:14:4e:d9:87:3c:f5:ff:fd:f9:2d:fc:9e:a7:
19:9f:62:12:f0:84:5f:a9:a3:70:9d:8d:45:71:82:a7:02:83:
4e:6a:e8:45:ee:2c:2a:d9:91:ef:06:c4:c8:5b:75:eb:93:61:
b7:99:52:48:80:f3:65:97:9b:bc:0a:7f:90:a5:01:70:7b:05:
79:32:db:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc+DIyYmadOCyGZ79o22DV8463dUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NTI0MzBhNTdmOGVlNjEzMmI0ZTdlNDYzZTM0ZjU4NjdiYjI5Y2Q0YThi
ZTk1YTI2OWM2NzhmZTU0MDQ1MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+yjWbFeA9aZtNFKA8S2DNY9N1sLMIHWFLRIFsWpTzPhSMFduHgm0yNI3lh
Mt27GgwVDmLUFXGXFpaJA6yMYbBSrgLtzfRCHvC4JbghB/Ern30+1sQwBbGXvKSf
YTOzw8NnA5mv/LPc75ltvHpgVX26P3n2LC8dmkbnWWfS65AhV3cmyJT0yAQ2Y5TZ
IQS6KUnLexXIeLOV505cutVbm10hwXrnDJp996sS476/g/v69yjlU0yiDf6EVnLY
KIaSZh6c6svGk0LvEXYhw6ITmEseN/Y7TJoQjqxVF4xO/6LbRVIN5XhVrFa0cREp
g9mcOGC2hWs0tktbi31RsWgYZqMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNkK8B
RDMz5tK7tFPie4qSR7FqWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJkYTlmMDItMzU2Yy00NjY0LTg2NGUtZTYwYjdjOWU4NzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
QDANBgkqhkiG9w0BAQsFAAOCAQEADdPn2Bzrs0TZNh2syWQz+MG8vPy0vui4f4xE
HyygyljJn1/go0VgxgYJA7AlhXqmmNqqYVL9H2AaYt1w7hsUPr+prnmp6UKdwaUS
yQZr+rKdcMGwK0+JP3nX7XWuNaAr31fPiV7MLcVqaS5m/kn3YzdluGJsWgsejM7N
nWJaEaQPwiIKxFrnVY5Gq29ZGDXwHxByZLfH/hGhPurbHfsmUaognJgTY+LUbGiT
SM1SUHgJEoWyYT6rA6kUTtmHPPX//fkt/J6nGZ9iEvCEX6mjcJ2NRXGCpwKDTmro
Re4sKtmR7wbEyFt165Nht5lSSIDzZZebvAp/kKUBcHsFeTLbaQ==
-----END CERTIFICATE-----
Generated at Fri May 2 16:39:06 2025 by rpki-client