Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
File: 72ef8dd0-6820-429d-9dd5-d75f593bc729.roa (raw, json)
Hash identifier: i6hG4oXxppuAROg+kXn/xMc/ii4D2NCoUoRn2siL4Vs=
Subject key identifier: 1C:54:A4:6C:EB:D1:7D:3C:CD:22:5E:B6:99:07:C5:36:E7:A4:C3:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: CEBE5A5D502F3D2D53C6EE1BE2AAE9DFA4477E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ce:be:5a:5d:50:2f:3d:2d:53:c6:ee:1b:e2:aa:e9:df:a4:47:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=765e0b50b520791594a228fdd6bbcd3e6683289ea7f6f183c4f88c408cf70342, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d6:d7:55:4e:a0:51:f4:76:11:50:49:73:bf:
2f:bd:88:2b:b8:de:5b:bb:66:d5:2e:9a:f1:2e:8a:
87:2a:2e:cb:09:f3:9a:d3:d9:df:ba:6b:f0:39:49:
1c:0e:e0:fa:83:45:59:65:8a:95:9b:a6:ae:5c:bc:
5b:53:04:d3:da:d5:3a:04:5b:7d:dd:77:7c:27:1f:
5a:c1:ca:be:a8:39:7e:33:3b:52:1a:15:be:80:da:
dc:c8:b7:48:43:0e:e4:2a:42:0b:92:c5:fa:c4:1e:
c5:26:13:12:e1:d5:2d:c4:ac:c4:80:8b:2b:2f:9f:
70:38:67:a3:b6:04:39:be:5a:08:c6:de:ea:16:79:
fc:90:23:9b:8c:ec:5e:1a:3d:12:b2:1d:c7:6a:f5:
3f:e7:36:3e:7e:24:13:05:11:5d:59:2b:94:6f:44:
3c:93:1b:62:2f:0c:52:3f:25:dc:bc:2c:33:82:ea:
94:e4:9c:ab:e3:fb:c3:61:3f:68:61:45:7e:3f:8f:
57:13:64:2f:e1:2e:82:d5:17:a8:af:b5:93:28:74:
89:ab:cc:ca:da:27:5d:b1:5a:62:6e:ae:cd:be:d9:
67:7a:d3:d0:f6:84:d0:d2:5f:77:00:b7:8b:1e:94:
45:04:2e:db:fe:c3:8a:dd:fc:78:31:66:64:ca:aa:
1b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:54:A4:6C:EB:D1:7D:3C:CD:22:5E:B6:99:07:C5:36:E7:A4:C3:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5080::/48
Signature Algorithm: sha256WithRSAEncryption
05:83:b4:eb:5f:49:67:9a:f4:11:fb:e0:59:4c:2c:36:b0:b4:
31:6a:8b:17:cd:b8:87:63:4d:c6:57:c8:43:2b:15:93:ef:81:
68:34:8e:07:b0:78:3e:83:41:d3:89:90:47:a6:e7:77:f9:40:
3a:e2:7a:b7:b1:51:62:a3:c2:cb:22:cc:82:97:e6:c8:67:e9:
70:6f:20:a1:b1:6b:8d:40:6f:41:38:6b:31:b9:24:43:87:da:
ca:85:6d:8b:7b:66:22:eb:7f:dd:6a:8d:28:71:9e:72:25:56:
e1:34:f1:63:e4:b3:7d:3c:c4:ed:78:b1:4d:fd:a1:37:04:a8:
d7:3f:56:be:9a:95:b8:f0:b7:92:a5:7d:25:33:f7:49:cc:4d:
23:b4:ed:ab:54:b9:be:ea:e5:a5:4e:5d:11:b5:11:51:e7:b9:
30:96:6e:c0:53:2c:04:af:8f:f6:c3:cb:81:6c:55:82:55:48:
65:69:a8:de:88:10:1f:18:b9:06:9c:cb:3f:f8:48:e4:40:86:
54:67:f5:50:1b:af:a7:f6:17:fa:c1:07:ab:6e:4b:cd:df:d6:
b8:04:05:87:c6:f4:55:86:c7:b2:7f:0f:6b:e5:e4:04:25:6f:
f2:45:f8:cc:be:cb:bf:6d:d3:3d:65:db:c2:8f:a0:4b:ae:d1:
4e:b6:8b:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAM6+Wl1QLz0tU8buG+Kq6d+kR34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NWUwYjUwYjUyMDc5MTU5NGEyMjhmZGQ2YmJjZDNlNjY4MzI4OWVhN2Y2
ZjE4M2M0Zjg4YzQwOGNmNzAzNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIDW11VOoFH0dhFQSXO/L72IK7jeW7tm1S6a8S6KhyouywnzmtPZ37pr8DlJ
HA7g+oNFWWWKlZumrly8W1ME09rVOgRbfd13fCcfWsHKvqg5fjM7UhoVvoDa3Mi3
SEMO5CpCC5LF+sQexSYTEuHVLcSsxICLKy+fcDhno7YEOb5aCMbe6hZ5/JAjm4zs
Xho9ErIdx2r1P+c2Pn4kEwURXVkrlG9EPJMbYi8MUj8l3LwsM4LqlOScq+P7w2E/
aGFFfj+PVxNkL+EugtUXqK+1kyh0iavMytonXbFaYm6uzb7ZZ3rT0PaE0NJfdwC3
ix6URQQu2/7Dit38eDFmZMqqG9kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQcVKRs
69F9PM0iXraZB8U256TDPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJlZjhkZDAtNjgyMC00MjlkLTlkZDUtZDc1ZjU5M2JjNzI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRQ
gDANBgkqhkiG9w0BAQsFAAOCAQEABYO0619JZ5r0EfvgWUwsNrC0MWqLF824h2NN
xlfIQysVk++BaDSOB7B4PoNB04mQR6bnd/lAOuJ6t7FRYqPCyyLMgpfmyGfpcG8g
obFrjUBvQThrMbkkQ4fayoVti3tmIut/3WqNKHGeciVW4TTxY+SzfTzE7XixTf2h
NwSo1z9WvpqVuPC3kqV9JTP3ScxNI7Ttq1S5vurlpU5dEbURUee5MJZuwFMsBK+P
9sPLgWxVglVIZWmo3ogQHxi5BpzLP/hI5ECGVGf1UBuvp/YX+sEHq25Lzd/WuAQF
h8b0VYbHsn8Pa+XkBCVv8kX4zL7Lv23TPWXbwo+gS67RTraLvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:45 2025 by rpki-client