Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
File: 730c632c-0510-4eef-8649-b29c7a1d089b.roa (raw, json)
Hash identifier: rQw6xvImxLs5oXdkRdVmOsKofFXm66Vnr2LfKQkE2yA=
Subject key identifier: 7C:BB:35:3D:13:28:72:3D:31:0A:C4:33:06:37:66:69:41:C5:1F:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36BF207B775D52B47FF25065C40479473C08D30A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:bf:20:7b:77:5d:52:b4:7f:f2:50:65:c4:04:79:47:3c:08:d3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=abb99e76ae2379a93f5e34251d6821f22aed3234d28e29cd7d176cbaf51ddbef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:43:c3:1d:7e:8c:23:87:43:a7:da:ac:c7:80:
06:d1:b3:f8:37:c8:72:34:05:25:a2:6c:a4:19:69:
7b:07:a3:2b:7e:c8:e1:64:5f:98:79:de:ae:65:b3:
54:46:40:08:91:0d:b2:48:6b:1e:9e:4a:94:a1:a0:
f9:ea:bd:f4:34:6b:6c:2c:c5:7b:64:99:1c:2c:20:
91:5b:35:02:30:83:b7:74:74:21:dd:6c:62:e4:9a:
1d:d9:54:69:1d:5f:9a:5f:9c:4d:2c:5f:f0:95:73:
31:7a:e0:ea:01:d6:06:75:c1:87:97:0e:7a:ae:0e:
33:38:2e:20:e7:7d:a1:a8:8b:84:c7:6c:27:e4:72:
23:1b:68:da:e1:a8:ea:02:6d:c1:4d:78:94:29:a2:
d2:c9:a8:ec:68:2e:bb:d8:50:a7:35:31:25:15:ba:
0c:5e:5a:4e:da:bf:2b:b1:84:ea:f8:06:b6:b3:54:
f2:b1:97:b5:a5:0d:28:89:d9:c8:5c:9a:d5:18:78:
b9:b1:aa:e6:33:02:5a:4e:0b:78:13:83:0f:54:5e:
c8:81:c5:11:c1:f6:27:4a:42:9b:7f:74:b1:14:3e:
eb:5d:4f:dc:44:1d:3a:73:7c:72:94:d3:ae:db:75:
57:db:47:40:55:8d:d7:24:82:a9:ba:06:e7:dd:22:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:BB:35:3D:13:28:72:3D:31:0A:C4:33:06:37:66:69:41:C5:1F:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2040::/48
Signature Algorithm: sha256WithRSAEncryption
55:82:8e:f7:e2:a3:ef:90:00:47:19:76:02:90:d4:da:bf:e4:
32:ab:d5:37:17:b6:ab:33:80:3f:33:6f:e8:58:a8:91:14:cf:
8b:a1:1c:3c:78:2c:e1:d0:b3:66:af:1d:c5:53:67:d6:d2:11:
e0:2a:5e:dd:c0:87:9b:32:c1:0f:25:cc:66:3c:80:71:84:64:
ee:91:ca:7a:bf:47:44:04:9a:29:e3:39:bc:db:48:a9:b8:3d:
29:29:67:f3:4f:97:e7:e3:1c:38:66:60:56:1c:6c:ea:b6:f5:
81:ec:35:ee:58:da:0b:c0:ec:9a:a5:54:96:e5:1f:5c:b7:1b:
5c:37:c8:12:62:1d:1f:d1:66:80:5d:25:34:0e:79:e1:7a:86:
19:33:36:4e:f2:0f:d6:67:cd:b2:f8:ab:68:33:fa:c8:8b:d9:
63:27:0d:8f:f8:6b:e9:36:a1:e6:4d:74:27:db:9d:df:74:27:
fc:7c:fa:73:69:8a:4c:e7:73:a0:93:d1:5b:65:62:49:b5:61:
a0:d7:b8:28:99:13:3e:c9:1f:95:3c:d4:97:44:f5:8c:1a:5c:
11:8e:80:d0:af:b4:94:c9:ab:95:fd:a3:0f:56:5e:b9:b4:14:
7c:ce:02:90:3c:17:0a:78:b0:0e:de:8d:5d:76:32:19:79:ff:
ce:14:9e:40
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNr8ge3ddUrR/8lBlxAR5RzwI0wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYjk5ZTc2YWUyMzc5YTkzZjVlMzQyNTFkNjgyMWYyMmFlZDMyMzRkMjhl
MjljZDdkMTc2Y2JhZjUxZGRiZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1Dwx1+jCOHQ6farMeABtGz+DfIcjQFJaJspBlpewejK37I4WRfmHnermWz
VEZACJENskhrHp5KlKGg+eq99DRrbCzFe2SZHCwgkVs1AjCDt3R0Id1sYuSaHdlU
aR1fml+cTSxf8JVzMXrg6gHWBnXBh5cOeq4OMzguIOd9oaiLhMdsJ+RyIxto2uGo
6gJtwU14lCmi0smo7Gguu9hQpzUxJRW6DF5aTtq/K7GE6vgGtrNU8rGXtaUNKInZ
yFya1Rh4ubGq5jMCWk4LeBODD1ReyIHFEcH2J0pCm390sRQ+611P3EQdOnN8cpTT
rtt1V9tHQFWN1ySCqboG590ieFECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR8uzU9
EyhyPTEKxDMGN2ZpQcUfJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzMwYzYzMmMtMDUxMC00ZWVmLTg2NDktYjI5YzdhMWQwODliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
QDANBgkqhkiG9w0BAQsFAAOCAQEAVYKO9+Kj75AARxl2ApDU2r/kMqvVNxe2qzOA
PzNv6FiokRTPi6EcPHgs4dCzZq8dxVNn1tIR4Cpe3cCHmzLBDyXMZjyAcYRk7pHK
er9HRASaKeM5vNtIqbg9KSln80+X5+McOGZgVhxs6rb1gew17ljaC8DsmqVUluUf
XLcbXDfIEmIdH9FmgF0lNA554XqGGTM2TvIP1mfNsviraDP6yIvZYycNj/hr6Tah
5k10J9ud33Qn/Hz6c2mKTOdzoJPRW2ViSbVhoNe4KJkTPskflTzUl0T1jBpcEY6A
0K+0lMmrlf2jD1ZeubQUfM4CkDwXCniwDt6NXXYyGXn/zhSeQA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:08 2025 by rpki-client