Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
File: 7665346b-5715-4d4a-9ee7-32affc669e92.roa (raw, json)
Hash identifier: Qe/bnFZF7GD795Q2o/xTQ/IkLLY/lmJbvk/Xr+1z+5I=
Subject key identifier: 4A:37:28:5B:C4:4C:D1:58:7A:07:DB:53:BF:31:D0:87:42:13:08:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79D746DDB8850A75B48309A3953C159AB3DCC0EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:d7:46:dd:b8:85:0a:75:b4:83:09:a3:95:3c:15:9a:b3:dc:c0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=bd8ef984ece55ee5d3c1eb7479ca8b8d94417d12ff6638e0bbd9cfa317e66afe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e0:a2:f7:83:a2:2d:d3:6f:cf:bd:15:04:de:
c0:59:72:be:aa:ce:88:74:ed:04:82:5a:84:da:00:
79:09:bd:02:4d:5c:59:1b:4e:2d:b2:25:a5:af:f0:
52:ef:02:21:c1:cb:61:c5:91:4b:ef:d0:3d:a5:53:
5f:cf:6c:da:3c:66:33:85:41:69:10:bc:84:66:44:
82:66:d3:4d:76:ea:dc:5d:5b:8a:6d:50:97:09:df:
ce:d5:30:bc:23:a0:7e:ad:e9:1d:be:c6:8b:7d:03:
7b:5a:ce:a9:38:f5:07:71:7b:a1:98:fd:f0:6a:3b:
d2:f7:d5:fd:0a:4c:33:c5:f2:10:62:48:bb:f7:f7:
92:fd:bd:83:da:d0:38:e3:4d:04:9d:6e:cf:d6:9a:
fc:0d:3c:47:24:46:49:b0:e6:5e:42:16:d1:d0:17:
e4:a2:4c:00:a7:e1:7c:90:18:f6:47:03:23:bc:ff:
21:af:96:2a:70:9b:b6:8b:fe:2c:d2:0a:e3:da:41:
14:e3:1c:59:1d:7e:8c:48:01:b7:a0:f8:bb:b6:15:
9e:a5:25:24:48:72:6a:6f:87:de:d1:a9:e3:99:d2:
83:1c:8a:e1:e9:36:a3:95:30:54:65:25:7a:29:87:
1c:36:5c:9d:4e:e1:9f:84:19:d0:ec:09:14:39:b1:
8b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:37:28:5B:C4:4C:D1:58:7A:07:DB:53:BF:31:D0:87:42:13:08:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2040::/48
Signature Algorithm: sha256WithRSAEncryption
1c:70:15:01:4b:bd:c8:f8:f5:2c:0b:80:32:f3:8f:0e:0b:6d:
a3:5e:56:b2:05:55:a6:cf:39:b5:6c:9a:ef:ae:3b:93:e8:4a:
7f:d4:68:99:8a:ce:da:f8:09:ec:9e:70:92:aa:28:5d:10:00:
20:c0:c7:d7:e0:7f:9e:24:67:bd:97:a7:99:cb:db:e6:5f:e6:
bf:38:79:be:b6:81:60:d6:a6:47:93:3c:3c:0b:68:e3:03:77:
c3:b4:e8:6a:3f:58:d2:3c:61:db:c8:0b:97:ce:a0:99:37:5f:
0b:49:0d:5f:4e:b5:63:b0:c8:0c:47:76:92:7d:fe:77:00:3a:
55:a4:78:6c:3b:9d:e5:cb:25:05:3e:7e:c8:d4:ff:21:f3:68:
6d:8e:61:d1:ce:91:46:4e:46:d5:c2:02:3f:c5:7b:26:93:cb:
1c:e4:53:1e:0b:0c:bc:e1:7a:5d:a3:69:e0:ac:19:3d:d4:d5:
b5:ba:d1:89:09:9c:e9:b6:e5:3e:1e:55:01:ad:b0:99:5d:e9:
80:9d:d1:bb:67:37:e6:ad:a4:a0:22:93:83:8d:e0:d4:d4:ce:
9a:9f:a5:50:57:35:72:28:61:15:a0:9c:13:17:b6:f0:9d:81:
83:5d:09:f5:30:56:f7:32:ab:1a:84:fc:5a:9c:cc:de:40:ba:
f5:ca:d6:9f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeddG3biFCnW0gwmjlTwVmrPcwOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkOGVmOTg0ZWNlNTVlZTVkM2MxZWI3NDc5Y2E4YjhkOTQ0MTdkMTJmZjY2
MzhlMGJiZDljZmEzMTdlNjZhZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfgoveDoi3Tb8+9FQTewFlyvqrOiHTtBIJahNoAeQm9Ak1cWRtOLbIlpa/w
Uu8CIcHLYcWRS+/QPaVTX89s2jxmM4VBaRC8hGZEgmbTTXbq3F1bim1QlwnfztUw
vCOgfq3pHb7Gi30De1rOqTj1B3F7oZj98Go70vfV/QpMM8XyEGJIu/f3kv29g9rQ
OONNBJ1uz9aa/A08RyRGSbDmXkIW0dAX5KJMAKfhfJAY9kcDI7z/Ia+WKnCbtov+
LNIK49pBFOMcWR1+jEgBt6D4u7YVnqUlJEhyam+H3tGp45nSgxyK4ek2o5UwVGUl
eimHHDZcnU7hn4QZ0OwJFDmxi1sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKNyhb
xEzRWHoH21O/MdCHQhMI2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY2NTM0NmItNTcxNS00ZDRhLTllZTctMzJhZmZjNjY5ZTkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
QDANBgkqhkiG9w0BAQsFAAOCAQEAHHAVAUu9yPj1LAuAMvOPDgtto15WsgVVps85
tWya7647k+hKf9RomYrO2vgJ7J5wkqooXRAAIMDH1+B/niRnvZenmcvb5l/mvzh5
vraBYNamR5M8PAto4wN3w7Toaj9Y0jxh28gLl86gmTdfC0kNX061Y7DIDEd2kn3+
dwA6VaR4bDud5cslBT5+yNT/IfNobY5h0c6RRk5G1cICP8V7JpPLHORTHgsMvOF6
XaNp4KwZPdTVtbrRiQmc6bblPh5VAa2wmV3pgJ3Ru2c35q2koCKTg43g1NTOmp+l
UFc1cihhFaCcExe28J2Bg10J9TBW9zKrGoT8WpzM3kC69crWnw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:53 2025 by rpki-client