Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: QguSG6B9GjvWqswEEA6yftEwXqs6yKl3x20m1JbTc7Y=
Subject key identifier: E6:27:9A:F4:78:F5:7A:E4:C3:45:60:0C:3B:B3:E8:A3:F0:4D:61:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EBC06B0D6A658348C0706BD5926B48A766E3294
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:bc:06:b0:d6:a6:58:34:8c:07:06:bd:59:26:b4:8a:76:6e:32:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=b008ce054615f88c99fa711a4480b3e3d5f5348d2c0b8799cc062a04783d2674, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:1f:2a:ce:84:59:6a:3f:d2:de:dd:95:61:
2d:30:49:b7:2c:be:6e:5e:bf:18:c0:28:09:2d:e2:
07:71:96:67:86:f7:9e:90:77:2d:c8:9e:ea:05:3a:
eb:60:9b:ee:ff:da:f1:4b:2d:39:c3:b9:b7:e1:2c:
94:31:b6:94:4e:72:88:2f:21:02:53:a8:3f:85:d1:
5c:c9:46:0a:4d:ae:a1:54:50:99:b4:ed:8f:5a:7f:
63:d0:97:ea:d6:13:9d:3a:04:9e:74:00:e8:e2:bf:
d5:ec:d1:a3:1b:16:1b:b8:4e:ea:28:96:5b:44:e0:
0c:52:cc:80:ae:9e:af:51:8a:fe:d5:35:0a:72:ad:
47:2d:f9:fd:fb:1d:cb:4b:74:ed:f7:af:36:8f:fa:
18:5d:ea:cc:c4:a2:1a:fb:ac:4f:bc:94:20:87:64:
b9:c9:49:4a:45:cc:a9:6c:7b:90:89:06:b3:36:a0:
f9:4b:92:89:eb:15:98:de:3b:d5:2d:bb:57:f3:04:
94:1d:a9:18:ab:b2:c2:3d:a9:82:11:be:aa:66:8d:
ce:3c:ad:8b:c1:cf:fb:f6:2c:26:fc:6d:83:a6:10:
96:b6:5d:4d:79:33:a5:30:81:9e:d7:0c:82:dd:88:
4b:d9:08:33:9e:34:5c:a2:05:8b:01:35:ee:ba:02:
b4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:27:9A:F4:78:F5:7A:E4:C3:45:60:0C:3B:B3:E8:A3:F0:4D:61:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
98:83:88:1a:71:98:df:c9:d6:0d:c9:ff:84:eb:bf:c2:ce:c6:
0e:c4:96:2f:0b:b4:bc:4d:75:c6:65:07:fa:09:0f:ea:d9:da:
01:f4:21:bf:f1:8d:5e:c8:aa:dc:4a:00:d3:e5:3e:bb:e7:19:
9e:6d:33:01:8b:fc:42:73:10:c7:b4:5f:7a:cb:8d:74:2e:3a:
fc:22:4c:5a:79:c3:93:d8:90:88:2b:18:4c:9d:9f:b6:f6:1f:
ae:46:50:0c:4e:ca:f1:fa:d0:bb:eb:d1:cf:76:80:dd:40:57:
f3:ce:35:df:02:28:2b:cc:49:7c:12:f0:c5:36:11:77:50:bd:
bb:d5:f6:8c:c6:48:6f:70:ee:97:12:e3:77:51:7c:12:ed:cb:
bf:49:e2:cd:5b:ae:87:6e:cf:d7:21:13:02:36:d2:6d:3d:04:
ba:d8:7b:d2:db:e2:6e:f4:c7:28:19:da:75:3e:58:e9:2f:a7:
70:85:97:f1:bc:12:c8:ef:d2:cf:8f:6f:ec:8b:39:3b:a1:e7:
e8:da:b0:8e:35:0b:11:65:3a:58:9f:e8:27:f8:ff:82:74:84:
f9:9e:a7:a3:8b:83:66:ef:9f:2c:56:a9:2f:6b:df:4e:fd:fa:
38:f2:55:d5:ec:45:e9:1f:8c:5d:ba:7e:82:93:2e:b0:37:12:
03:3d:0b:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXrwGsNamWDSMBwa9WSa0inZuMpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMDhjZTA1NDYxNWY4OGM5OWZhNzExYTQ0ODBiM2UzZDVmNTM0OGQyYzBi
ODc5OWNjMDYyYTA0NzgzZDI2NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlyHyrOhFlqP9Le3ZVhLTBJtyy+bl6/GMAoCS3iB3GWZ4b3npB3Lcie6gU6
62Cb7v/a8UstOcO5t+EslDG2lE5yiC8hAlOoP4XRXMlGCk2uoVRQmbTtj1p/Y9CX
6tYTnToEnnQA6OK/1ezRoxsWG7hO6iiWW0TgDFLMgK6er1GK/tU1CnKtRy35/fsd
y0t07fevNo/6GF3qzMSiGvusT7yUIIdkuclJSkXMqWx7kIkGszag+UuSiesVmN47
1S27V/MElB2pGKuywj2pghG+qmaNzjyti8HP+/YsJvxtg6YQlrZdTXkzpTCBntcM
gt2IS9kIM540XKIFiwE17roCtEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmJ5r0
ePV65MNFYAw7s+ij8E1hxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQCYg4gacZjfydYNyf+E67/CzsYOxJYvC7S8TXXG
ZQf6CQ/q2doB9CG/8Y1eyKrcSgDT5T675xmebTMBi/xCcxDHtF96y410Ljr8Ikxa
ecOT2JCIKxhMnZ+29h+uRlAMTsrx+tC769HPdoDdQFfzzjXfAigrzEl8EvDFNhF3
UL271faMxkhvcO6XEuN3UXwS7cu/SeLNW66Hbs/XIRMCNtJtPQS62HvS2+Ju9Mco
Gdp1PljpL6dwhZfxvBLI79LPj2/sizk7oefo2rCONQsRZTpYn+gn+P+CdIT5nqej
i4Nm758sVqkva99O/fo48lXV7EXpH4xdun6Cky6wNxIDPQtb
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:05 2025 by rpki-client