Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/780dce66-c0fd-40f4-9a09-0015d6bf272c.roa
File: 780dce66-c0fd-40f4-9a09-0015d6bf272c.roa (raw, json)
Hash identifier: P8kj5A3XYdtQ/bPpjMNEVKtreWMcQJclWXbimqId0ts=
Subject key identifier: 7C:20:63:D6:72:54:22:71:97:5F:F4:FE:5D:10:CD:AD:1E:96:C6:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40D99339B1C0702101676F068EE92F7E2CEF13D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/780dce66-c0fd-40f4-9a09-0015d6bf272c.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:90c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d9:93:39:b1:c0:70:21:01:67:6f:06:8e:e9:2f:7e:2c:ef:13:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=787b161622a7e4d836613ac287f8f9f94e8b5c7bd875431934613932d45a6e06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:82:64:84:c2:9d:30:f6:02:25:39:95:12:
89:9a:45:ce:cf:3d:19:75:90:13:ba:21:f7:b1:ce:
47:5a:01:6b:92:ba:71:4f:8b:e6:61:26:df:54:a7:
b8:44:11:72:39:a1:cc:22:a1:1e:18:f8:2b:49:42:
30:d6:9d:94:39:57:e3:a5:30:56:b4:79:b4:fc:63:
91:27:92:73:ea:ca:9a:4c:03:38:0d:55:a9:a2:cb:
61:50:86:7c:d7:96:92:bf:de:20:65:3b:aa:b8:b3:
0e:2b:05:98:7e:70:ac:2b:4e:ce:42:17:ba:42:5d:
a4:e6:58:4e:34:ba:9d:1e:4c:c7:f5:de:1e:5f:0e:
01:47:54:13:84:3d:bd:f0:b0:6e:63:44:f3:36:0f:
fb:93:53:91:53:01:c0:0e:a8:f9:90:41:ac:ee:fb:
3c:65:83:42:f2:89:0e:6e:a6:75:5f:db:84:48:40:
43:99:1a:8d:ea:2e:83:80:16:48:d1:c8:c3:45:18:
c5:67:25:45:e8:43:7e:d9:91:28:8e:19:e3:20:14:
ea:97:b3:67:13:a6:07:38:e7:c9:cf:92:07:87:be:
9d:f7:62:dc:5b:ec:ab:7b:99:30:1e:ac:bc:90:84:
7e:87:68:2f:d3:7e:04:90:e1:4e:27:a3:a8:25:70:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:20:63:D6:72:54:22:71:97:5F:F4:FE:5D:10:CD:AD:1E:96:C6:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/780dce66-c0fd-40f4-9a09-0015d6bf272c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
4a:25:d1:61:b7:08:bf:29:6a:f7:c6:c2:71:29:02:91:a6:97:
61:86:cf:f1:e9:40:16:02:d6:16:37:6b:44:00:d9:16:91:30:
fc:6d:34:3a:a6:39:eb:9c:65:25:f7:a0:bf:c2:05:66:2e:14:
b6:47:8f:2d:3c:1a:f4:d6:37:f8:47:ed:b2:bd:6c:34:c2:b1:
57:71:b0:ec:10:c6:b2:81:f1:b8:e0:82:27:06:fa:b8:36:c8:
f5:88:3a:17:a1:64:a6:c5:9b:3c:26:b9:f9:ac:43:b4:3c:1e:
36:bb:2a:be:f7:2d:be:3f:68:ed:bc:e1:e8:88:db:68:fe:0e:
19:e5:9e:b4:89:04:e9:c0:a2:e7:59:b2:b8:9c:5c:fd:98:a8:
c0:42:db:f1:ba:ec:0c:a6:98:68:46:e4:11:9e:b3:41:d9:38:
d2:65:45:64:61:32:d8:06:81:21:88:26:59:a1:89:15:50:a2:
14:a6:66:72:50:92:0f:f0:fa:cd:14:5b:e9:8d:b9:44:61:e2:
03:3b:99:f6:0b:d6:64:39:12:67:9c:6c:ea:fd:b6:64:5c:43:
ad:e7:53:4c:be:d0:6d:3f:5e:73:89:78:12:a6:c3:34:06:44:
28:c2:2b:da:3b:e0:8c:0e:14:3a:2e:89:cb:63:37:9b:26:77:
1d:17:db:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQNmTObHAcCEBZ28GjukvfizvE9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4N2IxNjE2MjJhN2U0ZDgzNjYxM2FjMjg3ZjhmOWY5NGU4YjVjN2JkODc1
NDMxOTM0NjEzOTMyZDQ1YTZlMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVtgmSEwp0w9gIlOZUSiZpFzs89GXWQE7oh97HOR1oBa5K6cU+L5mEm31Sn
uEQRcjmhzCKhHhj4K0lCMNadlDlX46UwVrR5tPxjkSeSc+rKmkwDOA1VqaLLYVCG
fNeWkr/eIGU7qrizDisFmH5wrCtOzkIXukJdpOZYTjS6nR5Mx/XeHl8OAUdUE4Q9
vfCwbmNE8zYP+5NTkVMBwA6o+ZBBrO77PGWDQvKJDm6mdV/bhEhAQ5kajeoug4AW
SNHIw0UYxWclRehDftmRKI4Z4yAU6pezZxOmBzjnyc+SB4e+nfdi3Fvsq3uZMB6s
vJCEfodoL9N+BJDhTiejqCVw848CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR8IGPW
clQicZdf9P5dEM2tHpbGpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwZGNlNjYtYzBmZC00MGY0LTlhMDktMDAxNWQ2YmYyNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
wDANBgkqhkiG9w0BAQsFAAOCAQEASiXRYbcIvylq98bCcSkCkaaXYYbP8elAFgLW
FjdrRADZFpEw/G00OqY565xlJfegv8IFZi4UtkePLTwa9NY3+Eftsr1sNMKxV3Gw
7BDGsoHxuOCCJwb6uDbI9Yg6F6FkpsWbPCa5+axDtDweNrsqvvctvj9o7bzh6Ijb
aP4OGeWetIkE6cCi51myuJxc/ZiowELb8brsDKaYaEbkEZ6zQdk40mVFZGEy2AaB
IYgmWaGJFVCiFKZmclCSD/D6zRRb6Y25RGHiAzuZ9gvWZDkSZ5xs6v22ZFxDredT
TL7QbT9ec4l4EqbDNAZEKMIr2jvgjA4UOi6Jy2M3myZ3HRfb5g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:51 2025 by rpki-client