Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
File: 7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa (raw, json)
Hash identifier: FWMwFfQCw0e9UIUd04qLSUvWfE+sDvPRqBc0lqEJPXw=
Subject key identifier: B8:BD:8A:24:97:39:4C:CD:68:15:B2:70:A8:89:A3:AE:9C:FF:1D:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D444CCC3B8A97A5A719B46E99A69F470E0688F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:44:4c:cc:3b:8a:97:a5:a7:19:b4:6e:99:a6:9f:47:0e:06:88:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=6b3ca5d5614b0af1f8223c671e1400c17dcef492ae8300b9db4192fd08b12bdb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2c:9e:d2:1d:bc:de:df:c8:2b:19:0f:31:0a:
2b:57:56:25:8d:b7:a7:a5:cc:56:7b:a2:aa:94:42:
b2:b9:97:e8:24:82:d8:c2:15:4e:37:59:ba:b8:95:
48:fc:23:dd:f1:65:d2:2f:83:5e:1f:d5:98:f3:bb:
04:c2:08:d4:bf:92:dc:36:59:a2:0e:a4:13:a2:ed:
f0:2f:52:de:a3:ed:87:f9:12:c1:49:92:20:6c:c0:
6d:3a:21:ca:7b:39:f8:22:d9:b3:7f:1b:9f:4e:dc:
3e:84:bc:fd:84:c7:be:50:22:e3:56:1d:e6:c6:fc:
46:2b:57:84:3a:51:40:34:f4:12:9d:d0:7f:21:40:
35:e3:9d:7e:75:29:31:6f:14:1a:a3:25:f4:3e:bc:
63:49:c9:37:76:5d:ca:2b:25:03:a3:72:42:e9:aa:
48:10:c7:02:bf:a1:b2:3f:c9:c6:2c:04:0f:80:19:
46:a1:91:ec:de:24:fc:8b:af:5d:f1:2a:41:00:33:
04:84:a1:94:4e:c5:d3:fc:d5:71:39:c4:f2:2a:b5:
5e:b1:36:4e:70:e5:bc:3b:2a:80:26:cd:03:28:42:
82:26:2b:e6:5d:3a:57:10:7e:b1:63:0e:bf:28:20:
70:63:db:93:c6:3f:e5:d1:ed:5f:ca:9e:6a:3c:e0:
12:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BD:8A:24:97:39:4C:CD:68:15:B2:70:A8:89:A3:AE:9C:FF:1D:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
78:a9:7a:18:49:db:cd:cc:21:ae:69:4b:b8:91:c2:ec:59:83:
ac:ff:04:df:66:df:9e:e1:04:5a:d6:f5:f0:82:ef:bd:2b:2e:
13:85:50:c1:4e:b7:94:48:c5:cd:2c:9c:f9:d3:c5:3e:29:19:
f2:de:5e:f1:4c:bc:a5:cc:2f:cb:c4:87:3a:7c:17:83:31:94:
b4:75:f7:26:e6:2a:a7:e3:5f:93:3e:c3:ab:44:45:66:2e:a6:
78:36:45:63:0e:54:af:9b:e8:ce:06:d5:02:19:13:f6:6f:cb:
5e:d9:50:12:4b:a1:15:f5:06:9d:a2:f1:2f:76:1a:db:35:6b:
bb:ba:b0:5c:fe:98:51:cd:aa:d6:78:9e:45:54:e3:06:68:a5:
c1:0b:96:9b:10:66:03:30:8c:79:52:4f:1b:26:b0:6b:a1:99:
81:ba:3e:72:dc:72:59:45:a2:e2:e9:a4:ad:20:6e:cc:1f:17:
24:eb:c0:4f:46:cd:30:75:67:36:06:5a:13:81:71:c5:77:ad:
f3:8f:9d:13:e4:23:f9:88:98:4f:4a:e2:30:03:cd:51:1d:5d:
84:be:7c:6b:85:bf:f1:bf:24:d8:ad:9f:a1:d9:3f:1a:e2:ae:
4c:4b:e6:df:94:53:f9:15:87:d0:03:14:63:09:e4:1c:56:1f:
8d:00:1b:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULURMzDuKl6WnGbRumaafRw4GiPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiM2NhNWQ1NjE0YjBhZjFmODIyM2M2NzFlMTQwMGMxN2RjZWY0OTJhZTgz
MDBiOWRiNDE5MmZkMDhiMTJiZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMssntIdvN7fyCsZDzEKK1dWJY23p6XMVnuiqpRCsrmX6CSC2MIVTjdZuriV
SPwj3fFl0i+DXh/VmPO7BMII1L+S3DZZog6kE6Lt8C9S3qPth/kSwUmSIGzAbToh
yns5+CLZs38bn07cPoS8/YTHvlAi41Yd5sb8RitXhDpRQDT0Ep3QfyFANeOdfnUp
MW8UGqMl9D68Y0nJN3ZdyislA6NyQumqSBDHAr+hsj/JxiwED4AZRqGR7N4k/Iuv
XfEqQQAzBIShlE7F0/zVcTnE8iq1XrE2TnDlvDsqgCbNAyhCgiYr5l06VxB+sWMO
vyggcGPbk8Y/5dHtX8qeajzgEgECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4vYok
lzlMzWgVsnCoiaOunP8daTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JiZDI1YzgtMzQ2MC00Y2MwLWI3MWYtMjdkMDRlOTY0ZTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQB4qXoYSdvNzCGuaUu4kcLsWYOs/wTfZt+e4QRa
1vXwgu+9Ky4ThVDBTreUSMXNLJz508U+KRny3l7xTLylzC/LxIc6fBeDMZS0dfcm
5iqn41+TPsOrREVmLqZ4NkVjDlSvm+jOBtUCGRP2b8te2VASS6EV9QadovEvdhrb
NWu7urBc/phRzarWeJ5FVOMGaKXBC5abEGYDMIx5Uk8bJrBroZmBuj5y3HJZRaLi
6aStIG7MHxck68BPRs0wdWc2BloTgXHFd63zj50T5CP5iJhPSuIwA81RHV2Evnxr
hb/xvyTYrZ+h2T8a4q5MS+bflFP5FYfQAxRjCeQcVh+NABt6
-----END CERTIFICATE-----
Generated at Fri May 2 17:38:42 2025 by rpki-client