Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
File: 7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa (raw, json)
Hash identifier: 9sus9gmF6voKi6djALWSgxj/eTapREC7+kEWRbxWIyM=
Subject key identifier: 01:39:F8:03:AE:9E:84:AD:FE:AF:31:36:D4:56:19:C3:D7:1C:52:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A21EFD0E80904FF611A106277DF656A0D6CD70E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:21:ef:d0:e8:09:04:ff:61:1a:10:62:77:df:65:6a:0d:6c:d7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=89136d0b775e6f81f64e6597cc7a050eaec2a9aa5c71d9f2785004408389fe66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e8:83:56:89:25:c0:06:4c:1d:df:4e:74:ef:
7a:60:f1:3c:7f:50:62:68:16:f4:ff:52:48:eb:3f:
0e:25:c7:80:21:7f:92:e2:b9:28:81:d4:cd:9d:a5:
7b:80:1e:e8:ae:23:21:e8:c0:ef:0c:27:83:b0:a1:
7f:0a:45:d5:8b:f4:59:1d:ea:0b:03:cc:1f:21:da:
8f:24:9b:9b:18:71:b6:37:4a:ed:4f:4e:d8:7c:1a:
86:bf:b4:ed:04:f2:3d:e0:0a:34:00:ec:f0:61:f1:
c9:33:67:ab:34:15:c0:81:53:ee:63:c1:62:3e:be:
6e:6c:a8:d8:cc:1d:04:4c:a5:d7:91:7a:ac:53:f7:
9e:03:1a:1f:6f:d6:46:cc:e1:8a:60:18:8f:8d:db:
98:8e:a6:6a:1b:74:7f:31:d6:89:f4:05:ff:86:8b:
5e:68:97:b9:e8:68:2c:09:ca:5b:23:66:6d:d8:ef:
df:82:1f:b7:c9:bb:3c:da:e6:9c:36:1b:64:df:4d:
1a:77:92:a4:b2:f8:35:61:21:33:d8:d7:f5:d4:56:
84:62:53:5a:d7:3a:cd:62:ce:c4:89:9f:22:81:92:
ba:42:31:e3:f0:e6:80:1d:68:af:52:d6:43:03:d5:
72:4d:f1:80:ff:3e:ac:07:9d:fd:cf:a8:35:7e:d9:
86:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:39:F8:03:AE:9E:84:AD:FE:AF:31:36:D4:56:19:C3:D7:1C:52:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027::/36
Signature Algorithm: sha256WithRSAEncryption
0d:45:0a:a4:91:8f:66:e1:f6:2b:57:15:4f:86:19:a7:32:1e:
92:19:fa:90:50:e5:b8:85:ea:23:e5:4e:9e:7f:92:a5:5f:c0:
40:7a:ef:bf:c9:d1:a9:ad:cf:85:7b:ad:1a:93:07:66:92:d0:
c6:83:50:65:d4:d8:d6:36:aa:6c:fa:b3:d5:2d:2d:53:34:db:
7e:b3:bb:72:44:e0:87:45:50:48:1c:c1:f7:28:f9:50:42:58:
b2:e6:c9:8b:4c:5c:c0:24:9a:02:9b:df:ed:91:7b:d7:1b:78:
79:73:fa:81:90:72:a8:e0:6a:16:3d:40:db:9e:37:4b:1d:87:
18:70:30:32:3e:ff:e0:ae:04:2b:79:1d:4a:a4:d8:aa:34:13:
a7:a3:49:2d:94:56:18:a5:91:5d:3e:84:c2:f6:f0:df:e6:e8:
6a:b8:80:19:17:13:22:ea:87:40:f2:d5:fd:a6:42:48:d7:97:
b6:11:89:39:2c:3e:0b:4c:39:65:94:9e:5f:59:1c:2d:4d:e6:
41:e4:7c:18:87:84:8c:0d:d9:55:6f:44:55:f3:f5:0f:34:cc:
52:41:4e:b1:14:0b:67:ea:ea:ce:ad:d4:41:bb:a2:9c:9c:8d:
97:42:31:18:aa:61:3e:33:88:a4:58:e3:c7:eb:24:5a:b1:b9:
51:f2:c5:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeiHv0OgJBP9hGhBid99lag1s1w4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MTM2ZDBiNzc1ZTZmODFmNjRlNjU5N2NjN2EwNTBlYWVjMmE5YWE1Yzcx
ZDlmMjc4NTAwNDQwODM4OWZlNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrog1aJJcAGTB3fTnTvemDxPH9QYmgW9P9SSOs/DiXHgCF/kuK5KIHUzZ2l
e4Ae6K4jIejA7wwng7ChfwpF1Yv0WR3qCwPMHyHajySbmxhxtjdK7U9O2Hwahr+0
7QTyPeAKNADs8GHxyTNnqzQVwIFT7mPBYj6+bmyo2MwdBEyl15F6rFP3ngMaH2/W
RszhimAYj43bmI6maht0fzHWifQF/4aLXmiXuehoLAnKWyNmbdjv34Ift8m7PNrm
nDYbZN9NGneSpLL4NWEhM9jX9dRWhGJTWtc6zWLOxImfIoGSukIx4/DmgB1or1LW
QwPVck3xgP8+rAed/c+oNX7ZhikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBOfgD
rp6Erf6vMTbUVhnD1xxSpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JjYmY5ZjMtN2E2My00MmEyLTliNTgtNGMwYzEwZmMzNGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA
MA0GCSqGSIb3DQEBCwUAA4IBAQANRQqkkY9m4fYrVxVPhhmnMh6SGfqQUOW4heoj
5U6ef5KlX8BAeu+/ydGprc+Fe60akwdmktDGg1Bl1NjWNqps+rPVLS1TNNt+s7ty
ROCHRVBIHMH3KPlQQliy5smLTFzAJJoCm9/tkXvXG3h5c/qBkHKo4GoWPUDbnjdL
HYcYcDAyPv/grgQreR1KpNiqNBOno0ktlFYYpZFdPoTC9vDf5uhquIAZFxMi6odA
8tX9pkJI15e2EYk5LD4LTDlllJ5fWRwtTeZB5HwYh4SMDdlVb0RV8/UPNMxSQU6x
FAtn6urOrdRBu6KcnI2XQjEYqmE+M4ikWOPH6yRasblR8sUv
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:15 2025 by rpki-client