Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: 3eDgMBwiA4nxyX+BDevzDsI8vYYF2qFhEoN510Y0x8E=
Subject key identifier: 55:07:49:3F:94:1A:C2:6E:80:81:79:A1:96:4D:72:39:C0:4E:4C:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 425D51F351089328E31B885E9933D276A848691C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:5d:51:f3:51:08:93:28:e3:1b:88:5e:99:33:d2:76:a8:48:69:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0fa3bc69965f099fb2ea375b2edbc9ce2da13c469b220be1b274f9e84d86a428, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6b:80:f6:d3:8e:3f:8c:de:be:46:12:83:48:
3e:43:17:ee:9f:e1:55:e2:4e:99:77:31:2f:3d:70:
2b:4b:3e:23:41:fb:16:33:f5:7d:01:2e:cb:45:39:
a8:a0:bd:de:95:a8:6c:5d:fc:ad:60:e0:55:c5:f3:
c7:80:28:5c:b2:17:27:11:f7:02:c7:9a:23:30:aa:
27:c1:ac:4f:c6:52:3f:3f:57:02:08:f2:11:01:d4:
88:0b:2d:05:e1:0e:3b:bc:87:1e:0a:77:5f:ab:3c:
cb:1b:5a:10:d7:65:2a:70:de:74:cf:fb:f3:c4:47:
b9:92:fa:1f:9b:fa:8b:64:23:45:48:8f:42:6b:f8:
8c:62:7b:19:fa:cc:c6:5b:f0:9a:b7:7d:af:d8:bb:
58:ce:42:c8:1b:df:cc:5d:b4:a6:73:cf:5d:88:a9:
cc:f7:02:a2:32:43:60:b6:da:52:ff:89:08:9f:da:
87:e8:47:9b:34:94:0b:74:55:98:c3:ef:6c:ef:fa:
1b:ba:65:9b:f0:62:8f:3b:43:e6:28:00:47:0b:b2:
13:3f:da:1c:0f:ae:ef:29:c7:c5:64:d3:dc:11:93:
63:5e:5c:9f:dd:30:75:e8:13:5f:fd:c5:2c:84:14:
b8:1e:ab:58:e5:02:39:c3:a8:36:c9:c9:21:39:f0:
44:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:07:49:3F:94:1A:C2:6E:80:81:79:A1:96:4D:72:39:C0:4E:4C:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
ab:c1:59:9a:11:73:ac:41:eb:73:2b:d1:30:cb:57:0a:b4:25:
c9:ab:c7:70:e4:25:31:0e:16:c4:73:4b:a3:3f:08:09:3a:dd:
41:80:4d:c5:be:83:8d:4a:d5:f3:fd:f7:e2:f3:41:2d:6a:0f:
87:54:31:a2:93:a6:8d:26:4c:7b:dd:97:05:43:1e:f2:28:d0:
ee:4b:43:c6:8f:3c:34:c3:05:e6:7f:b7:4d:f4:77:a0:14:be:
bd:94:85:3a:fb:0f:8c:5b:32:61:9a:1a:ac:e4:4e:22:48:43:
a7:25:37:ee:ad:23:a1:d9:2a:93:8d:5d:b4:eb:70:be:8c:70:
17:f6:ef:54:ad:b8:25:0a:36:c5:40:90:db:32:89:4e:6a:be:
ef:5d:57:ee:13:a9:ec:c3:08:58:64:d9:37:74:39:29:dc:bc:
21:2e:00:f2:f7:95:d4:34:3d:61:59:98:13:55:48:90:88:2f:
32:66:b2:b3:3f:1f:cc:5e:78:84:ad:d3:9a:cf:07:19:b6:4d:
67:c6:c7:8b:87:6c:b1:9a:24:b9:e3:f2:10:b7:35:d5:9c:c9:
1d:ea:cd:14:fc:37:3a:36:c4:f8:f3:1b:fd:02:df:35:15:e5:
de:85:cc:34:ea:e5:ab:44:99:d6:0e:b3:df:b9:fd:40:93:d9:
a7:a6:fc:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQl1R81EIkyjjG4hemTPSdqhIaRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmYTNiYzY5OTY1ZjA5OWZiMmVhMzc1YjJlZGJjOWNlMmRhMTNjNDY5YjIy
MGJlMWIyNzRmOWU4NGQ4NmE0MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlrgPbTjj+M3r5GEoNIPkMX7p/hVeJOmXcxLz1wK0s+I0H7FjP1fQEuy0U5
qKC93pWobF38rWDgVcXzx4AoXLIXJxH3AseaIzCqJ8GsT8ZSPz9XAgjyEQHUiAst
BeEOO7yHHgp3X6s8yxtaENdlKnDedM/788RHuZL6H5v6i2QjRUiPQmv4jGJ7GfrM
xlvwmrd9r9i7WM5CyBvfzF20pnPPXYipzPcCojJDYLbaUv+JCJ/ah+hHmzSUC3RV
mMPvbO/6G7plm/BijztD5igARwuyEz/aHA+u7ynHxWTT3BGTY15cn90wdegTX/3F
LIQUuB6rWOUCOcOoNsnJITnwRJcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVB0k/
lBrCboCBeaGWTXI5wE5MwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCrwVmaEXOsQetzK9Ewy1cKtCXJq8dw5CUxDhbE
c0ujPwgJOt1BgE3FvoONStXz/ffi80Etag+HVDGik6aNJkx73ZcFQx7yKNDuS0PG
jzw0wwXmf7dN9HegFL69lIU6+w+MWzJhmhqs5E4iSEOnJTfurSOh2SqTjV2063C+
jHAX9u9UrbglCjbFQJDbMolOar7vXVfuE6nswwhYZNk3dDkp3LwhLgDy95XUND1h
WZgTVUiQiC8yZrKzPx/MXniErdOazwcZtk1nxseLh2yxmiS54/IQtzXVnMkd6s0U
/Dc6NsT48xv9At81FeXehcw06uWrRJnWDrPfuf1Ak9mnpvx0
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:31 2025 by rpki-client