Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: FCrpGutS9q5r1SKL1atQ042jcv6NgdkMqMID4SqerYQ=
Subject key identifier: D7:9B:56:F7:A1:A0:38:A9:66:9F:8A:68:4E:AF:96:68:A3:E1:DA:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C5D185B77F18A218F7EBC79AF4EFD80F8F0D607
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:5d:18:5b:77:f1:8a:21:8f:7e:bc:79:af:4e:fd:80:f8:f0:d6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=86239c0f974a93e3ecb193750bf320475a541d6dcab9b9a42cc68f693da94fc6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:24:2c:8b:c3:ab:84:f0:32:f9:40:b0:74:a6:
06:50:e5:86:80:52:03:eb:df:5e:27:00:bb:9f:f4:
22:31:b3:a1:c9:ee:43:85:63:5c:71:18:3c:96:12:
38:fd:35:73:4b:68:e1:d8:c8:ef:ea:42:2d:24:6d:
72:58:b5:ce:dc:5a:ff:60:bf:1a:33:5b:16:19:e0:
85:37:02:64:5f:a5:c8:40:b6:e0:52:5d:97:9b:52:
d6:4c:d8:0d:e0:22:78:9b:4f:f8:73:d2:fa:02:b6:
7f:7b:2b:9f:b5:1a:dc:09:14:74:c0:7e:c4:1a:02:
d1:8f:ac:80:71:64:0f:5a:2c:4c:e0:13:83:75:6f:
ce:f5:ed:8f:6b:9f:d3:2b:ab:1b:95:97:1a:55:04:
33:02:97:5e:43:f8:cb:22:87:22:2e:ca:a1:7c:90:
15:a3:96:d6:bd:53:e9:95:6d:4e:62:a0:39:e2:23:
e8:fd:4b:bb:2f:ee:8a:07:84:53:d5:76:e5:bd:ed:
16:6b:b7:a6:d6:d5:16:5b:c3:39:94:24:f2:d3:69:
ff:30:81:69:6a:80:22:2e:ff:af:66:5e:41:28:15:
a8:bd:28:9c:3e:c2:60:19:3a:31:be:36:b1:0a:b7:
5d:8f:15:85:96:c7:7b:55:f9:c8:48:26:4a:f1:dc:
ca:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9B:56:F7:A1:A0:38:A9:66:9F:8A:68:4E:AF:96:68:A3:E1:DA:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
76:0f:8f:eb:c3:59:6e:32:b0:c7:d5:45:48:7c:a2:4d:3b:7c:
ea:42:09:ff:16:4c:b7:11:aa:aa:ee:79:75:34:a9:94:96:f7:
c6:d3:64:a7:a8:c8:7d:08:7c:8e:8a:4e:a9:95:7c:9d:f9:37:
76:dc:ef:d4:22:e5:4d:d3:d4:af:b3:58:96:9c:81:af:f1:c5:
96:54:3a:46:2f:79:f3:cc:fa:61:7f:c8:a3:07:3d:60:af:d5:
cc:b6:7c:2c:0b:d1:95:cf:7f:b7:7d:da:b5:95:e0:ee:cf:42:
66:fd:d1:63:8b:9f:87:27:87:34:1e:f8:3c:e5:32:93:c8:7c:
5f:a9:c9:d5:3e:f4:cd:4e:8f:09:c5:1b:6a:07:36:15:94:67:
cf:ba:40:fb:a2:52:cc:aa:8b:bd:c1:66:0a:57:50:50:b3:16:
8f:ef:0b:bd:7c:67:f7:10:b7:26:e9:8f:0f:fc:55:fe:83:dc:
10:d4:da:30:9d:8e:72:99:b4:74:1c:77:7b:55:11:65:0c:ff:
fe:80:b5:84:a3:7c:b5:25:5a:ab:47:17:55:28:e7:35:0a:d8:
65:5e:c4:06:dd:76:e9:24:ca:e5:e9:25:34:f6:6b:19:dd:47:
e6:c4:2e:9f:49:f6:1f:2d:2f:1a:74:8d:43:64:dd:d4:4d:79:
a4:3a:68:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTF0YW3fxiiGPfrx5r079gPjw1gcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MjM5YzBmOTc0YTkzZTNlY2IxOTM3NTBiZjMyMDQ3NWE1NDFkNmRjYWI5
YjlhNDJjYzY4ZjY5M2RhOTRmYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8kLIvDq4TwMvlAsHSmBlDlhoBSA+vfXicAu5/0IjGzocnuQ4VjXHEYPJYS
OP01c0to4djI7+pCLSRtcli1ztxa/2C/GjNbFhnghTcCZF+lyEC24FJdl5tS1kzY
DeAieJtP+HPS+gK2f3srn7Ua3AkUdMB+xBoC0Y+sgHFkD1osTOATg3VvzvXtj2uf
0yurG5WXGlUEMwKXXkP4yyKHIi7KoXyQFaOW1r1T6ZVtTmKgOeIj6P1Luy/uigeE
U9V25b3tFmu3ptbVFlvDOZQk8tNp/zCBaWqAIi7/r2ZeQSgVqL0onD7CYBk6Mb42
sQq3XY8VhZbHe1X5yEgmSvHcymUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTXm1b3
oaA4qWafimhOr5Zoo+HaJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQB2D4/rw1luMrDH1UVIfKJNO3zqQgn/Fky3Eaqq
7nl1NKmUlvfG02SnqMh9CHyOik6plXyd+Td23O/UIuVN09Svs1iWnIGv8cWWVDpG
L3nzzPphf8ijBz1gr9XMtnwsC9GVz3+3fdq1leDuz0Jm/dFji5+HJ4c0Hvg85TKT
yHxfqcnVPvTNTo8JxRtqBzYVlGfPukD7olLMqou9wWYKV1BQsxaP7wu9fGf3ELcm
6Y8P/FX+g9wQ1NownY5ymbR0HHd7VRFlDP/+gLWEo3y1JVqrRxdVKOc1CthlXsQG
3XbpJMrl6SU09msZ3UfmxC6fSfYfLS8adI1DZN3UTXmkOmie
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:57 2025 by rpki-client