Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
File: 84b89066-b432-45c3-befb-ffa2b4be3b71.roa (raw, json)
Hash identifier: 0vdQAhebFc13rKQKW0gyW03VDtNa4SoZWBWPCRzCGuU=
Subject key identifier: E2:C9:30:86:D3:52:FC:DB:DE:59:51:73:BB:4A:89:DF:45:87:C7:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28C0CCC1AA504B426D7CEB15B96D8039B9DA45F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:c0:cc:c1:aa:50:4b:42:6d:7c:eb:15:b9:6d:80:39:b9:da:45:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=b1204e0aa6a7ab1a1f27c5831d788e653eb4a56ed390988ee63abc4259c94960, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4f:22:05:9a:97:f2:b0:71:7b:86:59:7e:e5:
ee:34:62:e4:a6:78:21:5d:10:d4:59:38:88:e3:09:
f5:28:f4:5a:c5:e2:ff:bf:8b:24:8c:38:79:67:86:
b9:05:99:ac:b7:14:32:47:bd:5b:45:4f:f1:22:ab:
83:96:8b:6c:0b:33:01:c2:5f:98:cb:73:66:ce:e6:
67:09:e3:8a:6e:24:89:41:d8:e7:7e:f0:46:f0:b7:
73:4a:fe:ae:7b:62:f5:2b:a4:65:c8:ab:22:3a:0a:
49:8b:73:01:41:a6:78:d7:93:9c:2b:93:73:23:e9:
2c:8c:3c:c1:c8:0c:52:c0:f1:32:90:11:87:c9:3e:
13:fa:c8:76:a9:58:f1:06:4e:3b:fb:51:2c:07:64:
4b:41:1d:24:66:5d:0a:bf:ae:cc:9c:99:34:d7:b0:
62:d8:67:cb:9f:1e:d4:c1:46:04:35:44:85:ef:c7:
dc:36:c8:40:a1:a2:8b:08:e8:22:f6:fc:85:19:37:
6b:31:c0:69:71:1e:0a:87:43:2d:6d:cb:0b:68:83:
fe:62:48:d3:43:fc:4d:04:11:ad:de:88:6f:28:de:
c9:57:22:d5:e8:1e:4b:66:57:44:9f:b1:7e:bb:b9:
69:9d:56:a8:d3:ad:21:bd:87:70:8f:6a:6e:47:fb:
1d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C9:30:86:D3:52:FC:DB:DE:59:51:73:BB:4A:89:DF:45:87:C7:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:4000::/40
Signature Algorithm: sha256WithRSAEncryption
49:14:7f:ac:6a:25:e6:a7:7d:8a:8f:80:28:13:11:e0:b3:41:
80:4e:7a:a0:5a:a4:25:3a:b8:2e:39:00:d8:2a:58:c7:3e:10:
eb:b5:90:fb:da:31:9d:80:34:a2:f4:1f:96:06:cf:5a:b7:19:
35:1b:66:75:ea:60:63:5b:fb:ab:ad:30:5d:f4:6a:9e:a0:c7:
b3:db:f1:09:17:99:63:2b:61:68:1f:fd:ab:56:8d:af:46:09:
fa:23:34:b5:ad:e1:c3:12:53:05:ec:78:25:f3:bf:60:15:92:
56:80:53:e5:36:4b:08:8f:3f:96:a8:cd:cb:44:5d:8a:5d:3e:
af:ad:fa:76:e9:49:e2:e4:a3:d0:b3:b0:94:c5:04:fe:c4:30:
52:dc:fa:ca:52:64:bd:ff:ad:cb:f4:ac:43:7f:1b:58:51:5e:
71:de:53:85:2c:da:a0:43:ff:8e:c0:b9:d7:21:21:fe:17:45:
ab:ab:62:78:10:c9:75:2e:96:71:99:81:a0:28:e9:d6:0c:8e:
68:e6:bd:5f:6a:8d:dd:4d:c0:84:b3:5b:3a:f9:bf:88:be:73:
98:c7:06:4b:d5:d5:89:4c:c0:c4:3a:63:ab:5d:a2:6f:35:ef:
25:f6:65:9b:2e:52:40:4c:ac:19:ec:a9:e3:57:70:5b:7b:9f:
d6:0f:f8:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKMDMwapQS0JtfOsVuW2AObnaRfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMjA0ZTBhYTZhN2FiMWExZjI3YzU4MzFkNzg4ZTY1M2ViNGE1NmVkMzkw
OTg4ZWU2M2FiYzQyNTljOTQ5NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5PIgWal/KwcXuGWX7l7jRi5KZ4IV0Q1Fk4iOMJ9Sj0WsXi/7+LJIw4eWeG
uQWZrLcUMke9W0VP8SKrg5aLbAszAcJfmMtzZs7mZwnjim4kiUHY537wRvC3c0r+
rnti9SukZcirIjoKSYtzAUGmeNeTnCuTcyPpLIw8wcgMUsDxMpARh8k+E/rIdqlY
8QZOO/tRLAdkS0EdJGZdCr+uzJyZNNewYthny58e1MFGBDVEhe/H3DbIQKGiiwjo
Ivb8hRk3azHAaXEeCodDLW3LC2iD/mJI00P8TQQRrd6IbyjeyVci1egeS2ZXRJ+x
fru5aZ1WqNOtIb2HcI9qbkf7HXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiyTCG
01L8295ZUXO7SonfRYfHAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRiODkwNjYtYjQzMi00NWMzLWJlZmItZmZhMmI0YmUzYjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJFH+saiXmp32Kj4AoExHgs0GATnqgWqQlOrgu
OQDYKljHPhDrtZD72jGdgDSi9B+WBs9atxk1G2Z16mBjW/urrTBd9GqeoMez2/EJ
F5ljK2FoH/2rVo2vRgn6IzS1reHDElMF7Hgl879gFZJWgFPlNksIjz+WqM3LRF2K
XT6vrfp26Uni5KPQs7CUxQT+xDBS3PrKUmS9/63L9KxDfxtYUV5x3lOFLNqgQ/+O
wLnXISH+F0Wrq2J4EMl1LpZxmYGgKOnWDI5o5r1fao3dTcCEs1s6+b+IvnOYxwZL
1dWJTMDEOmOrXaJvNe8l9mWbLlJATKwZ7KnjV3Bbe5/WD/jk
-----END CERTIFICATE-----
Generated at Fri May 2 18:59:01 2025 by rpki-client