Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
File: 8615f258-46a8-450c-972c-84b27581bb43.roa (raw, json)
Hash identifier: jIu05i4JaH/Vq6IESRtWZ0VtAsW6OB1/U+0xxiYr26E=
Subject key identifier: 57:CC:5C:E4:33:F5:79:FA:E6:25:34:02:1B:15:40:25:74:A5:A8:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68FCABF6AA56077B4E9E97CE71DD1993698F157D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:fc:ab:f6:aa:56:07:7b:4e:9e:97:ce:71:dd:19:93:69:8f:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6071130279c2cf7fc960558bf9c4fbdd1bdfd3b1952f505dbca2d542498ef19d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:82:b0:fe:0e:84:b1:75:d6:f6:57:37:43:18:
5e:cf:69:af:ef:27:f4:4e:17:ad:da:a4:8e:95:e7:
4e:7e:f7:fc:95:d3:4b:f6:79:ab:63:0f:f0:3d:58:
f0:b8:81:56:f1:72:c3:e4:d8:a2:0a:49:91:2e:c5:
e3:1f:63:c7:81:31:58:d3:1a:c2:62:b7:b4:46:8c:
26:97:6c:fe:9a:33:09:9e:c9:ec:56:5f:f0:a0:14:
ef:47:58:ab:2e:d7:5a:aa:69:e2:a7:d5:a4:06:07:
6b:c4:a9:40:79:6c:05:40:3f:98:96:79:77:11:51:
ea:b5:5f:59:82:0f:be:bb:1e:5f:3c:1c:ea:32:c5:
6b:7c:12:2f:f0:f3:bd:b3:85:b3:6e:d2:d1:90:47:
17:c6:bc:f6:bc:3d:cd:50:49:0a:a8:26:fd:6b:ec:
cc:6b:6a:a2:68:7a:64:35:94:0e:1c:33:cf:a6:fc:
cd:be:67:3c:2e:01:6b:06:91:9a:28:17:ef:e1:86:
a1:f9:8e:a1:cb:e8:8f:0f:fa:ee:0a:3d:c8:81:a4:
19:ea:f2:50:3d:4a:63:5a:cb:24:a4:6e:dc:a0:72:
7e:77:38:43:ae:e7:0d:28:d4:03:24:fd:d7:c3:fa:
53:49:3b:cd:49:39:33:97:b9:85:48:b2:18:f8:d6:
d8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CC:5C:E4:33:F5:79:FA:E6:25:34:02:1B:15:40:25:74:A5:A8:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/36
Signature Algorithm: sha256WithRSAEncryption
16:ab:77:a5:de:30:1c:c6:f5:20:2c:e0:99:7e:eb:61:b9:b8:
fc:79:4c:40:13:9e:88:cb:e7:03:f1:9d:c0:6a:fe:fd:23:ad:
a4:b3:c3:c0:68:8c:e6:02:5a:de:1b:1b:87:51:2c:d1:11:1e:
96:c6:05:5f:ac:d4:f9:2b:a9:5e:ae:29:14:e9:52:54:05:bf:
ed:98:c7:51:e2:b1:ce:f9:5c:22:d7:37:23:c1:46:0d:71:15:
ca:9d:e8:ed:93:78:cd:87:e6:1a:3e:df:eb:0e:d8:e7:25:ca:
51:f4:57:0a:fc:e5:b2:f9:4e:f1:56:0c:1e:ef:ce:31:21:f0:
d4:a7:20:39:eb:79:6e:01:8e:4c:dc:40:a3:fc:61:6e:31:75:
36:2b:fe:66:6f:d1:96:1d:d8:c9:d5:28:84:77:34:a7:2f:f5:
cc:6f:37:40:3b:bf:2b:ae:10:e9:37:d7:95:b3:10:d1:e0:2f:
25:c1:d6:bc:6c:53:47:93:fc:e0:86:48:dc:1b:ba:ee:91:81:
84:23:24:c8:8e:81:20:ba:5d:c9:f7:b7:71:c7:8f:e6:b8:4c:
60:42:af:f7:59:33:88:71:4d:93:38:cb:20:c2:ad:d0:ab:cd:
1d:d5:15:59:3e:07:c7:9f:6d:ab:36:bb:28:c4:46:26:88:7d:
82:ae:e0:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaPyr9qpWB3tOnpfOcd0Zk2mPFX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwNzExMzAyNzljMmNmN2ZjOTYwNTU4YmY5YzRmYmRkMWJkZmQzYjE5NTJm
NTA1ZGJjYTJkNTQyNDk4ZWYxOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO+CsP4OhLF11vZXN0MYXs9pr+8n9E4XrdqkjpXnTn73/JXTS/Z5q2MP8D1Y
8LiBVvFyw+TYogpJkS7F4x9jx4ExWNMawmK3tEaMJpds/pozCZ7J7FZf8KAU70dY
qy7XWqpp4qfVpAYHa8SpQHlsBUA/mJZ5dxFR6rVfWYIPvrseXzwc6jLFa3wSL/Dz
vbOFs27S0ZBHF8a89rw9zVBJCqgm/WvszGtqomh6ZDWUDhwzz6b8zb5nPC4BawaR
migX7+GGofmOocvojw/67go9yIGkGeryUD1KY1rLJKRu3KByfnc4Q67nDSjUAyT9
18P6U0k7zUk5M5e5hUiyGPjW2JMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXzFzk
M/V5+uYlNAIbFUAldKWowjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODYxNWYyNTgtNDZhOC00NTBjLTk3MmMtODRiMjc1ODFiYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWq3el3jAcxvUgLOCZfuthubj8eUxAE56Iy+cD
8Z3Aav79I62ks8PAaIzmAlreGxuHUSzRER6WxgVfrNT5K6lerikU6VJUBb/tmMdR
4rHO+Vwi1zcjwUYNcRXKnejtk3jNh+YaPt/rDtjnJcpR9FcK/OWy+U7xVgwe784x
IfDUpyA563luAY5M3ECj/GFuMXU2K/5mb9GWHdjJ1SiEdzSnL/XMbzdAO78rrhDp
N9eVsxDR4C8lwda8bFNHk/zghkjcG7rukYGEIyTIjoEgul3J97dxx4/muExgQq/3
WTOIcU2TOMsgwq3Qq80d1RVZPgfHn22rNrsoxEYmiH2CruB0
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:52 2025 by rpki-client