Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
File: 89a57214-0fc2-48c6-99d6-19852ea7a30e.roa (raw, json)
Hash identifier: 4H6Vhnv4HuYgxi+ROSmjIGw4BloisP9k+N8bTM3PBK8=
Subject key identifier: AD:41:18:5C:D5:CE:AA:02:74:C5:B3:31:97:DD:B1:7B:DA:24:0E:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06D159E9975E116566F0C4B7D0D6595BEA569E60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:d1:59:e9:97:5e:11:65:66:f0:c4:b7:d0:d6:59:5b:ea:56:9e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=20440a41fb73bf0155a33b7109bd4acef20e489eaa26ec3d37f47f3df18f68e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5b:4d:05:b1:54:79:77:2b:b3:80:d1:ef:b8:
2b:ad:d3:5a:56:6e:16:a1:06:26:02:da:19:67:d8:
ba:2f:c1:ce:d6:e7:39:37:15:25:b7:af:77:8e:7c:
95:df:dc:64:4e:89:a5:5e:6e:bc:1e:02:42:eb:9d:
6a:93:35:cd:1f:81:29:c3:19:fa:7f:17:a2:16:5e:
da:7d:ee:f0:76:47:9d:db:ba:ae:9f:3b:22:66:9e:
be:15:b2:24:f4:db:51:67:6e:24:c7:09:37:5c:ea:
3c:8a:d5:e8:5a:e1:c1:30:5b:d6:33:45:09:ce:85:
9f:f4:75:45:d0:46:fa:fc:d3:53:31:a9:05:8b:ec:
20:62:70:37:79:0c:f1:ee:d9:3d:90:83:a2:55:52:
5c:d9:87:67:ab:ca:6b:45:9e:01:91:4c:ac:9c:40:
32:9e:26:b3:59:de:91:df:8b:86:48:4d:cf:b8:ba:
85:2f:29:43:22:c5:29:f9:0e:b6:76:13:26:44:dd:
29:db:3e:a3:ad:6e:76:63:ae:7a:f2:5e:42:5f:99:
d9:5e:ff:ef:f2:f1:68:54:d9:9c:9d:a2:06:98:e6:
a4:1d:8e:ca:ed:57:71:82:46:37:54:42:dc:b8:0a:
e6:d0:c3:4c:2e:3d:6d:1b:7c:28:9b:9c:5f:f1:75:
b3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:41:18:5C:D5:CE:AA:02:74:C5:B3:31:97:DD:B1:7B:DA:24:0E:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1080::/48
Signature Algorithm: sha256WithRSAEncryption
5c:0e:09:59:8d:55:5d:ea:ca:2f:3e:46:65:bc:76:55:77:93:
92:d5:3e:6b:d7:14:a9:e7:27:2e:79:05:03:36:01:9c:f2:b8:
3a:7b:a2:8b:15:15:96:af:d7:da:d7:58:c5:0e:29:e9:de:6f:
ad:fc:de:0e:7b:6a:7f:a0:f4:1b:de:94:19:c2:7a:cb:71:d1:
06:9f:90:42:30:9f:a4:d6:20:9d:f4:dd:7c:4b:09:2f:9d:b3:
8e:32:2f:2c:90:f4:f2:b2:75:7b:c0:84:d8:f4:33:68:e6:1c:
67:ff:df:61:ca:24:11:0e:c3:78:a4:83:39:65:6e:b9:0e:a8:
4f:58:91:78:f1:14:35:47:0d:4a:8b:83:e1:df:7f:60:e7:7a:
65:58:73:a3:49:96:c5:50:30:67:2d:31:b5:8e:b4:36:fd:08:
1d:d6:98:f1:cc:0b:9c:cc:1a:03:ca:e1:cd:43:44:cb:58:7b:
5c:df:af:4d:a1:8a:db:6f:9d:eb:6c:f0:ed:51:0f:81:04:db:
e2:c8:fa:43:2e:6b:d9:70:d7:29:1d:79:3d:44:f9:97:24:73:
70:bb:ce:ab:f6:b4:9c:6f:e6:f2:2c:31:90:5b:17:0e:d0:3e:
9f:e6:52:be:7d:34:9b:ca:1e:d8:25:3a:d0:27:2b:47:39:67:
62:41:74:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBtFZ6ZdeEWVm8MS30NZZW+pWnmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwNDQwYTQxZmI3M2JmMDE1NWEzM2I3MTA5YmQ0YWNlZjIwZTQ4OWVhYTI2
ZWMzZDM3ZjQ3ZjNkZjE4ZjY4ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVbTQWxVHl3K7OA0e+4K63TWlZuFqEGJgLaGWfYui/BztbnOTcVJbevd458
ld/cZE6JpV5uvB4CQuudapM1zR+BKcMZ+n8XohZe2n3u8HZHndu6rp87ImaevhWy
JPTbUWduJMcJN1zqPIrV6FrhwTBb1jNFCc6Fn/R1RdBG+vzTUzGpBYvsIGJwN3kM
8e7ZPZCDolVSXNmHZ6vKa0WeAZFMrJxAMp4ms1nekd+LhkhNz7i6hS8pQyLFKfkO
tnYTJkTdKds+o61udmOuevJeQl+Z2V7/7/LxaFTZnJ2iBpjmpB2Oyu1XcYJGN1RC
3LgK5tDDTC49bRt8KJucX/F1s8cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStQRhc
1c6qAnTFszGX3bF72iQOMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODlhNTcyMTQtMGZjMi00OGM2LTk5ZDYtMTk4NTJlYTdhMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAXA4JWY1VXerKLz5GZbx2VXeTktU+a9cUqecn
LnkFAzYBnPK4OnuiixUVlq/X2tdYxQ4p6d5vrfzeDntqf6D0G96UGcJ6y3HRBp+Q
QjCfpNYgnfTdfEsJL52zjjIvLJD08rJ1e8CE2PQzaOYcZ//fYcokEQ7DeKSDOWVu
uQ6oT1iRePEUNUcNSouD4d9/YOd6ZVhzo0mWxVAwZy0xtY60Nv0IHdaY8cwLnMwa
A8rhzUNEy1h7XN+vTaGK22+d62zw7VEPgQTb4sj6Qy5r2XDXKR15PUT5lyRzcLvO
q/a0nG/m8iwxkFsXDtA+n+ZSvn00m8oe2CU60CcrRzlnYkF0jA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:41 2025 by rpki-client