Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: RcpkgixXjlG9o8qXNQUbcVVOH7ZDNKDteNAqCygxOoQ=
Subject key identifier: 4F:E8:86:DC:96:42:DB:EF:88:04:07:97:7E:E1:60:40:0B:22:DD:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 379630ED697D9453C16CAC51E09D9C73E79209D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:96:30:ed:69:7d:94:53:c1:6c:ac:51:e0:9d:9c:73:e7:92:09:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=3c5585e9107c63c0b7cb9a81a20fccdd55ddd54978f295a98c5497925a0c5332, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:07:61:d3:65:46:9b:2e:e8:fa:66:c9:de:
72:4b:f2:06:65:b9:41:7e:0d:3d:ca:b3:43:ba:10:
0b:44:39:18:c8:60:65:c5:2f:3d:e3:07:07:38:43:
ed:a1:a2:32:af:75:9c:c6:8a:d2:f0:55:f4:ce:c2:
83:6d:63:dc:45:dc:a3:bd:75:01:06:9d:2e:b7:46:
e0:42:c5:0f:bd:04:2b:63:8d:60:fd:7d:c7:4e:aa:
dd:28:71:85:09:ef:83:ad:82:0b:ef:8a:b0:d8:7b:
fd:4e:15:56:1e:de:c2:ac:be:07:33:4f:b7:ef:cf:
61:f0:55:81:90:bc:1f:8c:41:2b:b4:a0:fd:b4:9c:
5c:64:a5:e7:77:07:f6:22:1d:4f:41:99:1f:3f:5f:
1b:00:f9:ba:01:1a:88:3c:cc:47:4a:e4:08:07:9e:
58:8e:6f:71:0d:98:92:88:d2:f8:d4:35:d2:7c:05:
6e:c9:1e:77:d7:68:c2:ca:4c:97:71:46:d1:32:7a:
a1:f7:ae:0c:cb:96:ab:b0:4a:24:b7:69:23:00:8d:
59:a6:aa:39:9f:5e:49:f9:99:54:77:88:d4:81:9c:
dc:0a:66:37:b4:20:3b:d3:ab:49:5a:04:cf:32:95:
79:96:d6:34:26:d2:0c:64:69:84:00:68:38:c7:e3:
f3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E8:86:DC:96:42:DB:EF:88:04:07:97:7E:E1:60:40:0B:22:DD:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
42:b7:43:b7:31:9b:db:5a:2c:22:36:41:36:5b:8d:50:66:ec:
be:7d:b6:db:73:b3:8d:de:8c:58:0c:69:1a:02:26:d3:15:b3:
85:55:36:41:f8:53:38:88:cd:8c:e9:97:8f:57:55:14:74:a1:
5f:1c:5c:69:00:10:70:d3:af:14:05:0c:b0:fe:50:76:46:cc:
f0:8a:4f:d3:95:e1:02:fc:a1:9e:67:54:ff:3d:17:43:cc:dc:
3b:af:98:1a:30:ed:c6:f0:34:a5:fa:d5:91:60:6e:34:d1:14:
ff:5d:db:cb:85:59:b5:c3:7d:c0:b1:f2:2a:f9:f1:bc:69:c2:
56:9a:54:81:49:f9:e3:5b:7b:83:2b:f4:f9:9b:73:5a:5c:61:
75:88:f9:1f:d5:f7:c6:b7:29:74:1c:ee:23:5b:f9:24:92:09:
0c:74:d4:a5:e2:53:74:a7:c6:cc:d4:ab:f2:73:af:83:f7:b1:
f7:b3:59:f5:8c:0c:c4:c8:a3:ae:67:63:48:7e:f8:04:72:33:
b3:f7:29:42:3d:37:6e:27:f0:ff:c6:6b:d8:d2:29:08:e0:c1:
23:6a:8c:05:55:bd:ab:39:d4:c2:57:b1:f6:2f:fa:23:9d:22:
97:f1:d9:60:f1:60:54:36:db:5b:67:68:9c:5b:47:03:48:7d:
8d:c8:0b:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN5Yw7Wl9lFPBbKxR4J2cc+eSCdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjNTU4NWU5MTA3YzYzYzBiN2NiOWE4MWEyMGZjY2RkNTVkZGQ1NDk3OGYy
OTVhOThjNTQ5NzkyNWEwYzUzMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALraB2HTZUabLuj6ZsneckvyBmW5QX4NPcqzQ7oQC0Q5GMhgZcUvPeMHBzhD
7aGiMq91nMaK0vBV9M7Cg21j3EXco711AQadLrdG4ELFD70EK2ONYP19x06q3Shx
hQnvg62CC++KsNh7/U4VVh7ewqy+BzNPt+/PYfBVgZC8H4xBK7Sg/bScXGSl53cH
9iIdT0GZHz9fGwD5ugEaiDzMR0rkCAeeWI5vcQ2YkojS+NQ10nwFbsked9dowspM
l3FG0TJ6ofeuDMuWq7BKJLdpIwCNWaaqOZ9eSfmZVHeI1IGc3ApmN7QgO9OrSVoE
zzKVeZbWNCbSDGRphABoOMfj87ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRP6Ibc
lkLb74gEB5d+4WBACyLdlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBCt0O3MZvbWiwiNkE2W41QZuy+fbbbc7ON3oxY
DGkaAibTFbOFVTZB+FM4iM2M6ZePV1UUdKFfHFxpABBw068UBQyw/lB2Rszwik/T
leEC/KGeZ1T/PRdDzNw7r5gaMO3G8DSl+tWRYG400RT/XdvLhVm1w33AsfIq+fG8
acJWmlSBSfnjW3uDK/T5m3NaXGF1iPkf1ffGtyl0HO4jW/kkkgkMdNSl4lN0p8bM
1Kvyc6+D97H3s1n1jAzEyKOuZ2NIfvgEcjOz9ylCPTduJ/D/xmvY0ikI4MEjaowF
Vb2rOdTCV7H2L/ojnSKX8dlg8WBUNttbZ2icW0cDSH2NyAtf
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:50 2025 by rpki-client