Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: PuBT6zsUW+/QFrgbtPITilF0aZ+3Ys6LcjejJLjpxag=
Subject key identifier: A5:81:03:50:E3:CB:64:A4:45:CE:95:A2:5B:FA:90:A3:B0:73:5D:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6196F5E76EB253ECCA99CD6412DE8B45B154F635
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:96:f5:e7:6e:b2:53:ec:ca:99:cd:64:12:de:8b:45:b1:54:f6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=8a7a950c6da5f94938ea55b1569239b30f096e76cadda7d907f5c7aa0920d2bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:02:1f:ec:aa:ec:2e:09:4d:d9:97:8a:66:e6:
8f:3d:cd:8d:d3:6b:fa:12:d9:c0:6a:f3:c3:d1:b1:
fe:16:37:2d:46:0a:f2:ea:9d:f0:6c:fd:3c:ab:4a:
93:ff:ca:8b:eb:79:94:7f:d5:14:68:15:cd:85:00:
7c:9c:af:cc:f8:3b:4c:ac:99:0a:a1:8d:4e:5b:eb:
75:14:47:54:a8:7d:a7:63:0b:f5:4d:4e:b6:92:d9:
e6:b5:c6:50:56:1c:60:43:4c:14:cd:2a:b1:3e:97:
de:96:b1:71:c7:b2:58:e4:db:c9:ee:7c:b0:5d:5e:
bf:d5:da:fd:69:12:15:69:ce:c0:ed:49:aa:f3:9c:
3b:82:02:a8:7f:47:bd:2e:27:9d:b7:a2:41:61:d6:
c6:47:7d:96:c1:58:99:51:98:17:17:2c:3f:f1:33:
ce:0a:ad:01:61:75:bc:9f:c6:d8:47:cf:a7:b3:a4:
22:a0:86:1e:67:7a:cc:a3:c1:a2:5a:97:bc:12:4f:
7d:e6:60:40:75:92:04:35:7b:47:43:e7:c9:4c:cb:
79:03:c3:6e:72:53:f8:c0:c1:8a:5d:98:54:a6:60:
20:a4:e2:9e:d8:a6:b5:6c:25:91:87:c7:97:71:7f:
d9:97:43:64:93:43:0a:1d:bb:67:47:60:ea:ce:d1:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:81:03:50:E3:CB:64:A4:45:CE:95:A2:5B:FA:90:A3:B0:73:5D:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
71:78:e3:90:82:34:39:3f:d8:9b:e9:d6:65:01:66:fd:e3:f1:
e6:8c:ce:b9:55:83:82:85:f5:d5:2d:78:7c:47:2c:75:a7:99:
12:47:47:e5:10:91:3c:ac:ef:02:0d:4d:e5:fc:dc:e3:bd:43:
79:1d:76:5f:02:4c:bf:c8:e9:12:2d:49:a0:ab:86:6c:dc:7a:
2f:9f:81:7e:b2:fd:4c:cd:ab:1e:2c:d6:d4:6b:9e:00:06:7e:
1b:e2:9d:23:e6:4e:ab:62:01:6b:e5:4f:0b:f1:11:63:e6:4d:
1b:0b:a2:78:b3:2d:12:43:9a:cf:dc:74:1c:a3:8d:6d:f3:02:
d8:7e:8a:2e:51:f9:63:5f:80:ae:ea:eb:d0:c2:05:f4:a2:cd:
f0:f7:0e:32:e0:ff:83:a2:fb:1c:8e:fb:e7:bb:23:d2:63:4c:
4a:51:46:ff:73:81:e7:b5:4a:12:ab:43:ef:3c:2b:95:fb:1a:
83:fd:7d:84:b5:da:87:e4:c0:e4:b2:5f:4b:79:0d:c8:ae:02:
95:cc:a5:3c:b9:ff:85:bc:29:e2:48:df:f3:5c:c8:db:74:04:
a2:d9:ea:0d:9d:56:3d:26:92:49:79:fa:08:8c:2c:17:63:d3:
9e:81:6d:19:f1:5f:60:5a:0a:b4:13:de:15:0b:9f:59:eb:a9:
0b:47:9f:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYZb1526yU+zKmc1kEt6LRbFU9jUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhN2E5NTBjNmRhNWY5NDkzOGVhNTViMTU2OTIzOWIzMGYwOTZlNzZjYWRk
YTdkOTA3ZjVjN2FhMDkyMGQyYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkCH+yq7C4JTdmXimbmjz3NjdNr+hLZwGrzw9Gx/hY3LUYK8uqd8Gz9PKtK
k//Ki+t5lH/VFGgVzYUAfJyvzPg7TKyZCqGNTlvrdRRHVKh9p2ML9U1OtpLZ5rXG
UFYcYENMFM0qsT6X3paxcceyWOTbye58sF1ev9Xa/WkSFWnOwO1JqvOcO4ICqH9H
vS4nnbeiQWHWxkd9lsFYmVGYFxcsP/EzzgqtAWF1vJ/G2EfPp7OkIqCGHmd6zKPB
olqXvBJPfeZgQHWSBDV7R0PnyUzLeQPDbnJT+MDBil2YVKZgIKTintimtWwlkYfH
l3F/2ZdDZJNDCh27Z0dg6s7RwjUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlgQNQ
48tkpEXOlaJb+pCjsHNddzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBxeOOQgjQ5P9ib6dZlAWb94/HmjM65VYOChfXV
LXh8Ryx1p5kSR0flEJE8rO8CDU3l/NzjvUN5HXZfAky/yOkSLUmgq4Zs3Hovn4F+
sv1MzaseLNbUa54ABn4b4p0j5k6rYgFr5U8L8RFj5k0bC6J4sy0SQ5rP3HQco41t
8wLYfoouUfljX4Cu6uvQwgX0os3w9w4y4P+DovscjvvnuyPSY0xKUUb/c4HntUoS
q0PvPCuV+xqD/X2EtdqH5MDksl9LeQ3IrgKVzKU8uf+FvCniSN/zXMjbdASi2eoN
nVY9JpJJefoIjCwXY9OegW0Z8V9gWgq0E94VC59Z66kLR5/h
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:56 2025 by rpki-client