Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
File: 8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa (raw, json)
Hash identifier: Hb1tSHmcvRdavKVSWZy1ZCh45cTCYf/QDQ2NAoMSR7w=
Subject key identifier: ED:35:6B:6C:F0:AF:5B:DA:4E:0E:66:7F:77:D8:86:CA:4F:52:79:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F71BEE5807F75787BB841130F6DB62D54C060FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:71:be:e5:80:7f:75:78:7b:b8:41:13:0f:6d:b6:2d:54:c0:60:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6721fbc2a9ff2d40518150d16104322cfe2e762e71d64bb1d3909eff54280d3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1c:65:c3:23:e9:ab:4b:b1:e0:c6:82:38:b0:
f5:9f:7a:64:e2:20:e3:47:3d:a6:4a:c7:d5:0b:52:
d4:6c:7a:93:26:76:d6:3d:41:65:45:18:e9:9e:ab:
00:36:dd:0a:e8:99:55:c5:51:e6:bb:36:72:9b:12:
ef:0c:fc:75:53:35:a3:10:35:69:b4:fb:ea:98:25:
93:0c:04:ab:f0:1e:ee:85:04:0b:96:e2:33:29:dc:
ee:0c:fb:aa:e2:9c:41:e4:0b:e3:73:cd:71:85:79:
db:44:b2:a1:ff:52:24:10:9d:09:69:fb:53:17:02:
a3:81:c4:d9:c3:7c:79:49:02:3f:86:fa:65:9a:bb:
05:e2:38:b4:5c:cc:00:06:af:f2:49:56:b4:c4:d8:
b3:9f:17:79:d9:b4:2c:32:62:e6:84:23:6f:49:39:
38:46:c3:71:04:e8:b2:b8:ab:f8:cd:d3:a5:10:56:
ca:8e:6d:ef:9e:1d:8b:32:8f:3a:6c:d5:23:a1:0f:
ce:57:0f:0c:a2:a3:1e:6d:d2:1d:75:04:58:0f:ba:
60:4f:58:b0:38:6b:e4:6a:58:26:bc:18:30:a1:09:
64:a7:d9:e0:93:a5:5f:9d:27:33:7d:ce:a9:97:c8:
16:13:13:82:d4:24:77:cb:c5:15:75:87:c0:81:a0:
44:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:35:6B:6C:F0:AF:5B:DA:4E:0E:66:7F:77:D8:86:CA:4F:52:79:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:42:f2:58:3f:89:5d:d7:b5:d3:db:65:ea:a3:1f:0b:fd:4b:
0f:a4:fe:77:2a:db:d4:ea:cc:2a:da:e2:c3:eb:36:24:89:73:
e2:da:5b:22:27:2f:16:28:be:a4:a9:42:87:26:40:af:c7:2e:
f2:8c:b6:8e:a8:bc:97:af:05:4d:ac:6e:66:ba:04:08:8b:fc:
11:2f:ca:6e:4a:5b:55:53:3f:5d:06:8b:28:a2:0f:b1:49:43:
8b:c2:a4:9a:df:eb:4a:03:84:34:9b:92:48:58:0e:e9:f6:21:
f5:9e:a5:ee:08:14:d9:3e:21:e4:7e:f9:bf:0b:f7:f1:b1:47:
de:e0:1a:ab:63:d7:59:06:97:13:e7:96:41:46:5f:29:14:1a:
29:3e:1d:c2:7e:3e:c5:17:ac:ba:4c:11:3e:19:8d:5e:5f:a7:
d1:74:ce:16:ec:78:ad:33:74:63:8f:96:66:14:38:9c:31:05:
0d:e3:8d:9f:89:20:07:21:98:29:75:a0:b5:3f:6e:0b:e9:1b:
79:d1:29:3a:2b:3a:d0:04:9d:bb:cc:0a:3c:5a:4a:ef:5d:d5:
97:d7:17:a1:23:01:c2:3d:46:93:5e:af:7d:5d:cc:89:08:64:
52:f1:e5:3d:bb:a3:71:6a:2f:17:dc:28:61:97:f0:2b:f8:b1:
d8:df:7d:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf3G+5YB/dXh7uEETD222LVTAYPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MjFmYmMyYTlmZjJkNDA1MTgxNTBkMTYxMDQzMjJjZmUyZTc2MmU3MWQ2
NGJiMWQzOTA5ZWZmNTQyODBkM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIcZcMj6atLseDGgjiw9Z96ZOIg40c9pkrH1QtS1Gx6kyZ21j1BZUUY6Z6r
ADbdCuiZVcVR5rs2cpsS7wz8dVM1oxA1abT76pglkwwEq/Ae7oUEC5biMync7gz7
quKcQeQL43PNcYV520Syof9SJBCdCWn7UxcCo4HE2cN8eUkCP4b6ZZq7BeI4tFzM
AAav8klWtMTYs58Xedm0LDJi5oQjb0k5OEbDcQTosrir+M3TpRBWyo5t754dizKP
OmzVI6EPzlcPDKKjHm3SHXUEWA+6YE9YsDhr5GpYJrwYMKEJZKfZ4JOlX50nM33O
qZfIFhMTgtQkd8vFFXWHwIGgRA8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTtNWts
8K9b2k4OZn932IbKT1J5kDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGIwY2NiYzEtMzYzOC00ZjdmLThhMjQtM2Y1ZTE4MWM4YjhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
wDANBgkqhkiG9w0BAQsFAAOCAQEADULyWD+JXde109tl6qMfC/1LD6T+dyrb1OrM
Ktriw+s2JIlz4tpbIicvFii+pKlChyZAr8cu8oy2jqi8l68FTaxuZroECIv8ES/K
bkpbVVM/XQaLKKIPsUlDi8Kkmt/rSgOENJuSSFgO6fYh9Z6l7ggU2T4h5H75vwv3
8bFH3uAaq2PXWQaXE+eWQUZfKRQaKT4dwn4+xResukwRPhmNXl+n0XTOFux4rTN0
Y4+WZhQ4nDEFDeONn4kgByGYKXWgtT9uC+kbedEpOis60ASdu8wKPFpK713Vl9cX
oSMBwj1Gk16vfV3MiQhkUvHlPbujcWovF9woYZfwK/ix2N99cQ==
-----END CERTIFICATE-----
Generated at Fri May 2 16:07:01 2025 by rpki-client