Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: TPACfQVHydaNoKmQQmPFWEKVZtUvF1TkVUxT4sgm+Og=
Subject key identifier: 61:AF:27:0E:BC:59:91:09:26:90:3C:4D:CE:FD:8A:96:A5:65:E2:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C9CA070DCFAA2D13DEFB5F3A13AED545067750E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:9c:a0:70:dc:fa:a2:d1:3d:ef:b5:f3:a1:3a:ed:54:50:67:75:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ebcde10cbb2e3f4bdea81cc678c00c0a13a586ad07cf7182cb2b2f08198b9a81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c9:bd:cb:d8:32:3e:da:ef:ac:4e:19:6d:87:
78:c8:d0:77:7c:4e:82:84:47:f8:aa:e8:7b:4f:42:
99:95:b4:0d:57:60:3a:05:ad:1a:7f:32:35:ad:a7:
53:d0:9c:e0:5c:0d:92:29:18:be:f0:1b:77:e9:57:
50:d8:c6:85:f3:aa:5a:50:ff:9b:9a:26:db:50:20:
83:5e:ab:b8:ba:11:d7:26:4f:6f:a2:9e:87:d8:36:
6d:32:d0:c1:70:1e:3a:b2:e3:ef:2d:63:66:8d:10:
d8:e4:0e:bf:d6:b7:a3:13:30:51:6e:45:ba:72:15:
df:dd:ae:d2:f9:ca:28:c5:77:63:92:e8:c0:01:a4:
7b:21:4e:f8:6e:7d:03:c7:37:be:97:4b:bb:b2:ad:
fd:80:c7:97:90:2d:2e:ae:d5:b6:fb:2c:9a:a4:8e:
7e:dc:79:9e:83:7a:5b:8f:42:80:97:9d:65:2f:a5:
af:a2:83:42:e9:65:42:95:8c:fb:37:1a:bf:37:8b:
dc:a2:3a:a0:f2:23:f5:d3:6a:4e:4c:e8:a3:49:8d:
37:92:d3:cd:72:16:77:fd:33:63:71:2b:29:89:ed:
71:1d:4b:e4:32:16:6c:42:07:94:76:fc:eb:9a:94:
fc:c5:61:5e:25:d1:ef:7e:cf:98:2c:ff:9e:c5:c3:
d5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:AF:27:0E:BC:59:91:09:26:90:3C:4D:CE:FD:8A:96:A5:65:E2:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
9c:04:8e:dc:dc:9b:2e:9e:43:3b:7b:72:ca:b7:28:8a:92:bf:
ca:4c:99:3d:60:ba:ea:98:1d:cf:81:90:3f:5f:06:f3:55:5e:
07:ab:5c:a2:5a:9d:6b:7b:7e:57:8c:05:08:2d:64:9d:ba:58:
e3:90:1d:34:a9:8a:fe:59:00:17:ca:69:8a:67:c3:25:26:22:
f2:2b:7b:5c:d9:a1:16:ac:95:a6:e4:37:71:83:a2:a9:35:a8:
ae:18:30:c5:c8:f7:ea:95:4e:91:21:27:98:84:63:65:4f:94:
a4:73:2f:10:0a:24:8d:83:75:d2:63:5a:f3:44:ce:c2:b3:d9:
be:ee:7f:ba:cb:51:82:b4:f7:68:bd:0f:2b:94:3b:0e:9d:ad:
bb:ab:3d:28:26:3d:b4:38:5e:56:95:bc:69:d4:d3:fb:15:9b:
aa:ca:6c:65:f9:a1:45:52:d2:ab:20:9f:37:71:93:7d:23:b0:
cd:7e:bf:7f:7e:39:33:b6:3d:5c:a1:20:c4:8b:4e:2d:27:98:
6c:34:15:9a:f5:7e:2d:79:35:cd:33:0f:3c:c7:e5:a3:08:9d:
de:8d:5b:40:56:f1:ba:da:20:6d:d2:b8:8f:d8:4f:e2:38:ea:
c8:b0:11:81:b4:61:42:78:61:28:e7:ab:12:35:66:a6:39:82:
ff:bc:ca:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPJygcNz6otE977XzoTrtVFBndQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGViY2RlMTBjYmIyZTNmNGJkZWE4MWNjNjc4YzAwYzBhMTNhNTg2YWQwN2Nm
NzE4MmNiMmIyZjA4MTk4YjlhODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvJvcvYMj7a76xOGW2HeMjQd3xOgoRH+Kroe09CmZW0DVdgOgWtGn8yNa2n
U9Cc4FwNkikYvvAbd+lXUNjGhfOqWlD/m5om21Agg16ruLoR1yZPb6Keh9g2bTLQ
wXAeOrLj7y1jZo0Q2OQOv9a3oxMwUW5FunIV392u0vnKKMV3Y5LowAGkeyFO+G59
A8c3vpdLu7Kt/YDHl5AtLq7VtvssmqSOftx5noN6W49CgJedZS+lr6KDQullQpWM
+zcavzeL3KI6oPIj9dNqTkzoo0mNN5LTzXIWd/0zY3ErKYntcR1L5DIWbEIHlHb8
65qU/MVhXiXR737PmCz/nsXD1ZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhrycO
vFmRCSaQPE3O/YqWpWXi1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQCcBI7c3JsunkM7e3LKtyiKkr/KTJk9YLrqmB3P
gZA/XwbzVV4Hq1yiWp1re35XjAUILWSduljjkB00qYr+WQAXymmKZ8MlJiLyK3tc
2aEWrJWm5Ddxg6KpNaiuGDDFyPfqlU6RISeYhGNlT5Skcy8QCiSNg3XSY1rzRM7C
s9m+7n+6y1GCtPdovQ8rlDsOna27qz0oJj20OF5Wlbxp1NP7FZuqymxl+aFFUtKr
IJ83cZN9I7DNfr9/fjkztj1coSDEi04tJ5hsNBWa9X4teTXNMw88x+WjCJ3ejVtA
VvG62iBt0riP2E/iOOrIsBGBtGFCeGEo56sSNWamOYL/vMqj
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:46 2025 by rpki-client