Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
File: 8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa (raw, json)
Hash identifier: suX+8J7EYA8ivHfjX2Z/TlusI8+HsswXG5GaYvdtiZQ=
Subject key identifier: 12:4A:88:B2:16:6D:FB:48:7D:67:A6:FA:4F:DC:ED:56:40:B1:62:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57B931D1D91DA850F4157F8C092CA1D47F9A76F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:b9:31:d1:d9:1d:a8:50:f4:15:7f:8c:09:2c:a1:d4:7f:9a:76:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ea26d5f8bfb5d6e625712317e47e61153df5b9805d0d563bb2fe5c8eca70b9b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a1:f5:1d:40:6f:ba:32:8d:dd:7c:7e:fa:74:
a1:f0:a8:eb:18:10:61:99:79:29:b7:5f:fe:cb:21:
b2:6a:f8:20:72:9e:66:77:e5:fb:1a:50:66:f2:b4:
ec:ad:b0:fa:19:07:96:82:7f:a1:e2:26:cc:b2:fa:
20:23:d1:b4:ed:0f:f8:16:95:ea:9a:7f:ff:5c:cc:
80:53:a9:6d:24:d4:0c:e7:69:8e:14:42:14:ad:18:
e7:f5:62:42:25:e2:0b:c6:8e:6c:e4:44:cd:d1:ff:
82:2b:df:e8:ff:d6:c9:be:94:7c:b6:d8:a5:2c:67:
e5:df:00:1d:70:49:cb:79:5c:ea:0d:0f:cc:80:75:
47:8a:5b:07:e6:12:dc:f4:4b:35:ae:72:37:ae:32:
13:6e:71:ad:21:c4:ca:59:86:38:28:26:ec:24:cd:
91:3f:e7:24:6b:bd:6b:cc:ba:8e:73:9a:66:85:51:
6a:25:67:23:93:cb:90:dd:9d:b5:f8:4d:2c:92:d0:
a6:8f:10:ac:23:20:10:1e:7e:27:95:de:68:7d:ed:
52:5c:71:34:5b:dd:75:74:47:1b:ec:9d:7b:ba:4b:
84:bd:9c:d3:73:20:ba:3b:d3:d1:85:a1:5c:41:ab:
6a:76:22:4c:52:7e:0d:88:c0:22:4b:70:32:f0:fc:
b9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4A:88:B2:16:6D:FB:48:7D:67:A6:FA:4F:DC:ED:56:40:B1:62:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:e000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:a4:2c:a8:88:f6:e3:05:85:4d:58:3b:ff:8e:16:61:3f:60:
4d:9e:ca:56:8c:f6:ea:83:77:4a:7e:57:4f:95:d6:ea:40:3f:
48:6b:54:9c:6f:a1:e1:6c:91:48:cf:56:2b:34:5b:4e:12:96:
13:01:29:c2:56:f1:85:6d:72:d3:a1:ae:74:39:ca:5b:12:d8:
ff:e4:60:9f:7d:3a:e5:96:34:c1:ed:4c:12:ca:9b:41:df:32:
6c:26:8b:7a:32:3a:4f:68:e0:75:ac:59:9b:2b:4c:2a:8f:ad:
b0:31:c0:91:cd:f6:fa:b7:c3:1d:5d:67:e9:3a:1a:63:90:4a:
f8:4d:43:da:0c:ca:28:51:5a:ec:eb:34:17:1d:ec:ee:67:34:
7d:9d:f2:b9:bd:79:25:f7:77:c4:80:05:66:e4:ca:35:f8:01:
d4:27:60:66:89:76:0b:80:69:78:ec:f4:02:5c:3d:3a:e8:8d:
cb:fc:f6:60:08:58:dc:4f:dc:58:bb:3a:c0:8f:ca:61:3f:59:
bd:28:43:8e:85:2e:f2:ce:30:2c:e3:f7:3c:75:1f:3c:98:c9:
37:76:ed:ca:38:13:35:82:41:4e:69:9a:98:b3:a8:30:6d:93:
34:75:e3:6d:b9:b8:5b:00:74:f3:49:0f:a2:e9:79:8f:8a:d6:
c0:42:b9:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV7kx0dkdqFD0FX+MCSyh1H+advcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMjZkNWY4YmZiNWQ2ZTYyNTcxMjMxN2U0N2U2MTE1M2RmNWI5ODA1ZDBk
NTYzYmIyZmU1YzhlY2E3MGI5YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2h9R1Ab7oyjd18fvp0ofCo6xgQYZl5Kbdf/sshsmr4IHKeZnfl+xpQZvK0
7K2w+hkHloJ/oeImzLL6ICPRtO0P+BaV6pp//1zMgFOpbSTUDOdpjhRCFK0Y5/Vi
QiXiC8aObOREzdH/givf6P/Wyb6UfLbYpSxn5d8AHXBJy3lc6g0PzIB1R4pbB+YS
3PRLNa5yN64yE25xrSHEylmGOCgm7CTNkT/nJGu9a8y6jnOaZoVRaiVnI5PLkN2d
tfhNLJLQpo8QrCMgEB5+J5XeaH3tUlxxNFvddXRHG+yde7pLhL2c03MgujvT0YWh
XEGranYiTFJ+DYjAIktwMvD8uQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSSoiy
Fm37SH1npvpP3O1WQLFibTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGRjN2Q1YmEtYjFlOS00YzFjLWExOTAtMjE0NzMxYjcxYjQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dbg
MA0GCSqGSIb3DQEBCwUAA4IBAQC8pCyoiPbjBYVNWDv/jhZhP2BNnspWjPbqg3dK
fldPldbqQD9Ia1Scb6HhbJFIz1YrNFtOEpYTASnCVvGFbXLToa50OcpbEtj/5GCf
fTrlljTB7UwSyptB3zJsJot6MjpPaOB1rFmbK0wqj62wMcCRzfb6t8MdXWfpOhpj
kEr4TUPaDMooUVrs6zQXHezuZzR9nfK5vXkl93fEgAVm5Mo1+AHUJ2BmiXYLgGl4
7PQCXD066I3L/PZgCFjcT9xYuzrAj8phP1m9KEOOhS7yzjAs4/c8dR88mMk3du3K
OBM1gkFOaZqYs6gwbZM0deNtubhbAHTzSQ+i6XmPitbAQrkM
-----END CERTIFICATE-----
Generated at Fri May 2 16:28:14 2025 by rpki-client