Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/925d550e-ff86-4691-95fd-99c84ee0d297.roa
File: 925d550e-ff86-4691-95fd-99c84ee0d297.roa (raw, json)
Hash identifier: qsu1rv1kcQ+LF0NdqSGZQJGj9ZCI7p9FBVEwTt7fyOo=
Subject key identifier: 6A:63:2C:DD:8B:26:4E:6D:EF:8B:60:64:21:CD:B1:59:9B:AD:7C:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39730A3AAF050606F5634EC52549D0DE5869C03C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/925d550e-ff86-4691-95fd-99c84ee0d297.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:73:0a:3a:af:05:06:06:f5:63:4e:c5:25:49:d0:de:58:69:c0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=680e63fe337b5e91e1f4276c3da859671c6cf925c82392aa104644229fbc416a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:d6:f6:46:1b:5b:f9:c3:df:fa:41:d1:7a:
06:5c:f3:fd:c8:ca:20:ca:38:d1:12:ff:51:3f:20:
b4:3d:c6:d0:98:5a:79:ad:22:69:12:18:5c:50:5d:
99:70:1f:f1:41:00:9d:f2:25:90:fd:9f:d0:7a:3c:
78:e6:66:9f:6e:ef:9c:45:80:f3:03:9e:3c:3d:33:
fa:2d:c0:c8:1c:d7:06:dd:b5:20:ea:94:5d:01:6b:
91:31:c7:4d:20:74:92:a4:88:a2:59:8e:76:52:a4:
37:bc:76:d4:d9:dd:05:e4:88:ab:7a:12:c7:8e:c0:
f0:73:78:e1:ba:fb:9f:e2:0e:25:2c:c4:9e:a1:45:
51:74:09:ae:e3:01:0b:ba:e1:f0:e8:b6:14:37:f2:
21:db:d9:0e:71:45:e6:46:16:bf:93:99:cd:8b:a5:
b7:9f:32:e6:fc:96:1e:af:2b:89:03:d2:60:14:b7:
47:ea:81:b7:04:6f:08:a6:3f:b3:70:c7:ef:3b:c1:
f3:a4:39:bc:f4:ba:dc:72:8b:26:aa:7b:c4:50:cb:
e4:36:fd:92:46:8f:38:14:5f:79:c7:a1:6c:b9:88:
20:a8:72:8b:58:ef:dd:d9:7c:a3:6b:49:2a:6c:c0:
d8:b7:06:aa:b4:b9:f8:66:d0:3b:e6:3c:0a:bb:6a:
21:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:63:2C:DD:8B:26:4E:6D:EF:8B:60:64:21:CD:B1:59:9B:AD:7C:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/925d550e-ff86-4691-95fd-99c84ee0d297.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c3:36:9f:5f:9a:5a:cd:dd:cf:67:b8:49:1e:50:f7:d0:83:24:
78:c3:c3:31:2f:87:fe:13:6a:a6:d2:d9:0f:b2:fb:9b:1a:5f:
ce:de:1e:cb:55:58:e6:49:5c:68:c2:ae:cd:de:eb:26:72:09:
11:2f:93:96:ed:c3:ce:6c:d4:2c:7c:88:b1:32:6c:ab:c8:32:
8c:08:46:10:a1:d1:34:e1:b4:24:94:37:76:74:3a:ca:69:40:
ea:eb:ac:76:91:6a:dc:f0:5b:3f:02:03:b9:a3:d1:11:ce:2e:
93:9c:3d:74:96:bb:7f:3f:81:2d:1e:91:db:d3:41:84:68:16:
55:e4:df:76:36:cf:72:6e:fd:6f:e5:ce:b9:a2:ba:fb:7b:f5:
66:f6:fc:07:f5:de:20:66:fd:af:c5:0f:a9:c4:89:eb:40:8e:
20:9b:2c:a5:67:c9:b7:99:e7:e4:9a:6a:d5:63:04:47:22:e2:
43:3d:d4:5f:01:5d:29:d0:21:0d:be:d2:e0:c1:7e:2c:a0:5b:
59:3b:07:be:0d:0d:d3:e4:d7:e8:95:22:a9:95:30:7b:a7:94:
21:0c:f9:88:08:92:93:10:ff:11:ed:38:91:56:66:82:cb:1e:
fd:94:1f:b2:0e:10:92:c1:ee:2c:bc:af:61:c8:3d:0d:13:32:
62:0a:d9:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOXMKOq8FBgb1Y07FJUnQ3lhpwDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MGU2M2ZlMzM3YjVlOTFlMWY0Mjc2YzNkYTg1OTY3MWM2Y2Y5MjVjODIz
OTJhYTEwNDY0NDIyOWZiYzQxNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVL1vZGG1v5w9/6QdF6Blzz/cjKIMo40RL/UT8gtD3G0Jhaea0iaRIYXFBd
mXAf8UEAnfIlkP2f0Ho8eOZmn27vnEWA8wOePD0z+i3AyBzXBt21IOqUXQFrkTHH
TSB0kqSIolmOdlKkN7x21NndBeSIq3oSx47A8HN44br7n+IOJSzEnqFFUXQJruMB
C7rh8Oi2FDfyIdvZDnFF5kYWv5OZzYult58y5vyWHq8riQPSYBS3R+qBtwRvCKY/
s3DH7zvB86Q5vPS63HKLJqp7xFDL5Db9kkaPOBRfecehbLmIIKhyi1jv3dl8o2tJ
KmzA2LcGqrS5+GbQO+Y8CrtqIccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqYyzd
iyZObe+LYGQhzbFZm618xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI1ZDU1MGUtZmY4Ni00NjkxLTk1ZmQtOTljODRlZTBkMjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVg
MA0GCSqGSIb3DQEBCwUAA4IBAQDDNp9fmlrN3c9nuEkeUPfQgyR4w8MxL4f+E2qm
0tkPsvubGl/O3h7LVVjmSVxowq7N3usmcgkRL5OW7cPObNQsfIixMmyryDKMCEYQ
odE04bQklDd2dDrKaUDq66x2kWrc8Fs/AgO5o9ERzi6TnD10lrt/P4EtHpHb00GE
aBZV5N92Ns9ybv1v5c65orr7e/Vm9vwH9d4gZv2vxQ+pxInrQI4gmyylZ8m3mefk
mmrVYwRHIuJDPdRfAV0p0CENvtLgwX4soFtZOwe+DQ3T5NfolSKplTB7p5QhDPmI
CJKTEP8R7TiRVmaCyx79lB+yDhCSwe4svK9hyD0NEzJiCtkw
-----END CERTIFICATE-----
Generated at Sat May 3 05:43:16 2025 by rpki-client