Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: XxoLyu9MOUtELu8jjpp//EvnOHKbaxxMFga/Bw6+XbM=
Subject key identifier: 7B:5B:7A:9B:27:B9:28:F9:44:73:0F:E9:44:0C:EC:7B:35:47:EB:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3ECD3F2B165D3AE4226E0CBA3F074D047FE4ACD2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:cd:3f:2b:16:5d:3a:e4:22:6e:0c:ba:3f:07:4d:04:7f:e4:ac:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=8f9eed0cdfe7deb6ae59229e2b1a19517394c43dcb19b6496d322de7ec0202f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d2:85:aa:48:4b:b8:0e:a9:f3:95:41:36:09:
8d:5a:d2:5c:37:68:82:bf:db:6f:f7:b0:ea:aa:db:
3c:4b:bf:4e:22:a9:75:f5:d7:92:a6:14:61:8a:1f:
bd:ca:dc:3d:2d:70:cc:e9:9f:70:ca:0b:03:32:cd:
ec:44:93:f5:10:6e:2f:3e:de:d2:0f:4d:d7:40:e9:
fb:10:9e:40:b4:e5:dc:b5:79:36:d6:8f:2d:3d:3e:
8d:68:d6:37:0e:46:f4:9f:3f:df:84:e7:86:b5:00:
ff:a4:96:00:e9:c5:7f:9e:9f:1f:e0:81:36:70:2b:
12:fb:ca:f5:76:29:49:00:5c:e2:c2:d8:38:4b:1b:
7c:8d:a0:13:10:ca:8a:70:b7:53:34:a4:c3:ea:de:
2f:d8:1b:e2:b9:c1:01:3b:25:84:f4:ea:72:60:93:
48:64:43:46:60:5e:e1:ec:53:89:23:3b:e2:df:b7:
3e:c7:5c:79:04:46:35:7e:27:93:c4:0e:ae:a9:16:
66:4e:71:c6:e9:a2:6a:59:d2:19:4a:6f:09:7c:e5:
20:79:0b:9c:88:cb:c6:0e:d1:f5:a9:1b:ab:3b:a9:
20:80:9b:2b:5b:6d:72:32:a8:36:ec:29:18:ce:cc:
3d:d7:6b:c0:ec:67:3f:4b:74:16:fb:82:5c:79:61:
cc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5B:7A:9B:27:B9:28:F9:44:73:0F:E9:44:0C:EC:7B:35:47:EB:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
76:5f:53:14:30:3f:76:be:0f:bc:95:eb:63:99:fb:25:40:1b:
48:94:61:b7:24:b9:e0:2e:f0:bf:a8:8d:09:36:dc:c5:bc:e6:
84:c9:8b:46:ad:30:b6:17:3b:bf:e5:c1:2a:52:12:97:5f:b9:
28:a5:8c:a2:e5:b0:0f:f2:2a:b2:43:cb:7b:3e:24:63:2a:ba:
33:95:ca:27:1c:11:08:ee:62:7b:c5:f5:2d:f8:d8:82:ac:09:
68:7c:20:37:46:62:36:91:7c:e1:47:ac:20:ec:03:54:b1:f7:
7a:2b:e0:04:f1:c3:2f:f1:0f:af:e8:22:1c:34:22:68:6c:ee:
d0:30:4d:00:03:bd:4c:26:35:be:c3:fb:2e:13:0e:cc:87:e6:
b5:77:d5:0c:e4:22:52:c4:39:c2:36:f2:33:78:f2:8a:b6:bc:
43:58:10:d1:dc:30:c7:45:d6:79:63:6e:d9:a7:59:5c:e7:27:
97:20:a8:0e:8d:65:a9:7a:a0:cd:ec:18:b0:e1:e5:24:bc:62:
07:7a:23:9c:52:04:6e:d6:05:8f:62:4c:1b:d3:c2:e1:05:19:
9b:73:c0:a0:73:87:57:aa:a7:a0:e8:e9:1e:b8:82:14:d9:94:
92:fa:27:31:16:e7:19:8f:6e:f2:bd:92:73:02:87:67:3f:81:
02:a5:56:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPs0/KxZdOuQibgy6PwdNBH/krNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmOWVlZDBjZGZlN2RlYjZhZTU5MjI5ZTJiMWExOTUxNzM5NGM0M2RjYjE5
YjY0OTZkMzIyZGU3ZWMwMjAyZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7ShapIS7gOqfOVQTYJjVrSXDdogr/bb/ew6qrbPEu/TiKpdfXXkqYUYYof
vcrcPS1wzOmfcMoLAzLN7EST9RBuLz7e0g9N10Dp+xCeQLTl3LV5NtaPLT0+jWjW
Nw5G9J8/34TnhrUA/6SWAOnFf56fH+CBNnArEvvK9XYpSQBc4sLYOEsbfI2gExDK
inC3UzSkw+reL9gb4rnBATslhPTqcmCTSGRDRmBe4exTiSM74t+3PsdceQRGNX4n
k8QOrqkWZk5xxumialnSGUpvCXzlIHkLnIjLxg7R9akbqzupIICbK1ttcjKoNuwp
GM7MPddrwOxnP0t0FvuCXHlhzJcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR7W3qb
J7ko+URzD+lEDOx7NUfrCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAdl9TFDA/dr4PvJXrY5n7JUAbSJRhtyS54C7w
v6iNCTbcxbzmhMmLRq0wthc7v+XBKlISl1+5KKWMouWwD/IqskPLez4kYyq6M5XK
JxwRCO5ie8X1LfjYgqwJaHwgN0ZiNpF84UesIOwDVLH3eivgBPHDL/EPr+giHDQi
aGzu0DBNAAO9TCY1vsP7LhMOzIfmtXfVDOQiUsQ5wjbyM3jyira8Q1gQ0dwwx0XW
eWNu2adZXOcnlyCoDo1lqXqgzewYsOHlJLxiB3ojnFIEbtYFj2JMG9PC4QUZm3PA
oHOHV6qnoOjpHriCFNmUkvonMRbnGY9u8r2ScwKHZz+BAqVWTw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:29 2025 by rpki-client