Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
File: 975dfb4d-ef39-4371-9678-ff7909080d1e.roa (raw, json)
Hash identifier: O5j836qfF7/wyTnenkvAOvOMHhBVRF41QgNvlpWyr/I=
Subject key identifier: B6:BC:E0:A1:F2:CE:0F:D1:AB:FC:92:6E:D2:CF:39:1F:E0:80:9C:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EDA7A4B8B7FAA2C5EECFD1FB776FD32E8DE1455
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:da:7a:4b:8b:7f:aa:2c:5e:ec:fd:1f:b7:76:fd:32:e8:de:14:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=953cfbc22fd7fe7645601f813edccb7aaf2912bfa1a2a72da73de449850ce7dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:2f:6e:5c:fc:64:80:97:a7:03:bd:42:64:
f7:c3:65:21:0b:cf:41:9a:2b:01:5f:51:95:40:8d:
63:6a:fe:eb:b0:5a:01:3b:cb:7f:3c:c9:01:4f:fd:
44:6b:3a:7f:aa:4b:ca:83:cd:b1:6a:56:14:92:9a:
8d:af:40:ab:18:7d:d6:25:04:77:75:36:92:f5:b0:
65:39:94:b2:07:8e:01:50:11:73:2f:14:46:d4:dd:
a9:20:b1:9d:32:64:8d:09:d1:8b:4a:bd:ce:47:82:
08:f5:13:6d:94:29:42:3b:f5:73:89:8e:f6:89:b6:
16:0b:33:8b:f6:e1:98:a1:ad:b7:49:57:9f:d6:43:
af:0d:9f:ac:98:b3:e8:9d:78:b1:97:80:e6:3b:69:
ca:92:4a:c8:93:5b:9f:0a:7c:24:20:97:a0:48:86:
f9:fd:36:33:8a:8c:29:08:65:5e:41:15:ed:58:43:
8b:5f:2a:dc:4c:71:bf:26:66:ea:27:1c:7b:f4:04:
ed:27:f2:97:16:1b:cc:5a:b3:4f:af:30:51:b9:97:
65:66:26:e2:22:7b:ea:f3:2b:53:16:e0:92:47:56:
91:9e:06:97:e6:02:e7:9a:27:87:45:af:88:3d:62:
24:b3:89:14:54:98:67:a9:dd:6f:9b:74:5f:4e:46:
06:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BC:E0:A1:F2:CE:0F:D1:AB:FC:92:6E:D2:CF:39:1F:E0:80:9C:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b080::/48
Signature Algorithm: sha256WithRSAEncryption
56:3d:65:2d:41:f3:25:dd:c1:23:f1:76:2c:5a:fa:13:11:b4:
95:17:79:4f:7c:ae:3b:a6:91:fa:a8:73:cf:d3:38:8c:38:5d:
1b:eb:ad:81:15:5b:21:03:6b:6d:70:0d:0f:94:a4:9a:9a:c5:
a8:a2:51:c7:39:b1:f8:08:dd:bd:ad:53:9b:6f:f4:1f:8d:2c:
69:28:7c:de:e7:98:77:3c:50:6e:12:77:f0:a1:d2:d0:17:d1:
0f:c3:99:76:a4:47:97:71:cc:50:fb:72:25:1c:3d:57:45:51:
02:c9:be:e3:a4:71:ad:4d:cc:9c:83:a2:09:58:ab:c5:63:42:
5d:8a:e7:c2:c6:97:c8:7f:92:79:f4:c8:c3:9d:c3:11:20:34:
48:c6:8a:09:9c:ba:58:ad:b8:06:04:20:68:d8:a2:62:13:c0:
ab:13:65:94:37:8c:d6:b2:25:a0:51:27:f2:63:a1:2c:62:c5:
58:51:00:e9:f2:8e:6e:82:6e:77:f5:04:53:a3:96:52:61:ef:
bb:cd:bf:b1:7c:39:ec:88:1e:d9:ca:6a:c2:b5:68:7e:b4:a1:
4b:12:e0:62:80:56:39:4e:fe:8b:fe:03:3e:2b:ed:b3:38:b3:
64:e2:3b:1d:7a:9f:5e:70:4b:cd:ad:8f:e9:e7:89:d4:f8:b3:
b6:92:75:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXtp6S4t/qixe7P0ft3b9MujeFFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1M2NmYmMyMmZkN2ZlNzY0NTYwMWY4MTNlZGNjYjdhYWYyOTEyYmZhMWEy
YTcyZGE3M2RlNDQ5ODUwY2U3ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFRL25c/GSAl6cDvUJk98NlIQvPQZorAV9RlUCNY2r+67BaATvLfzzJAU/9
RGs6f6pLyoPNsWpWFJKaja9Aqxh91iUEd3U2kvWwZTmUsgeOAVARcy8URtTdqSCx
nTJkjQnRi0q9zkeCCPUTbZQpQjv1c4mO9om2Fgszi/bhmKGtt0lXn9ZDrw2frJiz
6J14sZeA5jtpypJKyJNbnwp8JCCXoEiG+f02M4qMKQhlXkEV7VhDi18q3ExxvyZm
6icce/QE7SfylxYbzFqzT68wUbmXZWYm4iJ76vMrUxbgkkdWkZ4Gl+YC55onh0Wv
iD1iJLOJFFSYZ6ndb5t0X05GBtsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2vOCh
8s4P0av8km7Szzkf4ICcazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1ZGZiNGQtZWYzOS00MzcxLTk2NzgtZmY3OTA5MDgwZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKw
gDANBgkqhkiG9w0BAQsFAAOCAQEAVj1lLUHzJd3BI/F2LFr6ExG0lRd5T3yuO6aR
+qhzz9M4jDhdG+utgRVbIQNrbXAND5SkmprFqKJRxzmx+Ajdva1Tm2/0H40saSh8
3ueYdzxQbhJ38KHS0BfRD8OZdqRHl3HMUPtyJRw9V0VRAsm+46RxrU3MnIOiCVir
xWNCXYrnwsaXyH+SefTIw53DESA0SMaKCZy6WK24BgQgaNiiYhPAqxNllDeM1rIl
oFEn8mOhLGLFWFEA6fKOboJud/UEU6OWUmHvu82/sXw57Ige2cpqwrVofrShSxLg
YoBWOU7+i/4DPivtszizZOI7HXqfXnBLza2P6eeJ1PiztpJ1qw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:06:58 2025 by rpki-client