Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: Ey+hcU8PmVzAwBMFPjywGfAy66rwS1YqWeJBrbhaZeo=
Subject key identifier: 81:E6:7D:FB:AB:02:EF:0B:17:0A:7C:72:99:09:61:57:BF:47:2F:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06F764223F5649755F51FEA6D3DBBF607556372E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:f7:64:22:3f:56:49:75:5f:51:fe:a6:d3:db:bf:60:75:56:37:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=48a33d99b99b992dffc1dc4ec4bef2abdb5a8cd11db8e067c4075d0d7dc88537, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b4:02:8a:7e:ba:07:2a:3b:c3:b4:c9:59:00:
fa:01:f7:1b:c3:63:e5:47:c2:1e:c8:c6:67:99:46:
e5:11:35:c0:20:6d:68:76:62:92:b2:0a:a0:3a:3f:
4d:31:3a:8b:48:05:34:a0:ab:d2:77:ad:10:53:6e:
e1:bd:76:fa:68:4d:4c:fa:d4:dc:b4:02:f7:5b:f7:
44:83:1b:b3:24:a7:a9:d8:96:85:01:9d:0e:f0:06:
ba:1e:14:9f:0f:4a:df:36:ae:e5:c9:01:4f:ea:90:
8c:78:0f:a0:1d:11:f4:b2:a2:0b:11:55:1d:9e:92:
39:6c:39:88:20:4e:1a:74:64:a8:7b:6c:cb:d7:cc:
99:c0:97:62:12:5f:1a:a9:a2:06:79:e2:5c:46:32:
0a:8e:12:55:9b:0d:0f:cf:fc:9b:63:c7:38:a9:5e:
27:a9:f6:ea:d9:94:f7:e5:5c:3a:fd:ee:63:46:89:
f5:3b:6a:34:95:16:11:32:2c:39:ec:66:00:5b:19:
ab:31:9a:23:94:23:d6:5d:0d:e4:72:4f:40:fe:9a:
c2:64:90:32:2a:c3:ba:a8:04:51:7b:7d:36:ae:15:
01:04:82:5f:9f:d2:65:51:43:a5:4d:ed:bb:5d:2d:
4e:8d:c7:aa:76:87:32:a2:2d:3b:52:90:c4:1a:56:
8b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E6:7D:FB:AB:02:EF:0B:17:0A:7C:72:99:09:61:57:BF:47:2F:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
6c:f5:76:c3:c9:87:5e:36:e4:13:05:26:3f:24:47:ea:5d:23:
3e:90:bc:77:50:0b:95:b1:4c:ed:4e:8f:66:9d:30:35:cb:c2:
6b:7b:a4:ee:ff:fe:8d:2c:6c:33:1d:7f:94:6a:6d:a1:03:2c:
8e:0b:4e:c6:4a:87:7b:df:2b:d4:7f:5f:67:2f:4d:c4:e3:57:
1b:4a:9b:a9:47:8c:91:9e:ba:69:46:b8:e5:6e:21:16:ce:18:
1f:58:c5:d2:13:00:8c:e7:4b:77:27:34:46:b2:e2:cb:77:3f:
ef:93:d6:3a:1d:f9:34:77:d8:58:93:6c:46:51:7c:3f:61:a2:
c6:c3:38:cf:b1:7a:27:b7:ba:c2:e0:76:8d:16:d0:0d:d5:37:
05:5b:85:29:05:ab:ea:47:99:ae:75:0f:6f:ec:09:05:3e:1e:
12:26:12:b8:bb:27:76:67:ca:24:ab:9b:16:bc:fe:19:b5:5c:
0e:1a:c3:99:3a:9b:46:1b:4b:f5:7a:fd:3f:b7:0a:9a:11:59:
b9:85:fd:e1:d5:64:6a:45:ab:13:9b:8c:0c:b6:22:72:d7:30:
de:a0:b9:ef:d0:80:9b:14:d2:69:e3:bb:c5:83:cb:58:9e:04:
3e:17:e7:f3:48:3a:d8:5e:1e:a4:69:00:05:94:ce:49:74:ca:
65:01:47:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBvdkIj9WSXVfUf6m09u/YHVWNy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YTMzZDk5Yjk5Yjk5MmRmZmMxZGM0ZWM0YmVmMmFiZGI1YThjZDExZGI4
ZTA2N2M0MDc1ZDBkN2RjODg1MzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANa0Aop+ugcqO8O0yVkA+gH3G8Nj5UfCHsjGZ5lG5RE1wCBtaHZikrIKoDo/
TTE6i0gFNKCr0netEFNu4b12+mhNTPrU3LQC91v3RIMbsySnqdiWhQGdDvAGuh4U
nw9K3zau5ckBT+qQjHgPoB0R9LKiCxFVHZ6SOWw5iCBOGnRkqHtsy9fMmcCXYhJf
GqmiBnniXEYyCo4SVZsND8/8m2PHOKleJ6n26tmU9+VcOv3uY0aJ9TtqNJUWETIs
OexmAFsZqzGaI5Qj1l0N5HJPQP6awmSQMirDuqgEUXt9Nq4VAQSCX5/SZVFDpU3t
u10tTo3HqnaHMqItO1KQxBpWi+0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSB5n37
qwLvCxcKfHKZCWFXv0cvrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAbPV2w8mHXjbkEwUmPyRH6l0jPpC8d1ALlbFM
7U6PZp0wNcvCa3uk7v/+jSxsMx1/lGptoQMsjgtOxkqHe98r1H9fZy9NxONXG0qb
qUeMkZ66aUa45W4hFs4YH1jF0hMAjOdLdyc0RrLiy3c/75PWOh35NHfYWJNsRlF8
P2GixsM4z7F6J7e6wuB2jRbQDdU3BVuFKQWr6keZrnUPb+wJBT4eEiYSuLsndmfK
JKubFrz+GbVcDhrDmTqbRhtL9Xr9P7cKmhFZuYX94dVkakWrE5uMDLYictcw3qC5
79CAmxTSaeO7xYPLWJ4EPhfn80g62F4epGkABZTOSXTKZQFHGA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:09 2025 by rpki-client