Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: Q2S4ZCFUocg8WjlSC2ezDVcGDmuXdOjOSxq19Ev1LF4=
Subject key identifier: 17:6A:9F:34:BB:E8:E4:FA:14:F7:CA:82:04:49:F2:21:59:CC:7D:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C18B69FDDD3C7E73E27639D585FF6E792C9750E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:18:b6:9f:dd:d3:c7:e7:3e:27:63:9d:58:5f:f6:e7:92:c9:75:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=0c23fdfe38f5b056d723f29d0352d42e9a06685bd31f7620d10501538d773c8a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ed:40:c8:6b:00:aa:12:94:60:ca:4e:01:fd:
4e:16:29:e0:7b:d7:e5:fb:9c:85:4f:23:dc:8f:bb:
26:b8:c2:d0:86:ec:c6:48:01:33:ed:d2:2d:78:45:
77:01:7b:c8:4d:ae:59:75:d1:26:b4:78:9d:dd:12:
a0:f5:66:5c:5e:bb:45:8f:94:d5:46:9d:2b:51:55:
5c:39:c0:1e:d2:1f:a6:75:49:9d:a7:a6:77:9c:7e:
da:0d:3c:26:7d:68:af:bc:4a:9e:24:dc:7a:fd:08:
a7:d9:4a:38:65:d3:1b:42:6b:ca:4b:dd:96:c9:6f:
b1:97:88:06:8d:ab:4f:6a:1c:0d:49:be:a1:4f:77:
3d:6e:ca:d5:6c:7b:dc:bb:4a:3b:24:40:13:ff:92:
cd:3b:c1:cd:26:c4:7c:f3:64:d3:78:9f:a7:5f:65:
6a:2f:0b:59:20:04:26:bb:82:36:47:e7:b8:70:2c:
ab:d1:17:d8:b5:02:26:e3:57:94:bc:07:25:46:83:
04:3a:aa:3a:ca:d5:01:4f:49:31:5a:23:39:ed:12:
39:55:ca:76:29:27:e2:d6:54:63:94:c4:15:75:d4:
96:95:13:2c:2d:db:10:e8:ee:58:88:a3:ae:96:74:
8d:52:a4:87:b0:4e:89:df:10:8f:d8:7d:09:00:8e:
73:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6A:9F:34:BB:E8:E4:FA:14:F7:CA:82:04:49:F2:21:59:CC:7D:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
65:c6:8d:66:6c:22:fa:b7:74:33:d3:0d:8f:8f:f9:07:34:60:
2b:ef:90:94:d0:d9:e0:91:39:28:24:43:0b:b7:e1:dd:29:13:
ca:fa:46:05:e2:e2:e4:b1:71:98:85:0d:a8:5b:de:e7:6f:a4:
85:0f:fc:33:61:31:04:06:c8:17:65:3d:6a:f2:f3:9f:6c:37:
ec:93:9d:11:11:7d:04:35:5e:d2:a1:32:84:47:6b:89:58:23:
53:6a:37:6c:5f:4d:b5:7f:de:bb:6a:29:81:48:b7:e6:f4:b2:
48:10:c7:44:a4:d3:c3:df:d7:eb:9c:e5:df:88:7c:a2:ac:81:
2d:73:33:26:60:d1:38:bb:9b:a1:9c:7e:a0:75:e0:2f:1a:b1:
69:9c:0e:50:4e:23:11:eb:7d:82:5f:31:60:25:94:cb:31:61:
f4:c6:04:c4:9b:06:5d:d2:57:82:c2:ad:87:05:4d:58:3c:4b:
14:ba:b6:ae:ac:a3:7b:4a:e0:dd:63:94:95:17:76:dc:cc:78:
14:fd:2c:3b:b7:ea:35:9d:1a:e0:5a:7f:f8:ed:d3:45:8b:95:
22:33:d5:cd:83:0f:22:f9:ab:65:fe:ae:3d:1c:77:47:50:2e:
e2:b8:4a:57:93:bf:d1:ba:92:ff:bb:5b:cf:e7:88:1a:1c:75:
d9:04:2b:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTBi2n93Tx+c+J2OdWF/255LJdQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMjNmZGZlMzhmNWIwNTZkNzIzZjI5ZDAzNTJkNDJlOWEwNjY4NWJkMzFm
NzYyMGQxMDUwMTUzOGQ3NzNjOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTtQMhrAKoSlGDKTgH9ThYp4HvX5fuchU8j3I+7JrjC0IbsxkgBM+3SLXhF
dwF7yE2uWXXRJrR4nd0SoPVmXF67RY+U1UadK1FVXDnAHtIfpnVJnaemd5x+2g08
Jn1or7xKniTcev0Ip9lKOGXTG0JrykvdlslvsZeIBo2rT2ocDUm+oU93PW7K1Wx7
3LtKOyRAE/+SzTvBzSbEfPNk03ifp19lai8LWSAEJruCNkfnuHAsq9EX2LUCJuNX
lLwHJUaDBDqqOsrVAU9JMVojOe0SOVXKdikn4tZUY5TEFXXUlpUTLC3bEOjuWIij
rpZ0jVKkh7BOid8Qj9h9CQCOcykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXap80
u+jk+hT3yoIESfIhWcx9dTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlxo1mbCL6t3Qz0w2Pj/kHNGAr75CU0NngkTko
JEMLt+HdKRPK+kYF4uLksXGYhQ2oW97nb6SFD/wzYTEEBsgXZT1q8vOfbDfsk50R
EX0ENV7SoTKER2uJWCNTajdsX021f967aimBSLfm9LJIEMdEpNPD39frnOXfiHyi
rIEtczMmYNE4u5uhnH6gdeAvGrFpnA5QTiMR632CXzFgJZTLMWH0xgTEmwZd0leC
wq2HBU1YPEsUuraurKN7SuDdY5SVF3bczHgU/Sw7t+o1nRrgWn/47dNFi5UiM9XN
gw8i+atl/q49HHdHUC7iuEpXk7/RupL/u1vP54gaHHXZBCu/
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:02 2025 by rpki-client