Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: xkFumxaV6z6MQDfhd+CmcbAUbu5QjHNMMYcpjFsOEbM=
Subject key identifier: E1:4E:2B:43:CB:99:EE:56:2C:3B:9B:14:8D:D4:9E:EA:A0:EA:18:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 350CB9AB8F8D55138938D7AB5FB2A84B75EA6B62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:0c:b9:ab:8f:8d:55:13:89:38:d7:ab:5f:b2:a8:4b:75:ea:6b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=f3bd1789983fae8e364ddea16fecd8290db664a355880997dd8bc439dcb42449, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3a:0d:ca:74:36:71:93:bd:e6:41:fe:c1:03:
35:7f:97:0c:b0:64:6d:22:fd:dc:1d:6e:8d:68:b6:
1e:df:f7:f2:da:e0:f4:2a:e9:7f:4a:3e:48:6e:dd:
6f:92:96:bd:10:74:12:c7:5e:f4:0a:9c:d2:c8:96:
bb:af:1e:5b:38:9b:69:c4:90:1c:f8:2c:27:d4:a3:
b6:18:5d:83:04:0d:d2:a1:41:e9:8a:22:49:b9:9f:
1a:4d:ef:f8:57:ab:d0:07:64:98:fc:04:9e:cd:82:
7d:36:af:15:76:52:a1:55:22:18:90:33:30:cc:17:
22:4b:0e:b4:7d:57:b3:18:5d:78:f9:8a:5c:7f:5e:
5f:2e:23:85:ad:87:72:bc:91:ac:84:ea:55:ed:2a:
62:19:42:86:85:5a:05:0b:35:6b:cc:cd:55:53:9e:
a7:c4:7a:76:9b:23:af:39:f8:9f:ff:3d:3f:5e:95:
d3:1a:7f:75:3f:05:87:6e:60:f1:39:e2:55:aa:cd:
9e:33:0c:78:53:d3:51:bb:f7:4f:19:f3:be:06:ce:
02:81:3c:1a:32:71:e1:e1:f6:b9:ef:e3:43:32:43:
27:0e:a6:ea:41:ae:ef:86:94:2c:0c:3b:2e:1b:83:
6e:c8:43:2f:c3:a7:c3:e4:cb:43:6c:c5:e0:89:94:
4b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4E:2B:43:CB:99:EE:56:2C:3B:9B:14:8D:D4:9E:EA:A0:EA:18:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:31:0b:e7:18:6d:92:f3:73:20:61:6a:f1:fb:10:9f:7a:ce:
26:51:b9:52:b6:e0:17:d5:c5:4c:18:f5:8b:77:5c:e0:57:12:
69:18:c2:36:5f:48:b9:16:9b:f6:93:46:1b:6d:b3:56:b1:df:
56:31:a1:95:17:6e:1f:af:24:db:cb:a4:fe:f1:cc:62:40:43:
70:98:6b:ba:1e:c7:d9:3f:bd:8e:cd:8d:b1:7b:40:4b:94:f0:
74:b0:e5:b3:63:b8:b6:8b:f1:7e:ec:59:a0:05:26:a4:50:0d:
07:7b:85:fd:31:3f:6c:6c:0d:29:36:71:c9:2a:88:9a:47:2f:
36:17:eb:57:0b:aa:e0:d4:26:1b:36:9b:19:9d:2f:94:64:d9:
63:14:fa:dd:6d:63:c8:b0:a2:aa:8b:cb:ce:b4:b5:19:18:0f:
f9:b2:4d:c4:6d:e6:60:c8:1d:11:bf:a8:e7:69:4a:30:69:e2:
1a:b4:b5:bd:06:29:9c:ea:81:f6:74:2e:85:1a:e0:1a:6a:99:
25:77:7e:33:4c:e3:cf:21:83:2c:98:74:85:c0:cc:09:58:ed:
f5:c7:d8:2f:89:67:0d:8a:e8:a0:53:5d:74:c7:6b:3e:76:88:
d5:63:81:39:8a:c7:fe:d5:90:e8:2e:25:b5:c7:f5:0b:cc:c3:
ba:9f:55:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNQy5q4+NVROJONerX7KoS3Xqa2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYmQxNzg5OTgzZmFlOGUzNjRkZGVhMTZmZWNkODI5MGRiNjY0YTM1NTg4
MDk5N2RkOGJjNDM5ZGNiNDI0NDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO86Dcp0NnGTveZB/sEDNX+XDLBkbSL93B1ujWi2Ht/38trg9Crpf0o+SG7d
b5KWvRB0Esde9Aqc0siWu68eWzibacSQHPgsJ9SjthhdgwQN0qFB6YoiSbmfGk3v
+Fer0AdkmPwEns2CfTavFXZSoVUiGJAzMMwXIksOtH1XsxhdePmKXH9eXy4jha2H
cryRrITqVe0qYhlChoVaBQs1a8zNVVOep8R6dpsjrzn4n/89P16V0xp/dT8Fh25g
8TniVarNnjMMeFPTUbv3TxnzvgbOAoE8GjJx4eH2ue/jQzJDJw6m6kGu74aULAw7
LhuDbshDL8Onw+TLQ2zF4ImUS3kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBThTitD
y5nuViw7mxSN1J7qoOoYBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAfMQvnGG2S83MgYWrx+xCfes4mUblStuAX1cVM
GPWLd1zgVxJpGMI2X0i5Fpv2k0YbbbNWsd9WMaGVF24fryTby6T+8cxiQENwmGu6
HsfZP72OzY2xe0BLlPB0sOWzY7i2i/F+7FmgBSakUA0He4X9MT9sbA0pNnHJKoia
Ry82F+tXC6rg1CYbNpsZnS+UZNljFPrdbWPIsKKqi8vOtLUZGA/5sk3EbeZgyB0R
v6jnaUowaeIatLW9Bimc6oH2dC6FGuAaapkld34zTOPPIYMsmHSFwMwJWO31x9gv
iWcNiuigU110x2s+dojVY4E5isf+1ZDoLiW1x/ULzMO6n1VE
-----END CERTIFICATE-----
Generated at Fri May 2 16:07:03 2025 by rpki-client