Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
File: a1aeed91-7b62-4371-b8f3-245485e1bf21.roa (raw, json)
Hash identifier: WL9EOqf8c9V+d34ZZh9VOWiKmOh5PXa0NrH7NCLE9o4=
Subject key identifier: F3:86:9F:63:8A:DE:2A:74:7C:EC:AB:45:E4:39:F1:67:D2:1E:A0:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 191B7C08F347014F61DFFAADC5CDEAC1EAD6A9BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e0c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:1b:7c:08:f3:47:01:4f:61:df:fa:ad:c5:cd:ea:c1:ea:d6:a9:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=7f47caf558a42e13c2e8fdefe34e38cee13a4183d25e5a21e4b3185b9f369f62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:7c:fd:d9:91:89:18:ba:8b:9b:5b:91:32:08:
b4:ab:f4:b5:09:a8:6d:0e:c1:8b:b5:a8:f2:52:c5:
6f:0b:22:27:06:aa:17:2d:20:6b:34:29:3f:a1:cf:
6c:ac:00:0b:14:7f:10:04:4e:14:bb:12:0a:ab:23:
99:e5:35:95:6b:83:32:ba:5d:56:6c:3b:f5:5e:31:
9a:3d:53:a9:7c:2d:16:59:6d:51:38:02:4d:43:8d:
93:63:fe:fa:42:cf:dc:ca:1f:a6:94:93:04:92:0f:
19:1a:f7:e2:9e:90:27:bf:1f:39:7d:c8:0c:4a:71:
fd:b6:09:e4:db:04:6b:fe:b5:25:05:23:e4:15:01:
b7:ed:18:5f:39:a5:19:0e:aa:88:ce:4f:d0:fc:dd:
ac:76:8a:cb:f7:a3:67:79:eb:d9:b4:10:a4:d6:0d:
92:84:50:b0:c6:1a:e8:e8:18:bd:4c:7d:18:b7:c0:
40:f2:84:dd:6f:13:ff:0b:86:32:87:3b:e6:47:3e:
d8:2f:a0:86:a5:ee:96:5e:38:ec:8a:05:f1:ab:c4:
b3:7d:c8:fb:ec:44:a4:84:9f:78:a3:d9:b8:eb:f1:
79:73:f6:58:50:c7:f0:74:49:40:cc:fc:d9:d3:dd:
c9:47:32:fd:23:ae:d2:e9:0c:db:16:0a:27:87:64:
5a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:86:9F:63:8A:DE:2A:74:7C:EC:AB:45:E4:39:F1:67:D2:1E:A0:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
0d:8a:54:bf:7d:69:3e:de:d9:1d:0c:aa:c0:fd:62:33:fc:aa:
9e:2c:bd:44:ac:bc:9b:c1:50:27:db:9f:c5:51:56:25:b2:c3:
6b:13:a7:0f:c0:22:f0:3c:10:d2:1f:bd:d6:81:31:2e:28:12:
d0:1a:5a:28:83:af:c1:34:1a:37:59:3c:58:57:99:b1:d5:4e:
96:0e:75:0c:60:1f:f6:04:0b:4c:d7:ba:77:dd:28:86:99:f2:
ad:3a:10:b4:8f:0e:73:1e:d2:ba:f2:7e:34:6f:af:14:6e:a1:
ff:4d:69:5b:1b:d0:8c:dc:84:37:76:3c:fb:8a:34:9a:0d:cd:
3e:0c:94:3d:5d:71:12:2f:fc:5e:aa:61:84:ea:c7:fa:54:7b:
9d:f7:8d:8f:ee:fa:c4:07:d3:e9:13:92:6c:70:26:ca:a4:12:
43:d7:80:75:e2:ea:a8:0b:3b:bf:94:1e:74:fc:35:81:5b:19:
7f:79:67:60:18:e1:83:b5:ca:5f:22:4b:79:15:d8:54:4f:b1:
0b:72:2a:2c:c4:56:89:f0:6c:32:c6:13:ac:80:b1:7b:90:c8:
32:18:b6:3f:61:11:9a:df:be:64:3b:0f:9b:7d:ef:44:98:6d:
ec:81:6f:58:ce:b5:46:f8:77:e4:cd:c5:6a:ac:f6:91:46:8a:
34:42:63:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGRt8CPNHAU9h3/qtxc3qwerWqbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNDdjYWY1NThhNDJlMTNjMmU4ZmRlZmUzNGUzOGNlZTEzYTQxODNkMjVl
NWEyMWU0YjMxODViOWYzNjlmNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOd8/dmRiRi6i5tbkTIItKv0tQmobQ7Bi7Wo8lLFbwsiJwaqFy0gazQpP6HP
bKwACxR/EAROFLsSCqsjmeU1lWuDMrpdVmw79V4xmj1TqXwtFlltUTgCTUONk2P+
+kLP3MofppSTBJIPGRr34p6QJ78fOX3IDEpx/bYJ5NsEa/61JQUj5BUBt+0YXzml
GQ6qiM5P0PzdrHaKy/ejZ3nr2bQQpNYNkoRQsMYa6OgYvUx9GLfAQPKE3W8T/wuG
Moc75kc+2C+ghqXull447IoF8avEs33I++xEpISfeKPZuOvxeXP2WFDH8HRJQMz8
2dPdyUcy/SOu0ukM2xYKJ4dkWoMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTzhp9j
it4qdHzsq0XkOfFn0h6gazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTFhZWVkOTEtN2I2Mi00MzcxLWI4ZjMtMjQ1NDg1ZTFiZjIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
wDANBgkqhkiG9w0BAQsFAAOCAQEADYpUv31pPt7ZHQyqwP1iM/yqniy9RKy8m8FQ
J9ufxVFWJbLDaxOnD8Ai8DwQ0h+91oExLigS0BpaKIOvwTQaN1k8WFeZsdVOlg51
DGAf9gQLTNe6d90ohpnyrToQtI8Ocx7SuvJ+NG+vFG6h/01pWxvQjNyEN3Y8+4o0
mg3NPgyUPV1xEi/8XqphhOrH+lR7nfeNj+76xAfT6ROSbHAmyqQSQ9eAdeLqqAs7
v5QedPw1gVsZf3lnYBjhg7XKXyJLeRXYVE+xC3IqLMRWifBsMsYTrICxe5DIMhi2
P2ERmt++ZDsPm33vRJht7IFvWM61Rvh35M3Faqz2kUaKNEJjrg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:26:39 2025 by rpki-client