Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
File: a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa (raw, json)
Hash identifier: J4nCZ2IkGtssniQQ8nLG4F+cpifiMmmooZ3Fkn3zPS8=
Subject key identifier: CA:9C:86:C7:B8:52:93:85:65:EF:D8:05:37:FB:0B:3D:D1:B3:07:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BAC18B4BFEAAAFD5C47CFA558EFB95F9F7744B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:4000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:ac:18:b4:bf:ea:aa:fd:5c:47:cf:a5:58:ef:b9:5f:9f:77:44:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f03f5329f53c669968ca033de278a20fdb2958e848c4900712129f4534ea85d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:f0:3b:79:f4:b3:cb:d9:35:63:f1:36:c5:
dd:2e:fb:8b:45:3f:43:cb:37:55:c6:b5:79:0b:d9:
a8:4d:22:2c:5b:58:0e:50:5c:9f:dd:93:bb:09:44:
3c:19:3c:1d:5e:74:c4:ef:ea:20:e1:bf:05:0f:a3:
9d:96:ff:ef:76:21:50:9c:f0:0d:a6:bf:b0:4a:e3:
d5:16:58:48:fe:1d:cc:83:a2:f2:a4:4c:34:95:2b:
c6:79:f7:5b:e1:8b:12:ab:9e:af:01:64:3c:7e:b7:
4f:ba:dd:33:dc:4f:c2:a5:2f:a3:33:96:1f:cf:b7:
b7:cb:a6:73:73:aa:6f:f2:21:88:b9:58:8a:c4:a5:
93:54:e3:f0:12:44:ae:80:3b:8c:53:14:38:ad:dc:
fd:23:4d:3e:17:0e:5b:b0:25:16:da:0a:2b:c0:ca:
97:f0:9e:5a:60:81:46:6b:95:d3:14:cc:00:e6:f7:
8f:46:c5:5a:de:91:e6:58:f2:93:d5:29:72:7a:25:
4c:6e:c5:a2:c5:f6:2f:a4:dd:67:fe:f9:f8:2b:78:
48:39:2b:c7:ad:cf:ba:b3:4b:92:75:ef:d7:ee:cc:
2b:97:cc:c7:94:e5:98:6f:3a:2e:f8:49:a2:01:fb:
45:e4:74:a8:01:f0:6c:1f:07:b1:d8:d3:0e:96:52:
69:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:9C:86:C7:B8:52:93:85:65:EF:D8:05:37:FB:0B:3D:D1:B3:07:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
49:25:2f:69:a0:2b:ee:fe:e8:b4:89:c7:6a:fb:f3:d2:ae:ce:
12:35:4e:b2:ec:ec:65:f6:c1:6a:4b:54:5c:dc:78:39:09:67:
9e:f3:22:e0:25:a7:47:8a:c4:cf:a3:28:4c:e0:7a:b4:88:1b:
be:d7:3d:c4:95:3f:45:6c:de:f2:5b:ac:ed:ea:51:d0:e2:be:
2f:3e:dc:79:ce:17:80:fc:7b:f8:88:20:bc:aa:a0:3e:ef:d9:
38:bb:63:22:32:14:c8:6d:57:74:ec:e0:65:bc:12:22:87:69:
10:0f:1c:30:d9:15:ff:44:11:63:c7:c6:60:09:96:9e:6a:22:
de:cc:36:07:d0:66:61:12:9f:04:85:9b:8d:78:68:33:16:bb:
46:23:63:53:33:b1:1f:58:b9:89:64:ad:79:89:6a:b6:75:21:
cf:80:8e:84:dc:50:66:05:62:21:a4:78:ab:26:6f:01:f1:8c:
11:4d:04:6b:2a:82:08:82:44:01:1d:ed:46:cc:93:f4:ef:b5:
df:5a:21:d0:fd:56:15:1b:58:a5:15:da:f4:77:f5:a3:78:e0:
60:f3:24:bf:fb:4e:4c:80:96:b1:a9:cb:90:6e:85:f7:e7:af:
03:0f:6e:ed:a0:b4:60:ff:b5:b9:01:39:4b:3a:b5:47:bf:bf:
f3:01:3b:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe6wYtL/qqv1cR8+lWO+5X593RLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwM2Y1MzI5ZjUzYzY2OTk2OGNhMDMzZGUyNzhhMjBmZGIyOTU4ZTg0OGM0
OTAwNzEyMTI5ZjQ1MzRlYTg1ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKh68Dt59LPL2TVj8TbF3S77i0U/Q8s3Vca1eQvZqE0iLFtYDlBcn92TuwlE
PBk8HV50xO/qIOG/BQ+jnZb/73YhUJzwDaa/sErj1RZYSP4dzIOi8qRMNJUrxnn3
W+GLEquerwFkPH63T7rdM9xPwqUvozOWH8+3t8umc3Oqb/IhiLlYisSlk1Tj8BJE
roA7jFMUOK3c/SNNPhcOW7AlFtoKK8DKl/CeWmCBRmuV0xTMAOb3j0bFWt6R5ljy
k9UpcnolTG7FosX2L6TdZ/75+Ct4SDkrx63PurNLknXv1+7MK5fMx5TlmG86LvhJ
ogH7ReR0qAHwbB8HsdjTDpZSaaMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKnIbH
uFKThWXv2AU3+ws90bMHDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJjNGMyOGMtMGRmOS00MGQ0LWJmNGQtOTI2MTA0YjY5MWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJJS9poCvu/ui0icdq+/PSrs4SNU6y7Oxl9sFq
S1Rc3Hg5CWee8yLgJadHisTPoyhM4Hq0iBu+1z3ElT9FbN7yW6zt6lHQ4r4vPtx5
zheA/Hv4iCC8qqA+79k4u2MiMhTIbVd07OBlvBIih2kQDxww2RX/RBFjx8ZgCZae
aiLezDYH0GZhEp8EhZuNeGgzFrtGI2NTM7EfWLmJZK15iWq2dSHPgI6E3FBmBWIh
pHirJm8B8YwRTQRrKoIIgkQBHe1GzJP077XfWiHQ/VYVG1ilFdr0d/WjeOBg8yS/
+05MgJaxqcuQboX3568DD27toLRg/7W5ATlLOrVHv7/zATvO
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:59 2025 by rpki-client