Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
File: a626735f-cb4b-4dff-992e-95390a4e2eea.roa (raw, json)
Hash identifier: uFpukuHBDF1IEq8O6Ir70lp6qJ1ALGixSwuNfUMfyT4=
Subject key identifier: 65:32:D4:02:35:0D:E7:32:A2:EA:65:D5:B9:DD:CF:0A:69:59:21:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 033C5D99DD8008C524288D4AFFC72B55E1B58457
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:3c:5d:99:dd:80:08:c5:24:28:8d:4a:ff:c7:2b:55:e1:b5:84:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=0595c3fc299c5bd8b23f0b7f427d8c0e1b5ba03e1227a96d9b9daee37274ed89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:9e:1f:1a:6b:7d:0f:79:03:ab:ad:7b:92:
24:d6:57:00:5b:40:fc:e9:43:32:c3:33:6d:26:7f:
ee:8a:91:a6:20:e9:69:e7:ba:ea:0b:9b:fe:7b:94:
11:8f:bb:84:09:f5:95:a9:91:12:7c:80:c7:c3:dd:
e3:b1:6d:31:67:86:e6:3d:7b:90:91:06:a0:7e:65:
d1:91:30:b3:cb:5b:b7:66:b2:e8:5f:10:44:fa:f6:
2c:a2:cb:9b:8c:cd:2b:d2:1e:de:8a:cf:52:4d:b3:
19:f0:9d:ab:16:80:d2:d6:d6:db:83:30:5f:5c:f2:
32:c8:29:8b:42:5a:5d:d3:bf:63:9a:76:6c:08:87:
ff:8e:8d:34:54:5e:27:98:76:d0:9e:71:a6:2b:4c:
b8:04:e6:5b:92:fc:1b:3f:0d:53:34:1b:f9:a4:2e:
45:df:7b:c6:c6:f3:2d:f8:b0:50:60:c2:a1:ac:fe:
13:ba:c0:7a:cf:cf:05:e8:40:60:00:ee:fb:2c:31:
a6:31:9c:27:51:35:7b:0d:3a:ed:ea:b1:a2:14:d3:
0e:b5:98:77:15:6d:a7:ca:e6:48:72:67:f2:dd:8f:
e7:4f:43:0e:90:94:a8:e3:a6:6a:84:c4:e1:3b:3e:
18:8b:5d:a4:89:31:8a:eb:03:56:02:c4:f6:cf:95:
01:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:32:D4:02:35:0D:E7:32:A2:EA:65:D5:B9:DD:CF:0A:69:59:21:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:be:a8:b3:94:40:b3:b0:a5:7d:a0:a6:3d:9e:f4:fd:37:3e:
91:8f:c8:1b:bd:b8:37:8c:5f:6e:53:0d:eb:aa:60:a7:81:dd:
cf:ae:61:e6:89:8a:db:6a:f7:0a:b5:9d:1b:96:95:12:11:c8:
4c:73:24:32:9c:04:9e:10:66:67:e0:47:d6:99:c2:94:39:16:
2f:72:d4:c5:4d:02:ac:e0:71:f5:a4:ef:cd:94:c8:c5:3e:fd:
30:8d:0b:1c:24:eb:4b:02:3f:39:9d:8d:3b:46:ee:40:fd:8c:
32:4c:43:8e:41:a7:5e:1f:ac:62:d3:91:ef:27:88:07:c5:9c:
b5:a2:3f:77:74:a6:70:9c:c9:85:40:d2:d0:9c:eb:09:f1:d8:
68:96:15:e0:a9:17:e7:b6:77:49:cf:a9:f6:f6:15:74:77:df:
db:d8:ce:9a:1c:60:da:45:87:0b:a4:9d:c3:c2:5a:d5:2b:0f:
12:88:8e:19:ec:64:af:86:41:1b:28:a3:b1:c1:63:79:80:c6:
34:3d:eb:50:31:50:c6:c6:2a:a3:24:ca:86:5a:c6:b4:9e:47:
01:b6:ed:89:e2:ba:f5:24:87:62:6a:ea:78:aa:95:06:99:a8:
61:fd:15:df:eb:26:68:32:69:f9:a3:80:b8:e4:88:40:79:73:
c6:c0:cb:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAzxdmd2ACMUkKI1K/8crVeG1hFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1OTVjM2ZjMjk5YzViZDhiMjNmMGI3ZjQyN2Q4YzBlMWI1YmEwM2UxMjI3
YTk2ZDliOWRhZWUzNzI3NGVkODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC1nh8aa30PeQOrrXuSJNZXAFtA/OlDMsMzbSZ/7oqRpiDpaee66gub/nuU
EY+7hAn1lamREnyAx8Pd47FtMWeG5j17kJEGoH5l0ZEws8tbt2ay6F8QRPr2LKLL
m4zNK9Ie3orPUk2zGfCdqxaA0tbW24MwX1zyMsgpi0JaXdO/Y5p2bAiH/46NNFRe
J5h20J5xpitMuATmW5L8Gz8NUzQb+aQuRd97xsbzLfiwUGDCoaz+E7rAes/PBehA
YADu+ywxpjGcJ1E1ew067eqxohTTDrWYdxVtp8rmSHJn8t2P509DDpCUqOOmaoTE
4Ts+GItdpIkxiusDVgLE9s+VAScCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlMtQC
NQ3nMqLqZdW53c8KaVkhnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTYyNjczNWYtY2I0Yi00ZGZmLTk5MmUtOTUzOTBhNGUyZWVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+vqizlECzsKV9oKY9nvT9Nz6Rj8gbvbg3jF9u
Uw3rqmCngd3PrmHmiYrbavcKtZ0blpUSEchMcyQynASeEGZn4EfWmcKUORYvctTF
TQKs4HH1pO/NlMjFPv0wjQscJOtLAj85nY07Ru5A/YwyTEOOQadeH6xi05HvJ4gH
xZy1oj93dKZwnMmFQNLQnOsJ8dholhXgqRfntndJz6n29hV0d9/b2M6aHGDaRYcL
pJ3DwlrVKw8SiI4Z7GSvhkEbKKOxwWN5gMY0PetQMVDGxiqjJMqGWsa0nkcBtu2J
4rr1JIdiaup4qpUGmahh/RXf6yZoMmn5o4C45IhAeXPGwMsz
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:14 2025 by rpki-client