Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json)
Hash identifier: XCjnhMSrtgU5LBgdMYVpLNAwqsIhP7Dwub9Ylsym18A=
Subject key identifier: 5B:EB:D5:43:25:B6:CB:9C:EF:0D:6B:9E:B2:F8:3E:EC:10:3A:9A:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58C67C5D940A8497F36D7ED45AFA8E93A5A88CDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:c6:7c:5d:94:0a:84:97:f3:6d:7e:d4:5a:fa:8e:93:a5:a8:8c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=94b0580568c28c7d64060f95fff7e044a9d96759945ef3144def4e9a5a96d9f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:66:24:d6:91:52:da:04:5f:ca:38:d0:9a:
c0:20:89:54:66:2e:62:6a:60:07:28:e6:55:4e:bc:
3a:21:e1:6a:88:69:07:2d:d0:9a:ed:19:93:cf:6a:
d5:08:fe:ff:0b:a4:fc:70:97:20:f4:33:f4:39:1c:
dc:81:50:a3:e1:39:f5:cd:ed:df:34:32:b5:c8:03:
5e:df:16:dc:ad:b1:f1:7d:2a:30:71:d4:91:c7:ca:
0e:3b:32:e9:03:06:e6:74:ab:58:2b:03:ed:11:79:
ac:85:0c:bb:89:98:24:e5:23:44:7b:51:04:7a:2f:
5d:1d:98:8a:fb:47:b9:bd:8e:45:33:b2:7d:da:a1:
44:b3:6b:9a:26:f4:91:f2:3a:53:2c:af:48:0c:29:
6b:d8:28:f9:df:4e:70:36:60:c9:8d:e4:82:dc:62:
f7:2e:b5:81:34:f9:44:c7:48:6f:7b:28:4b:c3:e8:
44:25:1f:bd:66:f7:7b:99:8a:2a:5c:d4:eb:e7:da:
9d:31:79:48:d2:60:30:3f:da:73:08:ba:c8:64:bd:
90:f6:ac:7e:5b:65:c0:7a:9a:13:7c:64:54:ea:86:
bc:e7:a2:4d:19:1c:08:3d:a3:be:c8:f5:de:a8:9e:
7c:a3:d4:7a:ac:e6:f0:6d:fe:db:31:14:84:21:75:
0a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:EB:D5:43:25:B6:CB:9C:EF:0D:6B:9E:B2:F8:3E:EC:10:3A:9A:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
00:1f:88:ec:ed:69:43:e5:96:3b:b4:50:82:4e:e1:ff:ab:df:
d7:c0:87:c1:18:0b:61:1c:0e:5f:fa:c0:43:1d:1b:af:b2:03:
31:fb:56:20:e6:bb:5f:56:dc:c7:50:39:c9:29:bd:43:00:fe:
d8:8f:25:d4:08:59:9c:66:e3:7d:f1:45:91:70:6b:63:e5:e6:
b5:d9:9a:a5:58:e7:05:7b:8f:4c:8c:f3:e6:3e:e7:1d:ba:80:
18:9e:b7:d4:ef:d9:32:a7:63:14:80:49:33:3b:1d:c5:85:4e:
15:ea:13:cd:cc:a0:2b:fe:a9:5b:69:21:f6:04:81:55:23:d5:
eb:8e:e4:a6:47:d0:2b:7e:a8:97:4e:e7:98:81:61:e2:d8:c8:
1a:bd:8a:32:ab:98:3d:01:a0:1e:65:60:eb:d9:4b:0b:15:ce:
8c:83:cb:6b:67:95:4a:a2:a0:50:5a:28:eb:d9:db:be:48:e1:
e8:ae:5b:df:c1:6f:ec:4a:28:a4:f5:6c:c8:9b:bd:25:ad:a8:
0d:c5:12:74:fd:99:92:22:f8:fd:44:7b:a6:7c:cd:17:39:f9:
e9:c0:b3:c4:26:11:1d:97:c9:f3:ce:b6:87:39:b4:3d:59:f0:
0f:10:4f:f2:a0:b5:20:cd:9d:3a:b7:a0:92:03:41:21:c9:da:
4c:0a:7f:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWMZ8XZQKhJfzbX7UWvqOk6WojN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0YjA1ODA1NjhjMjhjN2Q2NDA2MGY5NWZmZjdlMDQ0YTlkOTY3NTk5NDVl
ZjMxNDRkZWY0ZTlhNWE5NmQ5ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKG2ZiTWkVLaBF/KONCawCCJVGYuYmpgByjmVU68OiHhaohpBy3Qmu0Zk89q
1Qj+/wuk/HCXIPQz9Dkc3IFQo+E59c3t3zQytcgDXt8W3K2x8X0qMHHUkcfKDjsy
6QMG5nSrWCsD7RF5rIUMu4mYJOUjRHtRBHovXR2YivtHub2ORTOyfdqhRLNrmib0
kfI6UyyvSAwpa9go+d9OcDZgyY3kgtxi9y61gTT5RMdIb3soS8PoRCUfvWb3e5mK
KlzU6+fanTF5SNJgMD/acwi6yGS9kPasfltlwHqaE3xkVOqGvOeiTRkcCD2jvsj1
3qiefKPUeqzm8G3+2zEUhCF1CrECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRb69VD
JbbLnO8Na56y+D7sEDqaYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAAH4js7WlD5ZY7tFCCTuH/q9/XwIfBGAthHA5f
+sBDHRuvsgMx+1Yg5rtfVtzHUDnJKb1DAP7YjyXUCFmcZuN98UWRcGtj5ea12Zql
WOcFe49MjPPmPucduoAYnrfU79kyp2MUgEkzOx3FhU4V6hPNzKAr/qlbaSH2BIFV
I9XrjuSmR9ArfqiXTueYgWHi2MgavYoyq5g9AaAeZWDr2UsLFc6Mg8trZ5VKoqBQ
Wijr2du+SOHorlvfwW/sSiik9WzIm70lragNxRJ0/ZmSIvj9RHumfM0XOfnpwLPE
JhEdl8nzzraHObQ9WfAPEE/yoLUgzZ06t6CSA0EhydpMCn8H
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:43 2025 by rpki-client