Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json)
Hash identifier: 9UdRgnsv8TVOVq1RFRE6o+OoHVkbVDMivYueSndAvXk=
Subject key identifier: 67:9C:A2:F7:4D:D7:A1:0F:6A:3C:B0:54:FB:12:8A:5C:95:C2:CB:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32FF1819B7FEDFF23E5D38FBCEFE12F0C2D46C57
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:ff:18:19:b7:fe:df:f2:3e:5d:38:fb:ce:fe:12:f0:c2:d4:6c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=db21bc242313d3935f998afa15cd101c90215dafb4eb087c6fc2bdad6e6c5062, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4e:51:01:9c:c0:09:45:d0:2d:0a:da:1c:94:
5c:a5:07:a7:95:0f:15:b8:32:4b:2d:3f:b1:2a:6f:
8c:21:a4:bb:47:06:79:6d:5a:a5:84:25:aa:74:b2:
34:42:82:cf:b6:33:60:a0:aa:4a:96:30:c4:79:de:
75:44:2e:9f:ac:33:03:b3:d4:fa:bf:da:c9:86:37:
6f:b6:ef:33:75:0f:5f:6b:f0:c5:0a:ac:f1:9f:46:
7e:13:6b:72:8d:e7:6c:b1:80:92:e0:b3:2b:ac:f9:
cb:8b:7f:b8:62:9a:49:83:02:90:0a:0b:74:b9:ca:
be:2b:ae:e2:c9:58:42:05:ff:c5:af:dd:b9:2c:b0:
1e:9d:6d:df:d8:b3:81:21:ab:9d:cd:d7:17:1e:5f:
9c:b6:f3:ab:69:54:f9:6f:3a:87:b8:b4:ef:12:ee:
97:aa:0e:c0:7f:fc:0a:22:a8:05:83:fa:03:0d:7e:
dd:09:47:84:47:ab:1c:ff:74:a8:d7:2c:d1:88:86:
3b:65:ac:f6:9a:23:35:c9:34:90:bf:7f:f3:47:bf:
4b:a1:5d:61:46:68:77:85:94:2a:c3:aa:d0:71:9d:
e7:1e:cf:58:80:04:10:be:0a:ba:ec:ae:ec:ec:8d:
7b:0f:8d:9d:ac:f2:8e:8b:4a:9f:6c:0a:e8:1c:d3:
47:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9C:A2:F7:4D:D7:A1:0F:6A:3C:B0:54:FB:12:8A:5C:95:C2:CB:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:52:c8:16:52:fb:59:18:cb:a3:5b:14:ec:a1:16:05:34:95:
31:e4:8d:b9:e8:e3:6a:65:27:9a:1c:92:bf:fd:f3:fb:02:48:
e2:c0:96:18:ec:d4:5f:73:41:de:dc:5a:09:f3:76:57:ce:85:
5e:46:65:74:26:9d:01:3d:05:63:c4:42:b0:4e:dc:23:3c:20:
30:59:96:ce:95:02:a9:0a:f4:4e:7e:df:d9:be:79:92:f2:de:
47:15:a5:5e:1a:a7:c3:dd:62:86:fc:67:01:a4:c0:e3:e1:bf:
a8:bf:af:63:ba:f5:ff:09:56:4c:cb:37:c9:fc:34:30:63:2a:
7d:c3:64:cf:64:c7:d8:8d:be:fa:af:f9:b8:7f:38:b3:ff:66:
1d:cf:1d:9a:5f:45:27:b7:62:d1:49:67:87:d7:61:8b:25:b1:
26:74:b7:29:ea:51:2f:53:e3:7f:ab:28:06:c8:1d:ec:9e:47:
ce:f3:95:11:b4:75:36:3b:fb:4c:e0:88:8e:3b:54:3c:47:2e:
bf:0c:1d:ba:2a:c6:0f:66:e9:d0:34:ff:ff:bd:20:8c:b8:ba:
92:5a:50:40:f1:06:39:87:11:4d:a2:0b:4e:8c:c8:7a:66:8d:
4e:11:f5:11:48:5e:a5:6c:83:7d:b0:0c:63:61:54:de:4d:46:
b8:09:51:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMv8YGbf+3/I+XTj7zv4S8MLUbFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiMjFiYzI0MjMxM2QzOTM1Zjk5OGFmYTE1Y2QxMDFjOTAyMTVkYWZiNGVi
MDg3YzZmYzJiZGFkNmU2YzUwNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpOUQGcwAlF0C0K2hyUXKUHp5UPFbgySy0/sSpvjCGku0cGeW1apYQlqnSy
NEKCz7YzYKCqSpYwxHnedUQun6wzA7PU+r/ayYY3b7bvM3UPX2vwxQqs8Z9GfhNr
co3nbLGAkuCzK6z5y4t/uGKaSYMCkAoLdLnKviuu4slYQgX/xa/duSywHp1t39iz
gSGrnc3XFx5fnLbzq2lU+W86h7i07xLul6oOwH/8CiKoBYP6Aw1+3QlHhEerHP90
qNcs0YiGO2Ws9pojNck0kL9/80e/S6FdYUZod4WUKsOq0HGd5x7PWIAEEL4Kuuyu
7OyNew+NnazyjotKn2wK6BzTRxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnnKL3
TdehD2o8sFT7EopclcLLqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQCkUsgWUvtZGMujWxTsoRYFNJUx5I256ONqZSea
HJK//fP7AkjiwJYY7NRfc0He3FoJ83ZXzoVeRmV0Jp0BPQVjxEKwTtwjPCAwWZbO
lQKpCvROft/ZvnmS8t5HFaVeGqfD3WKG/GcBpMDj4b+ov69juvX/CVZMyzfJ/DQw
Yyp9w2TPZMfYjb76r/m4fziz/2Ydzx2aX0Unt2LRSWeH12GLJbEmdLcp6lEvU+N/
qygGyB3snkfO85URtHU2O/tM4IiOO1Q8Ry6/DB26KsYPZunQNP//vSCMuLqSWlBA
8QY5hxFNogtOjMh6Zo1OEfURSF6lbIN9sAxjYVTeTUa4CVHn
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:32 2025 by rpki-client