Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9f52cd3-6be7-41a5-94ab-8d2e1de12593.roa
File: a9f52cd3-6be7-41a5-94ab-8d2e1de12593.roa (raw, json)
Hash identifier: T8Ssxs9N2JCI2lo4G7Ut+x1mg+KXObXG1C32xVri66s=
Subject key identifier: BA:71:E5:E7:E0:8E:AD:70:36:01:34:CB:40:36:A2:94:55:E3:B5:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26250818C7D3A87F83805C9DFFEDEBF84155AA6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9f52cd3-6be7-41a5-94ab-8d2e1de12593.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:25:08:18:c7:d3:a8:7f:83:80:5c:9d:ff:ed:eb:f8:41:55:aa:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=e9bc8dc26aa7ace6cdd663929d2928bb61edfeb1d50f1f1b17e0e21b8d3f58f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b5:78:51:4b:21:fb:eb:4e:8a:f4:eb:c8:23:
5b:a8:93:5c:e7:59:f5:de:ef:d5:6c:f4:bd:59:8f:
06:99:7f:59:36:f1:f1:35:53:33:49:81:01:53:12:
b2:f7:45:2f:0f:16:3c:cc:69:27:c4:07:13:cc:d3:
52:cf:5e:6f:b1:1e:f1:6d:b2:c9:e2:d2:e5:c2:9b:
dc:37:8c:ca:71:6c:5e:72:5c:67:5a:9d:3f:84:6f:
e5:e7:af:ad:28:d1:50:6c:b1:bd:79:3c:42:03:6d:
43:cb:9c:20:7a:0d:c9:53:f5:c6:46:94:cd:5c:2f:
02:1f:ca:0d:47:c9:49:4d:91:22:c0:43:0c:1f:f7:
b2:db:34:2c:c2:5c:a7:5e:fb:dd:ba:7c:71:a2:21:
07:b5:dc:7e:87:63:14:34:85:ee:28:4e:da:d1:28:
b4:76:c3:b2:ec:f9:94:00:b1:5e:c5:bd:dd:e1:28:
cb:ac:f9:30:15:bd:ab:94:ee:9e:cb:cf:d2:c1:5d:
cb:47:e4:d7:a8:52:d8:04:05:d3:c1:2d:37:55:94:
ec:fa:c5:92:07:4a:27:64:97:46:4b:dd:85:72:82:
84:aa:35:60:5b:8c:53:67:0f:78:2c:09:ba:fa:f4:
c8:dc:af:86:a8:72:da:c6:05:55:bb:11:e1:ca:1f:
8c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:71:E5:E7:E0:8E:AD:70:36:01:34:CB:40:36:A2:94:55:E3:B5:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9f52cd3-6be7-41a5-94ab-8d2e1de12593.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4040::/48
Signature Algorithm: sha256WithRSAEncryption
82:9c:46:63:cb:f0:63:94:33:12:f0:19:b8:6f:81:68:47:65:
8c:77:c4:b2:07:59:b2:9b:00:5b:80:6f:4c:b2:17:85:0b:18:
ad:2a:6b:a9:1e:26:18:3c:05:c2:86:b6:52:90:d6:d2:4b:ad:
32:42:0c:60:39:6b:7b:12:ce:d3:27:93:c5:a7:ed:c1:4c:89:
f2:26:d3:df:05:ec:57:72:e3:7e:c8:37:75:8b:5c:b3:c7:07:
b7:cd:86:8b:23:60:8f:dd:69:70:f0:6b:20:d5:14:c3:45:36:
4e:44:77:c6:ff:8e:ce:c5:53:28:f6:49:aa:4f:2e:3c:67:0f:
bb:67:2c:da:38:21:50:91:2d:67:6b:cc:b2:e8:11:db:51:5a:
8e:e7:6b:af:b6:e3:61:b6:d8:96:cd:d1:d3:db:a1:d4:3c:57:
35:5d:7f:7d:10:72:7e:d1:f5:a7:63:19:9e:8d:8c:bb:f4:a0:
53:bd:1d:48:5b:0d:ff:e4:a3:01:66:89:7b:c1:da:31:b5:07:
6a:2f:73:ff:73:a3:89:60:31:e0:e0:d3:c1:45:48:0d:2a:eb:
67:a9:a8:31:2a:5d:a8:32:71:4d:98:cc:19:7f:3e:12:9a:55:
13:aa:bc:f4:e9:75:c6:86:c3:31:03:cd:4e:a4:c6:9b:bd:3e:
6d:f2:09:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJiUIGMfTqH+DgFyd/+3r+EFVqm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YmM4ZGMyNmFhN2FjZTZjZGQ2NjM5MjlkMjkyOGJiNjFlZGZlYjFkNTBm
MWYxYjE3ZTBlMjFiOGQzZjU4ZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu1eFFLIfvrTor068gjW6iTXOdZ9d7v1Wz0vVmPBpl/WTbx8TVTM0mBAVMS
svdFLw8WPMxpJ8QHE8zTUs9eb7Ee8W2yyeLS5cKb3DeMynFsXnJcZ1qdP4Rv5eev
rSjRUGyxvXk8QgNtQ8ucIHoNyVP1xkaUzVwvAh/KDUfJSU2RIsBDDB/3sts0LMJc
p1773bp8caIhB7XcfodjFDSF7ihO2tEotHbDsuz5lACxXsW93eEoy6z5MBW9q5Tu
nsvP0sFdy0fk16hS2AQF08EtN1WU7PrFkgdKJ2SXRkvdhXKChKo1YFuMU2cPeCwJ
uvr0yNyvhqhy2sYFVbsR4cofjFsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6ceXn
4I6tcDYBNMtANqKUVeO1fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTlmNTJjZDMtNmJlNy00MWE1LTk0YWItOGQyZTFkZTEyNTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRA
QDANBgkqhkiG9w0BAQsFAAOCAQEAgpxGY8vwY5QzEvAZuG+BaEdljHfEsgdZspsA
W4BvTLIXhQsYrSprqR4mGDwFwoa2UpDW0kutMkIMYDlrexLO0yeTxaftwUyJ8ibT
3wXsV3Ljfsg3dYtcs8cHt82GiyNgj91pcPBrINUUw0U2TkR3xv+OzsVTKPZJqk8u
PGcPu2cs2jghUJEtZ2vMsugR21Fajudrr7bjYbbYls3R09uh1DxXNV1/fRByftH1
p2MZno2Mu/SgU70dSFsN/+SjAWaJe8HaMbUHai9z/3OjiWAx4ODTwUVIDSrrZ6mo
MSpdqDJxTZjMGX8+EppVE6q89Ol1xobDMQPNTqTGm70+bfIJVg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:46 2025 by rpki-client