Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa
File: ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa (raw, json)
Hash identifier: n4Na1kHYzDu/iA/YEhbe3zHNRiOBr564FR7xA70MhY8=
Subject key identifier: 0B:FC:00:EC:A4:6F:65:DA:05:83:F3:91:17:7F:4D:11:C4:E5:5A:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 388E91B916DC49D0481F045869886A65F36D0896
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027:800::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:8e:91:b9:16:dc:49:d0:48:1f:04:58:69:88:6a:65:f3:6d:08:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6f4c5f4c414e571c1c6a92ad54555fb09376785dabee869a3cfd19626d14f89b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:22:28:83:3a:a4:78:61:0c:e5:a3:db:43:
a1:1d:19:aa:34:6c:97:ed:5e:f2:79:5a:0c:3e:43:
81:40:e7:d4:e6:db:c0:b7:24:dc:b7:b6:bf:63:35:
98:57:77:2b:1a:69:f5:88:77:7b:80:14:9a:b5:89:
58:88:0c:24:fd:06:0c:81:2a:5b:ca:48:59:2f:a0:
22:c0:a6:8f:db:85:b2:0b:51:86:e3:79:39:dd:ec:
9a:68:7d:1a:f0:20:63:be:2c:d4:16:06:68:a3:50:
32:f3:1e:6d:0d:ea:59:38:df:ca:7f:bd:04:3d:9a:
26:96:47:a3:f4:46:0b:bc:8f:81:65:3a:19:f9:a7:
5e:f5:7a:28:3f:2e:06:b0:f2:d2:5f:00:d4:21:1a:
d5:a4:ee:ff:8f:8e:fe:34:94:e1:ff:8f:87:7f:2a:
4d:0d:20:d4:f2:b1:b7:fc:60:1a:cb:da:bb:37:01:
52:02:1f:4e:3e:61:6e:b7:f3:5f:a0:92:f3:67:cd:
d1:24:bf:c7:1f:15:31:1f:58:93:ea:09:62:79:13:
17:5c:2a:57:f4:e2:41:a0:ed:42:5b:96:2f:7d:b1:
5a:2f:72:06:8e:a7:ee:82:ce:54:0c:35:08:20:85:
60:e6:c4:78:c3:60:1a:d7:2a:55:30:44:cd:8a:94:
de:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FC:00:EC:A4:6F:65:DA:05:83:F3:91:17:7F:4D:11:C4:E5:5A:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1c4376-0fb0-4887-b90e-22d84c8cfb7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027:800::/37
Signature Algorithm: sha256WithRSAEncryption
8c:9d:7d:b4:d5:1a:60:31:14:09:5e:0f:cf:be:e9:6c:b0:1a:
c3:34:91:13:a3:d5:79:1c:4a:c9:b0:cc:ab:43:f9:44:a3:e1:
35:a8:0b:99:e2:eb:d4:39:44:24:f3:d3:64:7f:54:99:21:67:
c2:8f:e4:cf:f1:5e:df:b0:19:b5:d6:0a:de:45:68:ae:d9:c8:
25:ad:d2:a1:1a:de:37:21:eb:2f:90:53:90:dc:84:cd:f0:b5:
3a:0b:a9:86:58:2e:3e:9f:9b:74:bf:dd:fe:67:1d:e4:25:e9:
88:2d:f1:81:39:12:96:09:56:8d:19:ec:52:52:ac:40:af:7c:
f8:59:f6:d7:4a:be:e2:80:7c:aa:86:fe:07:f3:46:a9:93:29:
1a:c6:9b:5c:c4:10:39:73:ec:5d:ca:3c:a4:7f:46:51:bd:f0:
f3:a6:ef:ad:dc:46:20:75:9c:51:4b:a4:eb:cc:62:e4:e3:9e:
3b:9d:56:cc:a5:29:ff:4d:51:d6:bd:91:20:c2:fd:5e:38:bd:
4b:b1:77:16:fc:58:71:c7:ec:31:ee:60:f5:73:1a:e4:a9:ba:
64:8f:97:a3:6c:72:71:58:ec:20:51:20:80:8a:1f:f8:7d:8d:
22:b3:d3:85:c6:07:ac:1a:2d:d7:be:51:b7:ab:4e:30:fd:88:
c2:f4:5c:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOI6RuRbcSdBIHwRYaYhqZfNtCJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNGM1ZjRjNDE0ZTU3MWMxYzZhOTJhZDU0NTU1ZmIwOTM3Njc4NWRhYmVl
ODY5YTNjZmQxOTYyNmQxNGY4OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbOIiiDOqR4YQzlo9tDoR0ZqjRsl+1e8nlaDD5DgUDn1ObbwLck3Le2v2M1
mFd3Kxpp9Yh3e4AUmrWJWIgMJP0GDIEqW8pIWS+gIsCmj9uFsgtRhuN5Od3smmh9
GvAgY74s1BYGaKNQMvMebQ3qWTjfyn+9BD2aJpZHo/RGC7yPgWU6GfmnXvV6KD8u
BrDy0l8A1CEa1aTu/4+O/jSU4f+Ph38qTQ0g1PKxt/xgGsvauzcBUgIfTj5hbrfz
X6CS82fN0SS/xx8VMR9Yk+oJYnkTF1wqV/TiQaDtQluWL32xWi9yBo6n7oLOVAw1
CCCFYObEeMNgGtcqVTBEzYqU3hMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQL/ADs
pG9l2gWD85EXf00RxOVakDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxYzQzNzYtMGZiMC00ODg3LWI5MGUtMjJkODRjOGNmYjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CcI
MA0GCSqGSIb3DQEBCwUAA4IBAQCMnX201RpgMRQJXg/PvulssBrDNJETo9V5HErJ
sMyrQ/lEo+E1qAuZ4uvUOUQk89Nkf1SZIWfCj+TP8V7fsBm11greRWiu2cglrdKh
Gt43IesvkFOQ3ITN8LU6C6mGWC4+n5t0v93+Zx3kJemILfGBORKWCVaNGexSUqxA
r3z4WfbXSr7igHyqhv4H80apkykaxptcxBA5c+xdyjykf0ZRvfDzpu+t3EYgdZxR
S6TrzGLk4547nVbMpSn/TVHWvZEgwv1eOL1LsXcW/Fhxx+wx7mD1cxrkqbpkj5ej
bHJxWOwgUSCAih/4fY0is9OFxgesGi3XvlG3q04w/YjC9FwT
-----END CERTIFICATE-----
Generated at Fri May 2 18:19:05 2025 by rpki-client