Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: y6bZz05pSdPaD8bS5fwuyD+/90+tEARaW4X1YM7/6h0=
Subject key identifier: 39:94:68:63:2F:45:46:02:6C:24:77:17:A7:DD:F0:A4:45:1C:40:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B7E208BB10879B106C3EC8D9E9D6F404492E3D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:7e:20:8b:b1:08:79:b1:06:c3:ec:8d:9e:9d:6f:40:44:92:e3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=59e9d38da1b711c726572615f3dfff1ae230747edecd91b79ac59ca4c57d1104, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e1:af:92:88:8b:39:31:4d:7d:89:bc:b6:42:
57:ea:53:c4:aa:35:df:1f:5e:65:42:cb:f2:65:3e:
a1:8c:00:03:4e:0c:0a:44:d7:7f:6e:df:9e:c5:5a:
72:0a:a6:4a:63:ea:20:a2:70:fe:4f:af:16:2c:29:
1d:54:23:41:3b:cf:23:99:b4:68:8f:bf:91:ac:e9:
d6:53:f8:d0:59:d5:64:c3:00:6c:80:8b:7b:58:3c:
5e:7d:fb:73:75:b2:c6:93:9c:d0:03:2a:81:5d:20:
b8:b5:18:c5:6a:dc:ca:ae:4f:4e:2c:33:52:95:2b:
6e:fc:b0:3a:0e:ec:40:39:cf:73:2e:89:62:e7:5a:
59:ae:b0:43:8e:b8:e3:b9:2c:c4:b7:02:0f:8e:0e:
24:60:16:6f:cb:73:77:75:13:b7:52:30:98:90:85:
81:f5:0e:53:b4:04:89:a4:82:a9:6f:bd:c6:d8:8f:
7f:4f:58:91:17:7e:d4:27:fc:92:06:7e:1f:03:19:
c0:19:38:2e:27:84:cb:2e:a0:f1:52:ba:18:f7:e7:
bd:03:e1:af:2c:38:0d:f8:1f:86:5c:37:e6:49:a8:
68:15:13:73:13:b7:62:8b:9c:e9:6d:32:57:75:78:
e8:60:a0:00:dd:3b:69:6d:b6:80:ef:0e:f3:02:ec:
1d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:94:68:63:2F:45:46:02:6C:24:77:17:A7:DD:F0:A4:45:1C:40:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:52:53:73:5a:e9:ea:94:13:9b:a4:6c:ee:f4:c9:0a:ba:40:
08:9a:de:49:77:36:8c:d6:ec:16:87:c3:c7:f0:04:b0:a4:fb:
7b:75:c4:07:51:cf:e0:5a:46:03:8d:75:47:ee:df:38:83:3a:
62:86:c4:f8:78:40:cc:ad:44:0f:5a:13:f3:18:15:f1:14:78:
ee:1b:5f:08:77:c8:e7:8b:c5:ca:70:f9:66:d6:0e:32:51:52:
88:c5:9a:78:b0:bc:6b:97:a6:29:33:e1:4d:fe:61:d6:d8:8b:
ac:ef:9d:0a:bb:83:46:51:e6:ed:16:b2:0a:c2:02:3e:47:5c:
8d:27:41:d8:5d:f6:cf:64:6c:b0:63:c9:9e:be:7b:48:69:1a:
9c:7d:e7:30:f2:57:c0:e9:40:08:a3:e8:7a:58:3f:5d:0a:68:
bb:77:ac:9e:60:d0:70:f6:a1:a4:fd:12:b6:fc:da:18:f7:10:
44:f4:f6:c6:5c:61:96:81:a5:b8:42:b6:af:dd:9e:12:61:8e:
95:fe:93:c9:c6:f2:5b:aa:ef:39:12:16:e5:be:89:16:ab:6e:
9e:31:5a:07:57:9a:e2:6b:68:c5:3d:7e:6d:29:f8:2e:e1:10:
b5:ee:cf:b4:19:a9:f8:f8:45:5f:14:0e:6d:19:59:21:43:da:
03:ab:71:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS34gi7EIebEGw+yNnp1vQESS49kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ZTlkMzhkYTFiNzExYzcyNjU3MjYxNWYzZGZmZjFhZTIzMDc0N2VkZWNk
OTFiNzlhYzU5Y2E0YzU3ZDExMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfhr5KIizkxTX2JvLZCV+pTxKo13x9eZULL8mU+oYwAA04MCkTXf27fnsVa
cgqmSmPqIKJw/k+vFiwpHVQjQTvPI5m0aI+/kazp1lP40FnVZMMAbICLe1g8Xn37
c3WyxpOc0AMqgV0guLUYxWrcyq5PTiwzUpUrbvywOg7sQDnPcy6JYudaWa6wQ464
47ksxLcCD44OJGAWb8tzd3UTt1IwmJCFgfUOU7QEiaSCqW+9xtiPf09YkRd+1Cf8
kgZ+HwMZwBk4LieEyy6g8VK6GPfnvQPhryw4Dfgfhlw35kmoaBUTcxO3Youc6W0y
V3V46GCgAN07aW22gO8O8wLsHbECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5lGhj
L0VGAmwkdxen3fCkRRxAADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCeUlNzWunqlBObpGzu9MkKukAImt5JdzaM1uwW
h8PH8ASwpPt7dcQHUc/gWkYDjXVH7t84gzpihsT4eEDMrUQPWhPzGBXxFHjuG18I
d8jni8XKcPlm1g4yUVKIxZp4sLxrl6YpM+FN/mHW2Ius750Ku4NGUebtFrIKwgI+
R1yNJ0HYXfbPZGywY8mevntIaRqcfecw8lfA6UAIo+h6WD9dCmi7d6yeYNBw9qGk
/RK2/NoY9xBE9PbGXGGWgaW4Qrav3Z4SYY6V/pPJxvJbqu85EhblvokWq26eMVoH
V5ria2jFPX5tKfgu4RC17s+0Gan4+EVfFA5tGVkhQ9oDq3Ev
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:03 2025 by rpki-client