Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
File: ad363c67-ff83-46aa-9474-de02e382946b.roa (raw, json)
Hash identifier: HFsjIB2Vq31EphMIHzP2svYLXubm6KwBNh8SuU14ecM=
Subject key identifier: FE:E0:E8:28:AE:80:91:37:D0:AF:49:59:47:E8:5F:1C:9B:3A:8B:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16CE5D2BD5481779B0EE31443927BDF1BDC11668
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:ce:5d:2b:d5:48:17:79:b0:ee:31:44:39:27:bd:f1:bd:c1:16:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=450fad6c7a4dbeca57a8a5455754a761715617d29c1c302cc2f0799ca7de98b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d1:5f:9b:55:c9:0a:07:f8:6f:b6:08:1d:2f:
f5:6c:07:80:3b:f1:38:19:2d:07:00:20:c0:d4:11:
74:89:d8:d7:7e:7a:36:99:36:ae:e9:d8:d0:ac:78:
1f:7e:d5:34:e2:5a:71:a7:ec:37:ce:9b:91:05:ce:
08:5b:b9:64:9a:a8:b9:d0:db:0b:7c:da:42:28:7f:
fc:db:a7:74:3d:8d:46:d5:20:c3:e1:85:b5:a1:34:
ac:98:67:56:45:92:4d:10:e8:25:34:08:fd:57:cf:
26:53:0e:ef:0e:ce:8e:eb:93:4d:bb:18:70:25:04:
b7:94:b1:9d:b2:1a:7a:18:bf:26:6b:04:c8:b7:98:
9e:31:89:c2:9c:bf:70:b9:29:f8:ed:d3:7e:80:85:
12:dc:40:58:fb:32:1e:84:90:33:a0:1c:7b:e1:0a:
53:ba:67:02:26:b7:23:29:90:e9:69:96:c6:06:fc:
de:b6:4b:73:4a:5c:27:ef:51:de:57:1e:31:94:4b:
e0:f3:1f:27:90:87:62:9a:3a:8e:f0:a8:1b:28:48:
1f:6f:81:e3:0c:35:99:ef:4f:0b:1d:08:5a:78:ba:
c8:52:23:b0:60:53:e9:7f:58:88:c4:9d:e0:85:4c:
ce:91:5e:fd:a2:e4:de:c1:3e:f1:be:2d:d8:f8:86:
93:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E0:E8:28:AE:80:91:37:D0:AF:49:59:47:E8:5F:1C:9B:3A:8B:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:b000::/40
Signature Algorithm: sha256WithRSAEncryption
63:6b:bf:73:72:6e:02:97:32:fa:b2:50:07:6d:9c:00:e5:9a:
fc:0a:06:8d:7d:62:49:43:91:aa:84:30:1a:f3:73:48:a9:30:
76:8e:af:b3:7d:f1:aa:73:2e:ef:8f:f3:b7:f4:31:3d:c1:56:
5c:ac:c2:78:0d:1c:2d:c3:cf:b0:9b:fa:12:70:42:59:9b:07:
ff:20:53:c8:34:2f:1b:e6:cb:d4:4b:24:fd:1b:cf:2c:10:58:
13:9c:f6:2c:7a:af:29:0a:5d:34:e8:fc:67:f1:8c:d5:36:83:
f0:c6:2b:20:9e:27:c9:01:43:a4:3f:87:28:07:1e:47:43:dc:
0b:01:ce:8c:43:4d:dd:60:57:f0:75:51:bf:38:4d:68:21:e7:
01:01:34:88:d9:64:ea:08:32:2b:37:7b:fc:78:7d:95:ae:a5:
b7:28:dc:ed:09:17:12:e9:99:ff:1c:fc:06:6a:8a:1e:ba:65:
6f:56:d0:97:3d:e9:b4:73:6b:e0:30:68:f7:4d:49:84:8a:2f:
dd:52:89:28:ce:6a:ea:b7:2a:3b:9b:25:c9:54:fc:a9:30:ed:
a6:fc:ae:31:99:92:5a:33:43:d3:bf:a3:6e:1a:92:c2:87:ff:
f7:58:f6:96:96:e1:d0:b7:40:11:a2:10:52:e8:5c:b9:db:79:
02:1d:1d:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFs5dK9VIF3mw7jFEOSe98b3BFmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MGZhZDZjN2E0ZGJlY2E1N2E4YTU0NTU3NTRhNzYxNzE1NjE3ZDI5YzFj
MzAyY2MyZjA3OTljYTdkZTk4YjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrRX5tVyQoH+G+2CB0v9WwHgDvxOBktBwAgwNQRdInY1356Npk2runY0Kx4
H37VNOJacafsN86bkQXOCFu5ZJqoudDbC3zaQih//NundD2NRtUgw+GFtaE0rJhn
VkWSTRDoJTQI/VfPJlMO7w7OjuuTTbsYcCUEt5SxnbIaehi/JmsEyLeYnjGJwpy/
cLkp+O3TfoCFEtxAWPsyHoSQM6Ace+EKU7pnAia3IymQ6WmWxgb83rZLc0pcJ+9R
3lceMZRL4PMfJ5CHYpo6jvCoGyhIH2+B4ww1me9PCx0IWni6yFIjsGBT6X9YiMSd
4IVMzpFe/aLk3sE+8b4t2PiGkysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+4Ogo
roCRN9CvSVlH6F8cmzqLGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQzNjNjNjctZmY4My00NmFhLTk0NzQtZGUwMmUzODI5NDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGw
MA0GCSqGSIb3DQEBCwUAA4IBAQBja79zcm4ClzL6slAHbZwA5Zr8CgaNfWJJQ5Gq
hDAa83NIqTB2jq+zffGqcy7vj/O39DE9wVZcrMJ4DRwtw8+wm/oScEJZmwf/IFPI
NC8b5svUSyT9G88sEFgTnPYseq8pCl006Pxn8YzVNoPwxisgnifJAUOkP4coBx5H
Q9wLAc6MQ03dYFfwdVG/OE1oIecBATSI2WTqCDIrN3v8eH2VrqW3KNztCRcS6Zn/
HPwGaooeumVvVtCXPem0c2vgMGj3TUmEii/dUokozmrqtyo7myXJVPypMO2m/K4x
mZJaM0PTv6NuGpLCh//3WPaWluHQt0ARohBS6Fy523kCHR1f
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:06 2025 by rpki-client