Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: kQgjhawa7TZpPt2st0xfKTVImrcQ0O3WWmk0+zqFVBY=
Subject key identifier: 9D:F0:F0:06:57:71:6B:0C:9E:AF:0D:83:C5:B4:FF:D4:0A:6E:85:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55C3E35E0221B7E73FE2DEEC810478710FC68E5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c3:e3:5e:02:21:b7:e7:3f:e2:de:ec:81:04:78:71:0f:c6:8e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=4e63c7109992d2eb2259c8a82c0cfc9fe107761c95f0cd40a4d26b586dded8c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:04:a7:1c:19:9f:6d:40:3d:4a:06:42:4a:71:
3d:b8:cd:dd:5e:80:71:a5:a7:c3:2d:4e:9c:5b:04:
5f:cc:d9:26:4e:a7:ad:25:9e:77:17:ca:b8:7e:4b:
c6:87:b1:75:6c:87:fb:44:1d:06:89:c0:fb:67:5c:
f1:39:ad:cf:82:9c:ee:45:ab:c0:f6:bd:7f:ea:3c:
e3:f0:b5:76:56:8f:bf:96:c6:d7:ce:40:07:a1:88:
e0:27:7e:5e:52:8b:ea:9b:4e:a1:f5:8a:bb:99:fe:
82:9b:97:b4:e0:b2:9b:26:ea:f0:5c:9c:08:89:97:
4e:27:8e:96:08:c9:cc:68:e7:ee:22:50:de:79:db:
b7:8f:dd:7b:c0:6c:00:c0:cc:f2:37:a4:29:8d:aa:
08:8c:fa:a5:3d:42:0c:61:e6:a7:e6:c3:42:90:c7:
09:8a:5e:7e:f7:4e:c2:f2:57:9d:a1:26:e3:35:fe:
43:ac:85:56:35:a0:59:cd:ae:3f:19:3a:a3:dd:16:
2f:df:92:e4:82:e6:ef:c5:60:21:06:ca:16:77:50:
98:c4:9f:cc:9d:86:be:8f:01:7d:54:ab:6f:4f:41:
b3:95:9e:80:5a:58:7d:a6:63:8b:d5:01:29:76:dd:
fd:5a:8a:f6:99:9e:39:6a:12:7e:57:37:24:55:16:
5e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F0:F0:06:57:71:6B:0C:9E:AF:0D:83:C5:B4:FF:D4:0A:6E:85:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
58:3a:65:36:2e:da:71:76:0c:0b:c4:73:6e:90:eb:ed:40:1e:
43:3c:12:e3:0a:f6:2f:cd:ed:c6:36:8f:12:7a:95:08:ad:2b:
f6:25:df:98:9e:6d:72:b6:ed:8b:44:43:7d:34:cf:ca:0f:67:
a2:44:e1:9b:42:4c:a5:2a:11:a7:73:4a:a7:04:88:f1:a0:1d:
68:cf:fe:c7:54:6b:e4:3b:cb:fc:b8:5f:d4:9e:3c:02:61:fb:
8a:31:3b:48:ce:7c:8e:87:0c:a2:c1:55:88:e1:03:8b:34:ef:
c7:ed:b9:84:d5:90:f0:b4:9d:fc:43:be:68:25:24:21:21:79:
65:6f:16:05:5d:16:19:23:c5:08:81:30:e1:bc:f9:6e:ff:b5:
69:ca:4c:a7:ae:92:5b:33:8d:8b:70:2b:4d:8d:e0:83:55:55:
e5:81:c8:e8:70:64:3e:0d:e0:07:1e:ea:49:52:53:9e:d7:d9:
32:fa:f5:f0:a5:01:5c:b3:11:40:e7:73:43:a6:3d:a0:22:37:
1c:c0:04:8f:c3:26:02:9d:5b:81:9e:cf:72:77:65:86:d5:59:
d3:1e:a8:eb:4f:e3:01:2f:9f:4b:7e:ef:6f:70:91:28:bb:0a:
02:3b:e3:b9:37:a5:1c:ff:9e:b1:10:69:09:f6:cf:f8:04:a4:
06:49:4a:be
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVcPjXgIht+c/4t7sgQR4cQ/GjlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNjNjNzEwOTk5MmQyZWIyMjU5YzhhODJjMGNmYzlmZTEwNzc2MWM5NWYw
Y2Q0MGE0ZDI2YjU4NmRkZWQ4YzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMEpxwZn21APUoGQkpxPbjN3V6AcaWnwy1OnFsEX8zZJk6nrSWedxfKuH5L
xoexdWyH+0QdBonA+2dc8Tmtz4Kc7kWrwPa9f+o84/C1dlaPv5bG185AB6GI4Cd+
XlKL6ptOofWKu5n+gpuXtOCymybq8FycCImXTieOlgjJzGjn7iJQ3nnbt4/de8Bs
AMDM8jekKY2qCIz6pT1CDGHmp+bDQpDHCYpefvdOwvJXnaEm4zX+Q6yFVjWgWc2u
Pxk6o90WL9+S5ILm78VgIQbKFndQmMSfzJ2Gvo8BfVSrb09Bs5WegFpYfaZji9UB
KXbd/VqK9pmeOWoSflc3JFUWXnECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSd8PAG
V3FrDJ6vDYPFtP/UCm6F3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAWDplNi7acXYMC8RzbpDr7UAeQzwS4wr2L83t
xjaPEnqVCK0r9iXfmJ5tcrbti0RDfTTPyg9nokThm0JMpSoRp3NKpwSI8aAdaM/+
x1Rr5DvL/Lhf1J48AmH7ijE7SM58jocMosFViOEDizTvx+25hNWQ8LSd/EO+aCUk
ISF5ZW8WBV0WGSPFCIEw4bz5bv+1acpMp66SWzONi3ArTY3gg1VV5YHI6HBkPg3g
Bx7qSVJTntfZMvr18KUBXLMRQOdzQ6Y9oCI3HMAEj8MmAp1bgZ7PcndlhtVZ0x6o
60/jAS+fS37vb3CRKLsKAjvjuTelHP+esRBpCfbP+ASkBklKvg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:50 2025 by rpki-client