Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
File: b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa (raw, json)
Hash identifier: AjZ4yGy7el6VZZbFbvofEEYNq65jsIwm6iieANxxCgc=
Subject key identifier: 87:A2:C5:57:DD:27:FD:C9:C2:FA:0D:A8:86:AB:15:4D:97:85:AC:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D2A62625BD08E7F866E2E41F0F681411D137607
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:50c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2a:62:62:5b:d0:8e:7f:86:6e:2e:41:f0:f6:81:41:1d:13:76:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d640a20cacdaaa1943d1b3f1addbfe0330aa999daa51ffbffe50492a62b7c6ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e9:db:51:c6:a5:85:92:10:20:f3:6d:1b:21:
df:ae:51:35:38:25:a0:c9:e6:bb:e0:f1:4b:b3:6e:
3c:12:d8:32:2c:26:e6:55:20:fe:3b:db:1d:18:6a:
59:62:3e:6f:57:29:df:1d:59:45:14:03:25:a3:d2:
1f:47:b9:02:e4:59:5e:a6:54:b3:d0:fd:34:c3:bf:
7e:86:6f:42:a1:57:a8:12:cf:b1:9a:76:af:f5:5e:
a8:9d:c7:82:73:50:fe:34:11:61:69:59:8a:f8:7e:
a4:68:b0:a8:3d:df:27:96:50:40:16:67:b7:8c:e4:
22:61:a8:8a:b6:8b:74:9d:9f:7a:33:14:46:ce:db:
a5:de:30:2a:20:48:86:b2:8b:ec:b7:50:7c:06:ab:
8f:3f:fb:c3:b4:81:f7:ac:f8:ea:c1:57:88:bf:e0:
a8:70:86:be:88:0d:b2:79:a8:b2:7b:f2:0e:83:bd:
69:fd:9c:f8:99:21:4e:26:2c:13:7a:fb:14:94:4a:
6c:00:75:bc:85:4a:8c:9b:38:f3:d0:12:54:42:31:
ca:ad:29:99:63:84:2b:5c:4d:b4:3b:2e:90:a3:dd:
14:3b:31:38:d6:13:f4:86:ec:75:a6:32:56:ec:a0:
a6:b3:53:aa:f9:9d:d7:54:db:f3:03:4b:2c:d0:82:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A2:C5:57:DD:27:FD:C9:C2:FA:0D:A8:86:AB:15:4D:97:85:AC:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
2d:51:b9:63:57:81:45:50:2a:1a:d1:00:e8:8d:6e:cf:8b:7c:
a5:28:02:b6:5f:12:06:ec:1f:26:1a:66:d2:1d:b4:cb:b9:2a:
af:ad:0b:19:fb:59:68:5c:c6:f5:b0:f0:21:46:db:19:34:67:
ea:f5:d9:bf:6c:6c:eb:17:97:79:56:bb:b1:00:fd:d9:e1:e7:
d1:6e:b2:99:77:c3:03:24:87:10:ac:02:5a:34:76:47:34:00:
db:bf:32:45:35:86:93:0d:7f:35:1c:c8:0c:a1:70:c5:c4:ac:
3d:ec:ca:ef:1b:ef:88:8c:d0:74:25:29:08:a0:72:ab:ad:2c:
9f:c4:f7:eb:23:5e:9c:ed:fa:99:c5:0f:8e:2e:dd:90:a2:36:
30:fb:5e:eb:4d:29:0e:26:f0:71:10:f1:6b:1c:11:97:d8:d3:
f6:23:2d:b4:99:c9:97:81:76:9b:87:50:22:38:ad:63:92:58:
3b:d3:38:3b:7f:65:b3:35:ef:90:8c:84:29:94:a3:84:c4:c5:
74:ab:84:55:9e:6a:9e:1c:a2:04:f8:02:77:ce:e8:fa:7c:85:
cc:21:2b:a7:11:a6:4b:02:3d:e6:7a:64:cd:d3:c4:b9:69:b9:
02:ca:98:07:da:24:46:90:3c:3f:8c:fa:2f:ee:3e:5d:7f:4c:
85:07:ba:fb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDSpiYlvQjn+Gbi5B8PaBQR0TdgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NDBhMjBjYWNkYWFhMTk0M2QxYjNmMWFkZGJmZTAzMzBhYTk5OWRhYTUx
ZmZiZmZlNTA0OTJhNjJiN2M2ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLp21HGpYWSECDzbRsh365RNTgloMnmu+DxS7NuPBLYMiwm5lUg/jvbHRhq
WWI+b1cp3x1ZRRQDJaPSH0e5AuRZXqZUs9D9NMO/foZvQqFXqBLPsZp2r/VeqJ3H
gnNQ/jQRYWlZivh+pGiwqD3fJ5ZQQBZnt4zkImGoiraLdJ2fejMURs7bpd4wKiBI
hrKL7LdQfAarjz/7w7SB96z46sFXiL/gqHCGvogNsnmosnvyDoO9af2c+JkhTiYs
E3r7FJRKbAB1vIVKjJs489ASVEIxyq0pmWOEK1xNtDsukKPdFDsxONYT9IbsdaYy
VuygprNTqvmd11Tb8wNLLNCCqzkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHosVX
3Sf9ycL6DaiGqxVNl4Ws4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBiNWM4ZGUtNDgyZi00Y2IxLWFlNzQtOWZlYzAwMjVmZDA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
wDANBgkqhkiG9w0BAQsFAAOCAQEALVG5Y1eBRVAqGtEA6I1uz4t8pSgCtl8SBuwf
Jhpm0h20y7kqr60LGftZaFzG9bDwIUbbGTRn6vXZv2xs6xeXeVa7sQD92eHn0W6y
mXfDAySHEKwCWjR2RzQA278yRTWGkw1/NRzIDKFwxcSsPezK7xvviIzQdCUpCKBy
q60sn8T36yNenO36mcUPji7dkKI2MPte600pDibwcRDxaxwRl9jT9iMttJnJl4F2
m4dQIjitY5JYO9M4O39lszXvkIyEKZSjhMTFdKuEVZ5qnhyiBPgCd87o+nyFzCEr
pxGmSwI95npkzdPEuWm5AsqYB9okRpA8P4z6L+4+XX9MhQe6+w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:21 2025 by rpki-client