Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
File: b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa (raw, json)
Hash identifier: 7kFCxRdhNi4OoaV4dg7H2ItdgCn8U8Zozbti43F/Qq0=
Subject key identifier: 26:BE:FE:8E:1D:78:E4:CC:81:D2:0D:97:C0:08:FF:59:7D:89:35:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 321EE72C9C3CDA80C68209C0F325C4DF1F22A24B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:1e:e7:2c:9c:3c:da:80:c6:82:09:c0:f3:25:c4:df:1f:22:a2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=74ce4f6c387d2df9343fd26f87291bbac9f6799f16e9307b54710f0ff1cb123d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:3a:1e:ec:a2:81:9a:7a:65:9e:c4:64:7d:
c3:cb:33:78:61:76:b9:96:d4:9c:03:da:3f:5e:c3:
7d:ae:fa:f4:19:ca:c7:0e:62:a8:1c:d3:f7:39:8c:
d7:fa:e8:00:e5:2b:03:9d:8a:b8:ac:f9:eb:79:b0:
5a:dd:b3:9f:d1:4a:d4:7c:b6:29:a5:b8:f7:3b:6d:
c6:92:1a:5f:67:8a:c2:92:e2:95:9b:ff:57:76:e6:
e5:d4:c5:7f:d1:27:84:1d:12:07:18:82:77:05:1c:
69:60:d9:a7:e7:5f:a3:f7:7a:53:22:eb:60:b8:c8:
45:74:be:0b:ad:f0:6c:6d:20:2c:77:8e:f4:e8:f5:
e9:95:59:f8:ce:bc:55:8c:eb:5d:19:53:b5:2c:3f:
11:c3:95:b0:d9:f3:a0:bc:93:29:b1:f1:3d:4e:b6:
9f:9f:73:bc:1b:27:e8:ba:ff:a6:bc:43:d4:71:6e:
b0:67:c8:31:36:3b:be:77:da:ac:59:60:f3:ba:64:
17:dc:4f:d7:5f:a6:4e:4c:1d:24:66:6a:bd:07:b1:
a4:78:09:5b:40:66:b6:86:5a:7f:3a:ff:fb:c8:90:
9e:e7:4e:7b:29:b1:62:e2:b8:a5:06:dd:a6:b8:42:
65:2e:0d:be:ef:26:f4:2e:4f:ab:95:2c:80:3c:58:
98:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BE:FE:8E:1D:78:E4:CC:81:D2:0D:97:C0:08:FF:59:7D:89:35:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c040::/46
Signature Algorithm: sha256WithRSAEncryption
09:3e:1f:0c:3d:2c:98:23:33:79:11:76:19:59:88:f2:ec:4e:
78:ed:80:0e:a5:1d:ca:4b:b4:66:1a:ab:3e:44:a9:ed:7e:2c:
54:67:5d:f0:d3:5b:5e:76:6e:61:34:75:ee:c7:dd:72:bb:47:
03:40:48:75:91:1b:cf:42:50:19:29:75:8e:05:0d:d2:06:18:
ea:98:3a:81:1c:39:e9:66:db:2f:9b:ac:a0:95:e9:e7:05:1f:
66:70:dd:5b:d5:d8:c0:7f:4a:ba:81:3e:7c:4e:a8:3a:8a:28:
56:84:29:f4:90:2f:2b:3b:22:66:ec:e8:66:ff:29:6d:71:49:
58:c1:6c:b1:20:9b:06:5d:32:60:b3:f3:ff:eb:56:9c:04:24:
82:ee:a5:e8:9e:69:5d:46:a4:6a:d6:91:28:ce:24:cd:8b:cf:
71:03:4f:4e:63:1d:67:15:52:0c:e7:9f:07:67:11:2d:2c:01:
12:e7:3b:c8:4a:3c:7b:7e:3a:9e:c1:61:d2:3b:d8:f6:4c:55:
7b:3a:e6:b0:47:81:47:81:90:f1:8f:b9:c0:34:8c:50:3f:7c:
82:ed:cc:fc:f7:39:ec:a1:6f:1b:2c:7e:72:0f:db:37:78:e8:
09:88:74:66:29:b7:37:6d:13:b9:ee:8f:9d:9f:69:e5:17:09:
80:8d:99:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMh7nLJw82oDGggnA8yXE3x8iokswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Y2U0ZjZjMzg3ZDJkZjkzNDNmZDI2Zjg3MjkxYmJhYzlmNjc5OWYxNmU5
MzA3YjU0NzEwZjBmZjFjYjEyM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALm0Oh7sooGaemWexGR9w8szeGF2uZbUnAPaP17Dfa769BnKxw5iqBzT9zmM
1/roAOUrA52KuKz563mwWt2zn9FK1Hy2KaW49zttxpIaX2eKwpLilZv/V3bm5dTF
f9EnhB0SBxiCdwUcaWDZp+dfo/d6UyLrYLjIRXS+C63wbG0gLHeO9Oj16ZVZ+M68
VYzrXRlTtSw/EcOVsNnzoLyTKbHxPU62n59zvBsn6Lr/prxD1HFusGfIMTY7vnfa
rFlg87pkF9xP11+mTkwdJGZqvQexpHgJW0BmtoZafzr/+8iQnudOeymxYuK4pQbd
prhCZS4Nvu8m9C5Pq5UsgDxYmOcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQmvv6O
HXjkzIHSDZfACP9ZfYk1STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQwZGQ5ZWMtNDE3Ny00NDhmLWIzYzItOTM3MjYzMmNkMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
QDANBgkqhkiG9w0BAQsFAAOCAQEACT4fDD0smCMzeRF2GVmI8uxOeO2ADqUdyku0
ZhqrPkSp7X4sVGdd8NNbXnZuYTR17sfdcrtHA0BIdZEbz0JQGSl1jgUN0gYY6pg6
gRw56WbbL5usoJXp5wUfZnDdW9XYwH9KuoE+fE6oOoooVoQp9JAvKzsiZuzoZv8p
bXFJWMFssSCbBl0yYLPz/+tWnAQkgu6l6J5pXUakataRKM4kzYvPcQNPTmMdZxVS
DOefB2cRLSwBEuc7yEo8e346nsFh0jvY9kxVezrmsEeBR4GQ8Y+5wDSMUD98gu3M
/Pc57KFvGyx+cg/bN3joCYh0Zim3N20Tue6PnZ9p5RcJgI2ZOQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:46 2025 by rpki-client