Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: cgICi/CZvJ4BW34K4BWuRdkfMoU63clXuOErD+OHmRc=
Subject key identifier: B1:8B:7E:5D:C1:7D:65:45:D5:FE:D0:A6:66:A1:5C:40:02:82:F0:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F925A06AE51CE928F714D314737DB4E1456B98F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:92:5a:06:ae:51:ce:92:8f:71:4d:31:47:37:db:4e:14:56:b9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=cf78fa2c74d45ebf87c4a272ef3741a599a801e04724b16047a7c260e9a66708, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e1:c2:b6:07:91:8c:a0:19:c0:8d:71:2c:c8:
17:4d:a1:e3:fa:c9:f7:d5:2e:ef:a1:5a:28:ad:1d:
c1:78:cb:08:cd:f2:6a:f1:e0:68:31:24:75:2c:1e:
6a:ba:19:f2:1a:07:48:7c:e1:97:a1:49:a5:09:47:
0a:fb:cd:50:40:e7:11:4d:ac:c6:34:ea:99:05:76:
13:35:d4:e1:25:94:2e:e8:cb:9c:44:7c:77:c9:96:
c1:a3:87:54:9a:29:95:e6:b8:a6:78:0f:40:59:8d:
81:3e:85:c8:c9:3e:42:79:ef:34:74:23:10:8b:6d:
06:a8:40:96:4b:28:1c:7e:cf:75:ca:d0:c8:95:ac:
8e:f1:7c:e6:09:d4:bd:11:9f:fc:00:55:e0:ea:b7:
9c:5e:4b:f3:5b:1b:e0:54:9a:61:d8:d4:bb:4d:8b:
3a:16:2e:99:1a:ad:42:17:c3:17:14:4e:d1:8f:fc:
e0:48:61:cc:df:f8:f2:ed:5e:be:c6:3f:c8:83:77:
57:10:e0:4b:1c:60:fe:79:1b:6a:d5:3d:25:97:60:
64:b5:90:36:6d:21:9e:10:74:ff:54:ce:a9:26:0f:
d1:6a:bb:03:33:91:c6:cf:39:60:7f:61:b5:88:82:
59:1b:77:80:c3:dc:ec:83:68:49:1a:dd:9e:d3:34:
5d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8B:7E:5D:C1:7D:65:45:D5:FE:D0:A6:66:A1:5C:40:02:82:F0:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
28:b4:5a:4f:0e:04:0c:39:0c:65:bf:0d:59:13:35:ab:25:4c:
99:be:75:ff:28:3b:8e:51:69:a8:40:92:ab:5d:e0:6c:c5:e0:
15:95:bd:a6:4b:8d:99:58:a5:9d:34:bb:c5:0b:f1:89:4e:68:
e2:ba:c6:27:5e:cf:05:53:6a:02:9e:1a:73:35:be:ec:be:12:
45:ba:55:81:1c:7c:ce:b6:a8:34:c9:b5:29:f9:8a:03:87:ca:
36:3d:17:72:42:94:9d:23:76:20:e3:36:ba:a3:df:69:c3:7b:
0f:ef:30:f7:ae:7f:0a:e4:c8:96:62:d7:27:a2:f8:47:d7:83:
1a:fa:0f:f8:c8:41:fb:2e:55:62:4a:d6:9b:c1:de:63:49:be:
1b:cc:a5:06:ee:06:c5:ee:93:5e:a1:d3:76:bf:10:62:fe:93:
a9:c9:f8:29:00:a1:10:b1:2d:46:8b:1e:26:a2:b2:c2:ca:68:
f2:e5:c8:38:8c:52:25:b5:cb:3e:6a:11:a7:1b:dc:3a:8a:87:
0f:13:5a:7e:36:21:46:de:7b:8f:c5:fa:12:89:00:ca:47:a1:
1c:0a:4a:6f:60:bf:b4:01:61:96:8e:55:8d:15:77:74:e2:b5:
8e:f0:31:a1:68:56:f3:75:91:53:a6:85:80:b7:31:1e:4c:0a:
d2:ef:6d:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb5JaBq5RzpKPcU0xRzfbThRWuY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNzhmYTJjNzRkNDVlYmY4N2M0YTI3MmVmMzc0MWE1OTlhODAxZTA0NzI0
YjE2MDQ3YTdjMjYwZTlhNjY3MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrhwrYHkYygGcCNcSzIF02h4/rJ99Uu76FaKK0dwXjLCM3yavHgaDEkdSwe
aroZ8hoHSHzhl6FJpQlHCvvNUEDnEU2sxjTqmQV2EzXU4SWULujLnER8d8mWwaOH
VJoplea4pngPQFmNgT6FyMk+QnnvNHQjEIttBqhAlksoHH7PdcrQyJWsjvF85gnU
vRGf/ABV4Oq3nF5L81sb4FSaYdjUu02LOhYumRqtQhfDFxRO0Y/84EhhzN/48u1e
vsY/yIN3VxDgSxxg/nkbatU9JZdgZLWQNm0hnhB0/1TOqSYP0Wq7AzORxs85YH9h
tYiCWRt3gMPc7INoSRrdntM0XdMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxi35d
wX1lRdX+0KZmoVxAAoLwJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQAotFpPDgQMOQxlvw1ZEzWrJUyZvnX/KDuOUWmo
QJKrXeBsxeAVlb2mS42ZWKWdNLvFC/GJTmjiusYnXs8FU2oCnhpzNb7svhJFulWB
HHzOtqg0ybUp+YoDh8o2PRdyQpSdI3Yg4za6o99pw3sP7zD3rn8K5MiWYtcnovhH
14Ma+g/4yEH7LlViStabwd5jSb4bzKUG7gbF7pNeodN2vxBi/pOpyfgpAKEQsS1G
ix4morLCymjy5cg4jFIltcs+ahGnG9w6iocPE1p+NiFG3nuPxfoSiQDKR6EcCkpv
YL+0AWGWjlWNFXd04rWO8DGhaFbzdZFTpoWAtzEeTArS721d
-----END CERTIFICATE-----
Generated at Fri May 2 17:38:43 2025 by rpki-client