Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: QciPLkgAiV7KRvj+LVhKCKTgpxO0DNOPHLjbm58qTkI=
Subject key identifier: 29:FE:51:DB:6D:E6:5F:FA:86:65:58:1D:B3:9B:ED:32:02:2C:86:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0305EBDDA4E47D4B813D76B91CF7A91A2F017B19
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:05:eb:dd:a4:e4:7d:4b:81:3d:76:b9:1c:f7:a9:1a:2f:01:7b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a3a144252016023663f646a7ae63b8570f5244e388bab848497c38b01ee5cf74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:21:a7:0d:0b:cd:8d:3b:ba:d0:c8:75:63:ff:
23:3b:ed:91:18:72:3e:c8:f9:15:ac:d0:ed:af:15:
e7:58:ca:36:1b:c8:7a:31:db:50:cb:08:69:c9:33:
14:15:7f:ce:c6:06:33:e8:18:04:68:c8:9f:1c:d9:
37:b8:cb:fb:98:ac:b1:a9:f8:9c:8a:ff:22:25:89:
6a:34:c3:1d:a9:c4:a7:c6:6c:ad:d8:45:9c:b1:4f:
d9:2c:c0:14:24:22:46:2b:fc:e9:12:3d:47:50:14:
b8:0d:6a:6c:c8:c5:83:c8:5b:45:34:e4:f8:dd:1f:
b2:b5:b8:84:d5:e2:9a:b3:80:35:53:9b:01:9b:05:
ee:73:3c:94:30:69:49:bf:d0:6f:1f:6a:fa:df:9d:
24:0e:0e:3b:f3:e9:9c:6a:bc:96:98:e0:9a:a6:51:
f4:68:af:22:4d:6f:1c:af:8c:fb:c7:e7:08:a8:f1:
d4:d6:06:8e:7b:90:96:44:7a:0b:f1:6e:ee:cc:5b:
d4:14:05:ed:26:f5:6a:cb:ce:2e:57:44:e7:5a:9e:
0d:e8:62:14:d6:be:32:3a:a7:d1:8e:6e:d2:d5:95:
12:5e:41:7f:26:77:ea:92:3f:c4:8b:7d:9b:86:d5:
d7:ed:73:ff:80:26:37:92:5a:6a:3c:33:55:de:6f:
06:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FE:51:DB:6D:E6:5F:FA:86:65:58:1D:B3:9B:ED:32:02:2C:86:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
ba:b1:36:9a:c0:73:91:63:67:c3:d0:a4:2b:75:29:4c:51:fe:
9c:25:2b:90:3d:2a:c2:31:44:cf:3a:87:55:3c:6a:b8:66:dc:
3b:70:d6:57:e6:27:57:cb:f7:db:9a:b0:98:6b:6f:83:c0:81:
ce:52:f5:80:84:45:8b:a3:35:c1:bd:08:33:d0:45:98:66:d4:
e1:6c:f9:4c:c8:98:f0:fe:85:f7:80:bf:57:bd:bd:82:dd:92:
d1:72:2f:ce:5a:3f:19:a7:10:3e:c5:69:2c:1c:ad:69:ee:43:
3a:3a:0d:f1:6e:11:13:f4:93:3a:89:a3:29:e2:4e:bc:59:f5:
c3:b9:78:9e:17:38:ca:ac:3f:d1:0b:a1:81:f6:94:1d:35:13:
6b:24:13:02:69:86:cc:df:d5:4f:f2:94:ab:23:8d:8d:01:7f:
74:51:88:f6:4a:0a:f9:c8:6b:d1:d8:3d:cf:e7:78:f8:6f:70:
90:8a:29:7e:82:e3:c8:7f:cc:9a:e1:22:12:c6:67:eb:43:22:
c8:e2:1a:2c:d9:8c:53:89:a7:6a:76:a2:2f:02:fe:47:ad:c0:
2c:2e:99:73:ac:8b:a1:78:11:5a:6a:d8:cf:a7:c1:10:f4:4a:
27:ed:63:9e:de:17:8f:ff:33:2b:2a:c0:93:e1:4c:13:2e:89:
6d:81:98:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAwXr3aTkfUuBPXa5HPepGi8BexkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzYTE0NDI1MjAxNjAyMzY2M2Y2NDZhN2FlNjNiODU3MGY1MjQ0ZTM4OGJh
Yjg0ODQ5N2MzOGIwMWVlNWNmNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEhpw0LzY07utDIdWP/IzvtkRhyPsj5FazQ7a8V51jKNhvIejHbUMsIackz
FBV/zsYGM+gYBGjInxzZN7jL+5issan4nIr/IiWJajTDHanEp8ZsrdhFnLFP2SzA
FCQiRiv86RI9R1AUuA1qbMjFg8hbRTTk+N0fsrW4hNXimrOANVObAZsF7nM8lDBp
Sb/Qbx9q+t+dJA4OO/PpnGq8lpjgmqZR9GivIk1vHK+M+8fnCKjx1NYGjnuQlkR6
C/Fu7sxb1BQF7Sb1asvOLldE51qeDehiFNa+Mjqn0Y5u0tWVEl5BfyZ36pI/xIt9
m4bV1+1z/4AmN5JaajwzVd5vBoECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQp/lHb
beZf+oZlWB2zm+0yAiyGQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQC6sTaawHORY2fD0KQrdSlMUf6cJSuQPSrCMUTP
OodVPGq4Ztw7cNZX5idXy/fbmrCYa2+DwIHOUvWAhEWLozXBvQgz0EWYZtThbPlM
yJjw/oX3gL9Xvb2C3ZLRci/OWj8ZpxA+xWksHK1p7kM6Og3xbhET9JM6iaMp4k68
WfXDuXieFzjKrD/RC6GB9pQdNRNrJBMCaYbM39VP8pSrI42NAX90UYj2Sgr5yGvR
2D3P53j4b3CQiil+guPIf8ya4SISxmfrQyLI4hos2YxTiadqdqIvAv5HrcAsLplz
rIuheBFaatjPp8EQ9Eon7WOe3heP/zMrKsCT4UwTLoltgZi/
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:13 2025 by rpki-client