Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7dff2f0-9a3a-4d71-b407-1a4e8f48c38f.roa
File: b7dff2f0-9a3a-4d71-b407-1a4e8f48c38f.roa (raw, json)
Hash identifier: Qdp+vSE2FyMSIpJQShBFuzrszeVbkQ0WOLd39vH26es=
Subject key identifier: 63:2B:EC:10:B4:33:3E:01:66:FD:32:F6:81:9A:2D:F8:AC:95:64:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 775A74E3AA8B2DE0BB78A46B010A7AC6966103AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7dff2f0-9a3a-4d71-b407-1a4e8f48c38f.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:5a:74:e3:aa:8b:2d:e0:bb:78:a4:6b:01:0a:7a:c6:96:61:03:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=16431cca29d1ed01133f79f9562eb0e5242e47283db987e12340829a8d270ef8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:be:d7:9a:c2:47:75:9c:ec:9a:1a:19:40:0f:
c4:39:e7:26:c5:d5:78:50:84:c6:de:03:be:82:66:
e6:37:5e:a4:45:5d:1e:41:5c:3a:53:a8:90:36:c4:
3d:22:77:e8:ec:ea:ca:59:9c:47:77:af:14:e8:e2:
b2:94:a1:be:d5:ab:03:e5:b9:f1:7e:04:cc:40:a7:
af:cb:64:21:cd:35:9b:96:93:5a:91:08:e8:78:50:
28:45:49:df:ed:d6:d7:45:b8:04:e6:04:6b:e1:e8:
a7:80:4e:c6:5b:98:d9:8c:1f:8f:5c:4a:78:33:4c:
88:7f:51:af:8f:28:5b:4c:9b:bb:28:7b:a6:c9:b9:
5d:7a:a9:b2:ee:cf:92:aa:97:6a:1e:18:cb:52:5c:
82:e9:84:b1:53:8f:f5:8e:b4:38:88:4a:f3:cb:50:
bc:4c:03:6a:09:aa:7a:63:a7:38:be:fe:21:ea:4a:
a4:37:52:10:23:83:82:06:d9:fd:e5:7d:81:3c:96:
67:30:df:8e:29:5c:32:f7:89:4f:7e:da:06:d2:56:
e1:1a:e3:b1:88:cb:1e:da:71:40:ad:ae:0a:36:ca:
20:84:e0:60:a4:eb:e4:2d:92:f6:04:a8:0b:ed:b8:
1d:79:92:f7:2a:2c:0c:0b:75:23:b7:7f:d7:a7:65:
a9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2B:EC:10:B4:33:3E:01:66:FD:32:F6:81:9A:2D:F8:AC:95:64:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7dff2f0-9a3a-4d71-b407-1a4e8f48c38f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
84:f3:b0:8a:e3:e9:1d:d4:03:97:9b:b3:28:1e:f2:4e:d6:cd:
75:07:ba:4a:28:2d:d6:36:3e:64:9e:5d:91:ca:17:53:e5:d6:
74:cd:cd:6e:da:fd:77:c4:96:03:17:a9:cd:8b:67:b2:7e:cd:
d1:e5:c4:5a:98:76:45:3f:2d:39:3e:ce:ac:55:28:fc:a2:8c:
ea:3c:e0:92:69:83:c0:00:78:b9:3f:dd:c2:09:b1:4f:97:32:
ef:4d:f7:3b:72:7a:f9:d3:33:80:45:6d:90:8d:85:af:eb:27:
0b:59:05:24:92:c8:a5:93:bc:2c:47:f8:34:eb:72:6f:62:a5:
24:06:19:8e:3e:d5:57:a4:07:44:a5:f7:db:02:a7:39:ae:e7:
c0:47:40:98:d0:da:e5:61:33:d0:4d:9e:44:6c:5f:73:16:0b:
a4:97:79:0f:2b:fb:92:2b:4f:e8:81:1c:bf:db:f3:da:6c:4d:
d7:d0:f3:d9:24:7c:72:02:b5:54:a3:2a:c0:88:4e:40:76:1a:
ea:da:9a:8d:ea:c9:b2:4b:0d:8c:1e:81:9a:a1:7a:f1:92:0d:
14:6b:56:f3:fc:1a:8a:bb:ec:97:e5:4f:38:b2:4d:e4:52:98:
92:2d:12:19:99:2b:9d:f2:d0:51:f6:4b:a1:b2:87:66:1e:e2:
18:70:54:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd1p046qLLeC7eKRrAQp6xpZhA64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NDMxY2NhMjlkMWVkMDExMzNmNzlmOTU2MmViMGU1MjQyZTQ3MjgzZGI5
ODdlMTIzNDA4MjlhOGQyNzBlZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO++15rCR3Wc7JoaGUAPxDnnJsXVeFCExt4DvoJm5jdepEVdHkFcOlOokDbE
PSJ36OzqylmcR3evFOjispShvtWrA+W58X4EzECnr8tkIc01m5aTWpEI6HhQKEVJ
3+3W10W4BOYEa+Hop4BOxluY2Ywfj1xKeDNMiH9Rr48oW0ybuyh7psm5XXqpsu7P
kqqXah4Yy1JcgumEsVOP9Y60OIhK88tQvEwDagmqemOnOL7+IepKpDdSECODggbZ
/eV9gTyWZzDfjilcMveJT37aBtJW4RrjsYjLHtpxQK2uCjbKIITgYKTr5C2S9gSo
C+24HXmS9yosDAt1I7d/16dlqW0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjK+wQ
tDM+AWb9MvaBmi34rJVkrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkZmYyZjAtOWEzYS00ZDcxLWI0MDctMWE0ZThmNDhjMzhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCE87CK4+kd1AOXm7MoHvJO1s11B7pKKC3WNj5k
nl2RyhdT5dZ0zc1u2v13xJYDF6nNi2eyfs3R5cRamHZFPy05Ps6sVSj8oozqPOCS
aYPAAHi5P93CCbFPlzLvTfc7cnr50zOARW2QjYWv6ycLWQUkksilk7wsR/g063Jv
YqUkBhmOPtVXpAdEpffbAqc5rufAR0CY0NrlYTPQTZ5EbF9zFgukl3kPK/uSK0/o
gRy/2/PabE3X0PPZJHxyArVUoyrAiE5Adhrq2pqN6smySw2MHoGaoXrxkg0Ua1bz
/BqKu+yX5U84sk3kUpiSLRIZmSud8tBR9kuhsodmHuIYcFQb
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:57 2025 by rpki-client