Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
File: b9f26696-5522-477d-b8bf-72de7350b09a.roa (raw, json)
Hash identifier: qd9fI7ToEP3jJ0YvHjaDQr0ij1C3gB2fguW2B66bO+o=
Subject key identifier: 81:19:28:AD:D6:58:0B:0B:41:E3:6E:6B:5B:C8:7B:4D:14:ED:56:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03911ABC1CB4E9B34597FE342BF664EC1AAC4F32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:91:1a:bc:1c:b4:e9:b3:45:97:fe:34:2b:f6:64:ec:1a:ac:4f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=656e35f688ab5cfd150de04dcda779b4f58b397aee7521dd66804fd3bc345079, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:4c:44:7f:87:b9:6f:67:ba:f3:fa:dc:e8:0d:
a2:81:31:46:01:f0:e1:a3:78:0e:7e:88:0c:43:fb:
d4:6a:b2:3c:f6:a0:b1:68:c7:76:c3:d0:4e:63:7c:
1a:38:ff:aa:7a:f2:7a:0c:26:58:50:94:38:3f:5c:
9c:fd:af:0c:6e:ab:2d:fa:f0:35:1d:84:53:4b:c7:
60:04:6b:f8:96:19:c7:26:85:57:7d:f8:d7:85:f4:
0b:bd:1e:93:bc:9a:7c:de:68:51:c7:c3:96:20:fd:
3d:e8:ac:f2:a9:3d:46:f5:26:08:3e:04:78:95:4d:
5f:5f:1e:09:e8:ae:5f:62:ea:64:35:cd:05:87:b4:
55:b3:40:b9:22:8f:1a:28:19:b3:06:2d:27:6e:dc:
da:7e:d4:f8:1d:36:e7:78:63:2b:66:01:f6:f9:eb:
14:5e:95:d8:14:21:1c:08:48:a4:d0:21:9d:8f:c3:
94:af:39:c8:8f:3b:03:ad:17:b9:bb:20:71:83:7c:
e3:16:22:bf:2f:11:5a:e0:38:b1:14:a4:7c:2e:9a:
99:c7:49:8e:41:59:a2:6a:ef:3b:4b:bc:e5:8c:a6:
85:c6:06:a6:58:7f:7b:0a:b1:0e:bc:1b:fb:54:aa:
53:2c:0a:a4:e7:00:e5:32:46:8a:2f:33:9c:d2:d8:
07:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:19:28:AD:D6:58:0B:0B:41:E3:6E:6B:5B:C8:7B:4D:14:ED:56:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
33:c2:85:72:c2:eb:05:2f:41:9b:7b:c1:80:bc:95:20:08:57:
38:4c:b2:c8:b5:aa:bd:d0:1a:7a:07:43:6b:a0:a7:a0:f6:56:
15:52:73:3d:50:18:89:dd:1f:e2:82:dc:b6:24:63:d7:3c:77:
f0:47:ae:b7:ea:18:78:73:ac:24:14:de:f7:6f:20:e3:77:0b:
c0:c8:e3:ff:94:58:d1:f4:1f:c5:3c:d2:ee:a0:22:78:5d:0d:
62:2d:14:e8:c6:4d:12:27:77:da:c6:83:7b:94:a8:24:92:9c:
02:81:98:0e:d4:66:e9:a5:dc:49:86:80:ad:8c:63:1d:13:69:
04:70:c3:5e:e4:6a:16:d6:45:5c:f4:c4:55:cc:d4:a5:58:3b:
bb:a8:d0:6e:77:da:3a:c3:46:64:41:e0:18:b0:88:0e:94:eb:
5b:12:f8:77:4d:ff:87:fb:8e:bb:a9:27:f3:dd:ed:ef:dd:55:
a5:69:6a:f5:89:9e:1d:55:29:1f:3d:19:3b:16:23:dc:4c:de:
c8:75:e8:5a:f9:0c:62:3f:fd:90:59:ca:50:84:54:aa:cb:88:
ca:8f:3d:67:03:59:bc:9f:af:26:d8:5c:5d:e3:8b:62:34:bb:
56:86:b5:37:fc:e7:46:59:a2:4c:a3:53:80:13:e1:a4:46:d1:
ca:48:15:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA5EavBy06bNFl/40K/Zk7BqsTzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NmUzNWY2ODhhYjVjZmQxNTBkZTA0ZGNkYTc3OWI0ZjU4YjM5N2FlZTc1
MjFkZDY2ODA0ZmQzYmMzNDUwNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPZMRH+HuW9nuvP63OgNooExRgHw4aN4Dn6IDEP71GqyPPagsWjHdsPQTmN8
Gjj/qnryegwmWFCUOD9cnP2vDG6rLfrwNR2EU0vHYARr+JYZxyaFV33414X0C70e
k7yafN5oUcfDliD9Peis8qk9RvUmCD4EeJVNX18eCeiuX2LqZDXNBYe0VbNAuSKP
GigZswYtJ27c2n7U+B0253hjK2YB9vnrFF6V2BQhHAhIpNAhnY/DlK85yI87A60X
ubsgcYN84xYivy8RWuA4sRSkfC6amcdJjkFZomrvO0u85YymhcYGplh/ewqxDrwb
+1SqUywKpOcA5TJGii8znNLYB0kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBGSit
1lgLC0HjbmtbyHtNFO1WAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmMjY2OTYtNTUyMi00NzdkLWI4YmYtNzJkZTczNTBiMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzwoVywusFL0Gbe8GAvJUgCFc4TLLItaq90Bp6
B0NroKeg9lYVUnM9UBiJ3R/igty2JGPXPHfwR6636hh4c6wkFN73byDjdwvAyOP/
lFjR9B/FPNLuoCJ4XQ1iLRToxk0SJ3faxoN7lKgkkpwCgZgO1GbppdxJhoCtjGMd
E2kEcMNe5GoW1kVc9MRVzNSlWDu7qNBud9o6w0ZkQeAYsIgOlOtbEvh3Tf+H+467
qSfz3e3v3VWlaWr1iZ4dVSkfPRk7FiPcTN7Ideha+QxiP/2QWcpQhFSqy4jKjz1n
A1m8n68m2Fxd44tiNLtWhrU3/OdGWaJMo1OAE+GkRtHKSBVU
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:39:17 2025 by rpki-client