Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: GTKDmk2xYxVicaV6d+JAbxtn6LFvoooYIso4r53Xjqs=
Subject key identifier: EE:D4:FF:91:4C:0D:EF:C1:E6:0F:BB:97:AF:20:37:4F:D4:E1:7C:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75CF8BE92CF42EC369A35E709637CF84D3111419
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:cf:8b:e9:2c:f4:2e:c3:69:a3:5e:70:96:37:cf:84:d3:11:14:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=4b9ef84d6df7c9e968ff8206908e61a440d4eae3889f5df8df2fdd567a14060a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3c:df:ec:1d:ae:f4:ba:0d:c3:26:39:83:92:
1b:20:0f:0c:a4:65:c5:98:00:08:51:ab:ad:6d:23:
32:07:58:3b:02:83:db:90:26:e4:b7:f2:13:5a:50:
e4:36:ee:7c:da:cb:54:75:b4:6b:6f:01:85:5e:37:
f6:b8:86:38:a9:7c:90:1e:2e:e2:ff:3d:5f:ea:e5:
20:3f:60:53:c6:2c:90:cb:ae:09:ea:a8:3a:b8:22:
a0:74:6c:92:f0:9a:10:03:a1:93:74:8a:24:05:04:
53:56:a6:fa:78:c0:31:22:02:2b:da:1e:34:01:89:
d4:a1:cb:cd:35:a8:58:59:19:8b:32:5e:f9:f1:b0:
72:07:ba:1f:3c:fb:37:f2:53:9e:b6:b3:56:14:0c:
65:6b:cf:1d:75:14:eb:32:46:9b:d7:aa:db:d0:e4:
05:4e:d4:08:a5:65:9a:5e:bc:e8:7b:42:03:10:fb:
50:ed:b2:ea:84:72:ab:67:e5:8d:f1:97:da:f7:42:
43:47:16:8e:0d:d8:2b:5f:47:81:2c:24:b0:a1:9c:
84:6a:e3:a9:e8:d5:3f:16:fe:c6:60:7f:b6:f6:f8:
3e:c4:be:55:29:bb:39:86:b9:03:6c:58:73:ad:3c:
94:cc:f1:60:e2:af:f1:fc:32:e6:66:f4:93:76:86:
65:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D4:FF:91:4C:0D:EF:C1:E6:0F:BB:97:AF:20:37:4F:D4:E1:7C:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:f9:41:a4:b3:c1:18:fc:5a:09:23:09:0e:46:2b:8c:97:eb:
a0:69:aa:e7:ff:76:27:aa:57:00:f5:a2:c3:0e:14:d0:5b:bf:
41:c3:4e:4c:5b:24:bd:7e:86:63:46:c2:b1:81:7f:35:50:0e:
cc:ba:ad:4e:f9:19:11:3a:9a:dd:14:26:5f:47:3c:ae:c0:d0:
cd:a9:b9:20:fb:5c:21:2f:cb:6c:cf:27:25:56:63:2a:50:1d:
45:8f:a8:89:b8:10:b0:e0:44:07:5f:80:f8:53:e1:7a:32:9b:
05:a1:5e:5b:5f:09:80:2c:2c:75:a6:96:7e:18:0f:de:8b:cd:
88:b6:90:06:31:ee:3e:d7:fc:8e:da:42:84:58:9a:f0:9f:16:
f5:f0:4e:9c:06:86:9a:cb:32:7a:8a:3c:b4:10:0a:d2:4c:31:
33:50:e7:35:e1:05:2a:8c:ed:ef:42:9d:ef:f7:00:1d:8b:0d:
99:fe:28:c3:4c:ac:bd:9f:52:35:77:93:f7:53:15:a3:90:c7:
b9:1e:2d:c8:c1:cb:0b:0f:ec:91:52:37:47:0c:23:32:51:11:
f6:67:aa:23:ab:4f:dd:73:bc:33:f6:0a:52:c2:9f:4e:77:f0:
f5:f7:56:95:7e:75:79:29:26:72:ca:75:06:df:a7:10:a3:c4:
5b:2c:6f:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdc+L6Sz0LsNpo15wljfPhNMRFBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiOWVmODRkNmRmN2M5ZTk2OGZmODIwNjkwOGU2MWE0NDBkNGVhZTM4ODlm
NWRmOGRmMmZkZDU2N2ExNDA2MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJk83+wdrvS6DcMmOYOSGyAPDKRlxZgACFGrrW0jMgdYOwKD25Am5LfyE1pQ
5DbufNrLVHW0a28BhV439riGOKl8kB4u4v89X+rlID9gU8YskMuuCeqoOrgioHRs
kvCaEAOhk3SKJAUEU1am+njAMSICK9oeNAGJ1KHLzTWoWFkZizJe+fGwcge6Hzz7
N/JTnrazVhQMZWvPHXUU6zJGm9eq29DkBU7UCKVlml686HtCAxD7UO2y6oRyq2fl
jfGX2vdCQ0cWjg3YK19HgSwksKGchGrjqejVPxb+xmB/tvb4PsS+VSm7OYa5A2xY
c608lMzxYOKv8fwy5mb0k3aGZXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTu1P+R
TA3vweYPu5evIDdP1OF8BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQDC+UGks8EY/FoJIwkORiuMl+ugaarn/3YnqlcA
9aLDDhTQW79Bw05MWyS9foZjRsKxgX81UA7Muq1O+RkROprdFCZfRzyuwNDNqbkg
+1whL8tszyclVmMqUB1Fj6iJuBCw4EQHX4D4U+F6MpsFoV5bXwmALCx1ppZ+GA/e
i82ItpAGMe4+1/yO2kKEWJrwnxb18E6cBoaayzJ6ijy0EArSTDEzUOc14QUqjO3v
Qp3v9wAdiw2Z/ijDTKy9n1I1d5P3UxWjkMe5Hi3IwcsLD+yRUjdHDCMyURH2Z6oj
q0/dc7wz9gpSwp9Od/D191aVfnV5KSZyynUG36cQo8RbLG/A
-----END CERTIFICATE-----
Generated at Fri May 2 15:37:12 2025 by rpki-client