Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: FhGJPeg5wP/OhPFclUHcFh5n0AAl87R5Vg91ZFKrjXE=
Subject key identifier: 58:E0:86:29:08:16:0E:8A:65:13:C6:24:7B:F8:5A:AC:6D:74:BA:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 797E2D6FD09D29F66A730AC52C6860FDEE590473
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:7e:2d:6f:d0:9d:29:f6:6a:73:0a:c5:2c:68:60:fd:ee:59:04:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ac377dbd54b6f855bb80558a998d3466f9798ecccb948696e8da445b15610d6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:33:c1:b2:cd:8e:f8:07:1c:80:e2:60:26:b4:
aa:18:3a:6f:e4:92:7b:61:f5:09:98:45:5c:e1:fd:
97:33:6c:50:fd:5a:26:dc:af:90:7f:a9:29:d8:24:
0e:a0:ae:d9:5d:72:bd:90:17:1d:59:a1:38:e0:8a:
54:a3:68:1f:63:eb:7e:96:45:d7:fb:45:df:cf:fe:
be:05:68:08:42:fa:9b:af:46:ee:d2:ad:38:81:55:
ed:3b:1b:e9:76:9a:c2:41:31:ac:31:66:e6:24:c1:
05:f1:d8:5b:7b:7f:ec:02:84:f1:0c:0f:0b:51:68:
6b:3d:33:b2:21:19:55:c3:9c:9e:85:9c:21:66:ec:
52:10:be:22:d7:8f:a6:de:86:ed:de:7a:9f:64:71:
13:48:b7:69:d4:84:4b:89:41:06:2b:45:63:e0:a4:
87:13:58:e2:41:5b:0c:d5:d8:45:07:b8:67:29:f2:
e1:e8:be:e9:3e:a2:ed:1f:b0:1e:ca:7e:e1:73:73:
4a:e3:41:dc:95:73:95:74:63:75:af:2d:50:3a:38:
aa:87:3f:1c:d1:ac:88:5c:8c:0c:4d:6a:ef:41:b7:
65:3a:1d:7e:52:5c:f7:4c:4e:af:03:d2:2f:4b:10:
e8:f1:db:11:3e:7f:d3:46:eb:e5:4b:de:a0:d3:80:
e0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E0:86:29:08:16:0E:8A:65:13:C6:24:7B:F8:5A:AC:6D:74:BA:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
5c:0b:ff:cf:e7:93:47:0d:e7:ce:61:96:0f:7e:8c:76:9f:70:
a3:79:b6:36:3d:e4:89:98:af:58:b6:17:4c:f2:1e:5e:13:37:
55:e0:0d:23:96:61:0b:25:d7:12:9f:65:5b:39:94:93:cf:2b:
92:45:d0:27:be:1c:6d:ca:ac:1f:ec:b2:94:c5:ac:5a:5b:86:
25:d7:0d:f0:96:ea:7c:93:50:93:d6:69:7e:86:a6:bb:a2:8b:
57:d6:48:79:22:88:d0:81:8c:c9:68:2f:33:15:f6:1e:8c:c2:
43:d2:cd:c7:f1:ff:1e:e7:c6:a0:ba:7f:e5:48:fb:79:60:08:
b0:fc:61:9f:c8:22:a6:9c:9d:07:17:41:aa:51:62:bb:2e:1d:
2c:78:19:b2:a5:f5:57:68:05:44:6c:51:25:e4:8c:e5:da:4e:
12:57:83:9a:3f:d7:8b:16:e4:d7:55:71:6a:d0:c1:20:5b:7f:
50:05:46:d7:45:a5:a3:57:c0:58:be:10:a9:18:72:82:c4:56:
1c:6b:19:ed:f9:6b:32:c9:12:fc:b6:05:72:2a:77:cc:8a:bc:
8c:f2:83:d9:2e:56:6c:8b:64:66:01:c2:8b:41:2a:8c:cf:d8:
c3:15:76:f7:a5:01:a2:1d:92:5c:18:f1:ae:4b:db:e9:fe:4c:
95:67:52:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeX4tb9CdKfZqcwrFLGhg/e5ZBHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMzc3ZGJkNTRiNmY4NTViYjgwNTU4YTk5OGQzNDY2Zjk3OThlY2NjYjk0
ODY5NmU4ZGE0NDViMTU2MTBkNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwzwbLNjvgHHIDiYCa0qhg6b+SSe2H1CZhFXOH9lzNsUP1aJtyvkH+pKdgk
DqCu2V1yvZAXHVmhOOCKVKNoH2PrfpZF1/tF38/+vgVoCEL6m69G7tKtOIFV7Tsb
6XaawkExrDFm5iTBBfHYW3t/7AKE8QwPC1Foaz0zsiEZVcOcnoWcIWbsUhC+IteP
pt6G7d56n2RxE0i3adSES4lBBitFY+CkhxNY4kFbDNXYRQe4Zyny4ei+6T6i7R+w
Hsp+4XNzSuNB3JVzlXRjda8tUDo4qoc/HNGsiFyMDE1q70G3ZTodflJc90xOrwPS
L0sQ6PHbET5/00br5UveoNOA4G8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRY4IYp
CBYOimUTxiR7+FqsbXS6IzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAXAv/z+eTRw3nzmGWD36Mdp9wo3m2Nj3kiZiv
WLYXTPIeXhM3VeANI5ZhCyXXEp9lWzmUk88rkkXQJ74cbcqsH+yylMWsWluGJdcN
8JbqfJNQk9Zpfoamu6KLV9ZIeSKI0IGMyWgvMxX2HozCQ9LNx/H/HufGoLp/5Uj7
eWAIsPxhn8gippydBxdBqlFiuy4dLHgZsqX1V2gFRGxRJeSM5dpOEleDmj/Xixbk
11VxatDBIFt/UAVG10Wlo1fAWL4QqRhygsRWHGsZ7flrMskS/LYFcip3zIq8jPKD
2S5WbItkZgHCi0EqjM/YwxV296UBoh2SXBjxrkvb6f5MlWdSxg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:12 2025 by rpki-client