Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
File: bdd33562-2653-4549-84dc-25f96aa10a83.roa (raw, json)
Hash identifier: qyRseaqyd6SibVIeZnEaSRJZAyPQ3Hn91KZc8p6QPzw=
Subject key identifier: 4D:37:EA:DB:42:3C:2C:63:6E:77:AB:B1:27:9B:73:0E:7C:99:83:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E18E5318C3DECFE6946AE94DF5D510249C7279E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d021::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:18:e5:31:8c:3d:ec:fe:69:46:ae:94:df:5d:51:02:49:c7:27:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=6e985de640c92f7d0b880e442747b9c8804753c3e1a31c2dd6b572190eba5a53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7c:5b:7a:1c:cd:cf:71:a6:9e:83:6f:11:47:
21:65:67:94:08:78:c0:4d:98:2e:bf:61:38:8e:83:
05:72:66:13:be:4a:86:da:cf:dd:b9:55:38:f4:1b:
7e:6a:d9:49:64:e9:a5:ba:6f:6b:15:b6:cf:47:0e:
78:c5:c3:52:c9:96:2b:49:1e:37:d8:20:45:72:35:
4f:64:12:e2:78:d1:bc:7d:09:57:62:39:13:0d:74:
8d:a8:bb:cc:9e:0a:43:a2:3c:2b:81:32:97:79:a7:
9a:d3:f2:6d:20:d3:e1:03:a5:76:fb:78:0a:29:96:
16:1e:ad:32:cc:b9:f1:5d:a2:59:ad:ca:65:4e:2f:
b1:f9:26:06:18:6f:68:43:33:d3:26:94:a0:7c:b1:
25:34:17:e1:06:82:5c:ec:ba:a3:c6:94:01:25:98:
20:52:f8:59:a8:e6:02:f8:a1:17:ed:9f:65:a2:c0:
7a:81:36:cf:cc:4b:4d:44:6a:d9:84:65:65:6e:4c:
50:23:48:b5:86:c9:04:80:e0:b0:50:e1:1d:67:a8:
17:bd:c2:fe:ac:af:0f:7c:6c:ea:b5:4a:fe:fb:91:
82:ce:a3:e6:df:0b:2d:6c:50:33:e8:00:19:e4:09:
e3:9d:84:24:fb:3d:f2:6e:8c:2d:68:e2:ad:74:f7:
1c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:37:EA:DB:42:3C:2C:63:6E:77:AB:B1:27:9B:73:0E:7C:99:83:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d021::/36
Signature Algorithm: sha256WithRSAEncryption
4b:26:e5:01:8d:38:a0:8e:be:82:22:e0:71:7a:3b:d5:9b:f4:
4c:62:a0:f2:46:79:91:d7:1a:10:72:3c:73:f2:13:00:1f:e2:
42:d8:5f:f2:23:58:a7:bb:2e:58:ab:44:f7:be:82:9f:6e:ab:
20:97:86:c9:34:b3:29:25:32:a4:1c:11:f2:f5:91:22:d6:0d:
77:95:e5:e1:29:ff:2d:2f:1e:58:12:43:dc:57:aa:f9:42:3d:
00:19:6d:26:51:55:c1:63:4e:31:57:ea:6c:4b:c0:f5:b5:62:
44:52:e6:2f:65:b6:18:34:9c:0f:b5:a6:dd:e3:e3:b3:31:47:
97:22:36:d7:7b:73:59:43:9b:d6:1f:53:1b:c3:2c:ba:fc:c7:
fe:17:1c:89:cf:5d:fc:e7:92:e6:10:66:b0:e2:c5:d9:9e:11:
82:16:c1:e3:6f:08:eb:4b:53:52:1d:97:6a:8c:d4:ac:bb:83:
23:94:9d:45:30:3e:51:88:d3:e9:78:8a:b6:42:d3:5e:ca:34:
30:6e:4c:0e:78:38:fd:96:cd:3d:47:c4:67:2a:1d:7b:c5:59:
7e:84:ed:04:f6:40:04:b0:40:97:42:f2:84:11:bf:79:3b:de:
14:10:0f:9c:c8:f8:a8:17:ee:d4:4a:13:16:20:28:c9:0d:3d:
41:49:23:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbhjlMYw97P5pRq6U311RAknHJ54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlOTg1ZGU2NDBjOTJmN2QwYjg4MGU0NDI3NDdiOWM4ODA0NzUzYzNlMWEz
MWMyZGQ2YjU3MjE5MGViYTVhNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKp8W3oczc9xpp6DbxFHIWVnlAh4wE2YLr9hOI6DBXJmE75KhtrP3blVOPQb
fmrZSWTppbpvaxW2z0cOeMXDUsmWK0keN9ggRXI1T2QS4njRvH0JV2I5Ew10jai7
zJ4KQ6I8K4Eyl3mnmtPybSDT4QOldvt4CimWFh6tMsy58V2iWa3KZU4vsfkmBhhv
aEMz0yaUoHyxJTQX4QaCXOy6o8aUASWYIFL4WajmAvihF+2fZaLAeoE2z8xLTURq
2YRlZW5MUCNItYbJBIDgsFDhHWeoF73C/qyvD3xs6rVK/vuRgs6j5t8LLWxQM+gA
GeQJ452EJPs98m6MLWjirXT3HOsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNN+rb
QjwsY253q7Enm3MOfJmDuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkMzM1NjItMjY1My00NTQ5LTg0ZGMtMjVmOTZhYTEwYTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBLJuUBjTigjr6CIuBxejvVm/RMYqDyRnmR1xoQ
cjxz8hMAH+JC2F/yI1inuy5Yq0T3voKfbqsgl4bJNLMpJTKkHBHy9ZEi1g13leXh
Kf8tLx5YEkPcV6r5Qj0AGW0mUVXBY04xV+psS8D1tWJEUuYvZbYYNJwPtabd4+Oz
MUeXIjbXe3NZQ5vWH1Mbwyy6/Mf+FxyJz13855LmEGaw4sXZnhGCFsHjbwjrS1NS
HZdqjNSsu4MjlJ1FMD5RiNPpeIq2QtNeyjQwbkwOeDj9ls09R8RnKh17xVl+hO0E
9kAEsECXQvKEEb95O94UEA+cyPioF+7UShMWICjJDT1BSSPS
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:38 2025 by rpki-client