Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: GL7UGmG77+xkuSZn7Vn+HbwABpQDwRWOkwjZGY06U4k=
Subject key identifier: 12:24:86:46:80:DD:04:54:56:17:98:7C:51:A0:55:5F:B8:23:A7:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C763360D6186EB3DCD05E56D378A3899C02D4DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:76:33:60:d6:18:6e:b3:dc:d0:5e:56:d3:78:a3:89:9c:02:d4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3faf47b914eb56b0b70184039f12c3d05663b1bd2e4a6ddf468d78fb875b2aa2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e9:15:71:88:5e:c9:d9:0b:6c:0f:9b:94:d0:
8d:5d:61:6b:3d:29:b0:49:75:2a:20:9c:02:7f:e3:
6d:a1:a0:7d:ed:51:92:27:41:d6:40:dc:a8:08:7e:
f1:26:09:83:95:31:7e:9c:a8:0a:46:0f:66:e1:c5:
e5:c2:10:d1:55:01:aa:87:9d:c5:44:52:7c:0d:c4:
cb:12:9d:0a:d7:cc:dc:9d:f7:df:98:f7:75:d4:9e:
7c:cb:49:85:48:52:39:3c:a0:b7:03:2b:c2:d0:ca:
7a:98:8f:f2:cc:88:2b:3f:b2:e9:eb:1e:d7:2d:ce:
3d:33:9e:81:19:0f:23:8e:94:29:0d:d4:74:38:38:
e7:9e:02:81:2d:67:17:36:dd:30:71:80:f8:a8:8a:
a4:cf:2b:d1:f6:d7:65:13:e0:81:95:06:30:cf:4d:
0e:4b:ca:c3:c4:38:89:f5:b5:08:6d:4d:1e:a8:71:
b4:fe:de:6d:54:c3:2d:39:d1:2c:3c:1e:09:5f:36:
9c:65:07:43:22:54:39:d9:d4:0e:00:52:ba:55:e8:
4f:46:3a:29:26:14:d0:4b:39:0a:38:35:90:af:d7:
d4:7d:76:e5:cc:6b:d9:02:8f:5c:8a:46:d1:07:5a:
81:92:d1:49:47:e9:e3:a5:6d:c3:f4:ae:59:a7:e8:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:24:86:46:80:DD:04:54:56:17:98:7C:51:A0:55:5F:B8:23:A7:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:cc:f6:b3:6e:d4:dc:9c:35:ae:4c:c9:5e:a4:bb:d6:a7:41:
0f:a9:c4:03:8b:ae:79:6c:e3:b0:2f:01:cc:9d:04:2f:93:3c:
5d:0c:6e:ed:82:fb:79:4b:de:ba:aa:90:dc:cd:7f:3c:83:95:
db:c4:49:ed:69:a7:06:40:a8:53:80:d1:b4:70:46:fc:a0:10:
6e:3a:05:62:d3:cc:f8:9a:9d:86:e6:81:4a:2d:37:07:23:f3:
98:61:a1:70:91:9a:0a:79:ba:a4:22:a8:c1:bc:99:ee:b3:d9:
ce:5f:c5:49:17:91:1a:3c:f6:f8:70:93:95:1c:9b:a0:75:1e:
21:51:da:73:00:c7:f1:48:00:31:d3:5f:f9:5e:9c:6c:1e:cc:
37:48:6a:2b:63:4d:b4:dd:6b:16:e3:ed:50:c4:9e:0b:f4:8b:
a7:a8:77:c5:80:b6:3f:2c:d5:d3:8e:bf:b2:b0:83:f5:75:c6:
67:b9:d0:26:ff:12:4f:0c:f4:dd:c2:30:c1:0a:36:35:d7:6d:
43:1f:db:59:f4:ba:ae:01:28:ea:e8:a9:54:97:b1:c7:a8:bc:
5a:ed:b3:18:50:c9:f0:61:3b:0a:c9:66:1d:f8:99:66:11:d7:
f4:e8:02:55:c4:41:55:57:c8:c9:c3:ac:f0:15:57:3d:00:a4:
4a:96:59:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPHYzYNYYbrPc0F5W03ijiZwC1NowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmYWY0N2I5MTRlYjU2YjBiNzAxODQwMzlmMTJjM2QwNTY2M2IxYmQyZTRh
NmRkZjQ2OGQ3OGZiODc1YjJhYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLpFXGIXsnZC2wPm5TQjV1haz0psEl1KiCcAn/jbaGgfe1RkidB1kDcqAh+
8SYJg5UxfpyoCkYPZuHF5cIQ0VUBqoedxURSfA3EyxKdCtfM3J3335j3ddSefMtJ
hUhSOTygtwMrwtDKepiP8syIKz+y6ese1y3OPTOegRkPI46UKQ3UdDg4554CgS1n
FzbdMHGA+KiKpM8r0fbXZRPggZUGMM9NDkvKw8Q4ifW1CG1NHqhxtP7ebVTDLTnR
LDweCV82nGUHQyJUOdnUDgBSulXoT0Y6KSYU0Es5Cjg1kK/X1H125cxr2QKPXIpG
0QdagZLRSUfp46Vtw/SuWafo5lECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSJIZG
gN0EVFYXmHxRoFVfuCOnuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQBLzPazbtTcnDWuTMlepLvWp0EPqcQDi655bOOw
LwHMnQQvkzxdDG7tgvt5S966qpDczX88g5XbxEntaacGQKhTgNG0cEb8oBBuOgVi
08z4mp2G5oFKLTcHI/OYYaFwkZoKebqkIqjBvJnus9nOX8VJF5EaPPb4cJOVHJug
dR4hUdpzAMfxSAAx01/5XpxsHsw3SGorY0203WsW4+1QxJ4L9IunqHfFgLY/LNXT
jr+ysIP1dcZnudAm/xJPDPTdwjDBCjY1121DH9tZ9LquASjq6KlUl7HHqLxa7bMY
UMnwYTsKyWYd+JlmEdf06AJVxEFVV8jJw6zwFVc9AKRKllkZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:08 2025 by rpki-client