Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
File: c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa (raw, json)
Hash identifier: BPL/jyMqgWug6y/c02R/GdnW9r30oyk4Qi7DALSwAsg=
Subject key identifier: 7B:31:4A:4E:7E:8F:A3:1B:F7:23:E7:3D:3A:FD:3B:47:BF:78:55:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FF84E54FFD6DB3ED2045E3E8527D3A8B4EF01E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f8:4e:54:ff:d6:db:3e:d2:04:5e:3e:85:27:d3:a8:b4:ef:01:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6ab6bd1ff98b5dace85a2ce4c2dd646cd265a8e585a16884e75c88bb3c7f3728, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e7:cf:2d:44:46:02:95:f8:75:ba:61:72:80:
ca:ff:6d:38:af:c0:75:6d:af:36:61:43:f6:2e:b0:
74:b0:ce:78:bd:b1:d7:64:63:36:53:b6:06:2c:de:
9d:d3:fa:a2:b2:23:d1:2f:ac:d6:71:76:cc:95:e3:
27:5e:09:f5:aa:35:3e:4b:2b:74:e4:b9:0b:ad:7f:
59:2b:ea:9e:0d:f9:8c:ad:b2:04:10:b7:ed:6c:75:
b6:3c:13:6e:6b:66:fe:8e:3b:7b:27:6a:73:d0:de:
2f:03:16:be:06:06:62:0c:4c:68:df:bf:d1:47:a8:
68:50:5e:33:64:a8:39:83:59:31:5f:07:a9:1a:74:
2e:2a:e0:2a:92:12:19:03:7c:28:9b:40:fe:68:66:
81:43:fa:a8:4f:bb:89:bd:70:0f:92:0e:77:60:d4:
09:2c:e8:0b:58:26:4e:6f:54:db:02:51:71:d9:0f:
43:ab:a4:ba:cc:4d:4a:d2:57:5a:e6:8e:e0:ac:e1:
51:80:6e:56:29:2e:9b:3e:bd:7f:7f:14:57:4b:36:
51:09:87:72:88:86:d3:55:64:1d:0e:9b:33:01:d8:
12:f4:df:44:c7:45:e0:94:bc:18:02:07:db:90:18:
02:d6:97:d5:96:f6:84:7e:98:ed:6c:eb:d5:37:56:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:31:4A:4E:7E:8F:A3:1B:F7:23:E7:3D:3A:FD:3B:47:BF:78:55:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:11:d5:34:1e:c1:7d:ef:00:13:75:b2:66:39:d5:8d:69:a7:
34:23:73:43:1d:af:a4:46:f2:4d:35:f0:e6:8d:02:eb:24:7d:
2a:81:8e:14:1f:ee:8f:40:84:4d:ac:27:5f:bd:ca:3d:38:bf:
48:cf:a5:ae:89:45:8c:b5:0c:31:d8:1a:be:d3:02:43:92:cb:
8c:c4:e7:21:20:fc:d2:4a:10:60:96:d4:4b:0a:1f:dd:f3:00:
93:6b:be:34:83:2e:b1:0c:bb:7f:6c:16:83:5e:a8:0b:3c:20:
11:0f:b2:ca:ac:e6:58:d3:9e:83:ea:0c:85:9a:a1:8f:78:fe:
46:36:e9:fd:e4:3b:dc:03:8e:fe:9e:e9:ba:ae:32:01:1a:b4:
c4:c9:2e:d3:8f:7e:60:cb:bb:87:ef:bc:ff:73:b8:be:c9:c9:
1f:42:e0:34:6d:d8:c2:1b:7d:c8:a9:76:93:2e:d3:57:79:1a:
51:dd:cd:6b:96:f6:45:18:8f:68:67:64:0f:69:d1:22:bb:98:
9a:2f:00:a4:73:5f:8d:13:41:40:e7:9e:e7:aa:5c:9d:40:46:
4c:b1:3e:8e:ef:27:47:26:95:f3:3b:df:ef:1d:99:18:3e:40:
e0:e7:64:7c:1f:f9:0e:57:9c:27:2f:58:74:a2:1b:62:72:96:
03:76:af:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP/hOVP/W2z7SBF4+hSfTqLTvAeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhYjZiZDFmZjk4YjVkYWNlODVhMmNlNGMyZGQ2NDZjZDI2NWE4ZTU4NWEx
Njg4NGU3NWM4OGJiM2M3ZjM3MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/nzy1ERgKV+HW6YXKAyv9tOK/AdW2vNmFD9i6wdLDOeL2x12RjNlO2Bize
ndP6orIj0S+s1nF2zJXjJ14J9ao1PksrdOS5C61/WSvqng35jK2yBBC37Wx1tjwT
bmtm/o47eydqc9DeLwMWvgYGYgxMaN+/0UeoaFBeM2SoOYNZMV8HqRp0LirgKpIS
GQN8KJtA/mhmgUP6qE+7ib1wD5IOd2DUCSzoC1gmTm9U2wJRcdkPQ6ukusxNStJX
WuaO4KzhUYBuVikumz69f38UV0s2UQmHcoiG01VkHQ6bMwHYEvTfRMdF4JS8GAIH
25AYAtaX1Zb2hH6Y7Wzr1TdWzxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7MUpO
fo+jG/cj5z06/TtHv3hVZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzYxY2IyYTItMTQwNi00OWM5LTlmZWMtYTQ4ZTc2OTUwZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbEdU0HsF97wATdbJmOdWNaac0I3NDHa+kRvJN
NfDmjQLrJH0qgY4UH+6PQIRNrCdfvco9OL9Iz6WuiUWMtQwx2Bq+0wJDksuMxOch
IPzSShBgltRLCh/d8wCTa740gy6xDLt/bBaDXqgLPCARD7LKrOZY056D6gyFmqGP
eP5GNun95DvcA47+num6rjIBGrTEyS7Tj35gy7uH77z/c7i+yckfQuA0bdjCG33I
qXaTLtNXeRpR3c1rlvZFGI9oZ2QPadEiu5iaLwCkc1+NE0FA557nqlydQEZMsT6O
7ydHJpXzO9/vHZkYPkDg52R8H/kOV5wnL1h0ohticpYDdq8h
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:53 2025 by rpki-client