Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: SdGn4jLbz2K4CfGXyszOv2iG+VaFmqU95DQHfmjlM4E=
Subject key identifier: 70:5D:77:1F:B4:A8:4C:D7:6B:67:86:09:D1:7A:0D:9A:F9:A2:03:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0ABCA948C9434E13138754817AB0339FBB9A071E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:bc:a9:48:c9:43:4e:13:13:87:54:81:7a:b0:33:9f:bb:9a:07:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c3df473b0e8e9bb79446bbc7d0118c3761f67f563b5101422beb295ebb2076e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:73:2e:7d:6f:de:46:de:08:98:2c:45:20:9e:
2a:24:76:be:9f:92:dd:49:c9:5d:c1:a0:c3:59:8c:
ec:a3:94:71:29:79:16:75:8d:c5:b8:6b:28:34:a0:
26:88:e8:f7:63:8d:02:cb:93:33:c4:98:b8:0f:f6:
1d:15:72:e4:d0:ca:8d:87:b8:01:96:d6:fb:7f:6b:
94:da:1e:40:0d:9d:ba:cd:fe:68:7b:ec:7d:78:0f:
2d:27:15:fa:77:7b:2c:98:63:a6:0c:ed:e5:8a:8f:
2f:28:30:89:47:0b:f2:bf:13:db:fa:44:a1:0a:13:
e9:3f:ba:26:eb:37:af:4a:e8:df:a5:c3:96:4b:3e:
d1:e8:5c:c6:92:b7:cd:54:8f:eb:92:58:d8:0f:5d:
82:be:02:48:08:d8:09:a1:c1:22:12:35:5e:78:a4:
44:3b:9a:5b:c5:0e:68:ff:58:9c:0d:c2:b4:90:d5:
42:03:a7:67:bd:3a:80:45:63:dc:0b:97:bc:a8:60:
f7:3f:e2:42:fa:1a:e0:11:31:88:7e:b5:58:ce:81:
ae:4a:9a:c4:4e:c5:5e:42:f8:da:a1:ec:db:b0:f0:
e9:b5:c9:fd:2e:cd:b4:37:e9:11:a5:f7:8b:60:23:
8a:57:e5:ac:c7:ec:7d:dd:43:76:88:3f:8c:18:9b:
73:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5D:77:1F:B4:A8:4C:D7:6B:67:86:09:D1:7A:0D:9A:F9:A2:03:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
96:e0:a6:d0:af:28:49:37:e6:be:93:ec:95:b3:6b:69:4a:d1:
65:fb:46:ff:4a:09:5e:bd:dc:d8:67:d3:35:ae:b0:8f:de:ea:
d9:a3:29:38:fc:51:27:60:2f:2c:14:fd:8e:ef:24:48:5e:31:
e4:fa:25:21:d1:13:8b:99:de:02:05:22:63:c9:77:d7:88:b8:
29:76:cd:8f:5f:37:e2:de:58:9b:87:35:2c:e7:9e:79:ea:6a:
25:54:b5:c3:42:77:cd:e2:a4:83:bd:db:36:e5:a7:e1:fc:97:
68:2f:d0:9a:7a:88:52:04:5d:28:79:91:50:33:f7:34:b6:0f:
ca:83:66:72:4e:ff:c0:7f:fe:c4:4d:62:b1:84:af:53:98:a6:
a9:ee:50:06:ad:3a:fe:b8:0e:63:2b:f5:9e:95:6d:5f:b1:34:
7b:bf:e8:43:77:b4:d1:90:39:89:e1:21:38:b9:05:7b:22:fc:
de:9c:6d:58:09:c1:be:36:6b:bf:b6:03:f9:33:6c:ef:ef:2c:
20:c6:5f:2e:79:5d:88:1f:08:10:0d:9b:e3:ee:8d:c2:45:56:
32:68:4d:2d:05:ad:25:a1:75:88:0c:0c:3d:d2:d4:15:c0:d7:
f9:81:88:0d:92:8f:d8:88:d1:fa:1c:4a:4e:53:5e:e4:40:1c:
c5:7a:7b:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCrypSMlDThMTh1SBerAzn7uaBx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzZGY0NzNiMGU4ZTliYjc5NDQ2YmJjN2QwMTE4YzM3NjFmNjdmNTYzYjUx
MDE0MjJiZWIyOTVlYmIyMDc2ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFzLn1v3kbeCJgsRSCeKiR2vp+S3UnJXcGgw1mM7KOUcSl5FnWNxbhrKDSg
Jojo92ONAsuTM8SYuA/2HRVy5NDKjYe4AZbW+39rlNoeQA2dus3+aHvsfXgPLScV
+nd7LJhjpgzt5YqPLygwiUcL8r8T2/pEoQoT6T+6Jus3r0ro36XDlks+0ehcxpK3
zVSP65JY2A9dgr4CSAjYCaHBIhI1XnikRDuaW8UOaP9YnA3CtJDVQgOnZ706gEVj
3AuXvKhg9z/iQvoa4BExiH61WM6BrkqaxE7FXkL42qHs27Dw6bXJ/S7NtDfpEaX3
i2AjilflrMfsfd1Ddog/jBibcwcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwXXcf
tKhM12tnhgnReg2a+aIDOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQCW4KbQryhJN+a+k+yVs2tpStFl+0b/SglevdzY
Z9M1rrCP3urZoyk4/FEnYC8sFP2O7yRIXjHk+iUh0ROLmd4CBSJjyXfXiLgpds2P
Xzfi3libhzUs55556molVLXDQnfN4qSDvds25afh/JdoL9CaeohSBF0oeZFQM/c0
tg/Kg2ZyTv/Af/7ETWKxhK9TmKap7lAGrTr+uA5jK/WelW1fsTR7v+hDd7TRkDmJ
4SE4uQV7IvzenG1YCcG+Nmu/tgP5M2zv7ywgxl8ueV2IHwgQDZvj7o3CRVYyaE0t
Ba0loXWIDAw90tQVwNf5gYgNko/YiNH6HEpOU17kQBzFenuE
-----END CERTIFICATE-----
Generated at Fri May 2 14:33:20 2025 by rpki-client