Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
File: c8af18fc-ae06-42ae-9533-a5516ea722d4.roa (raw, json)
Hash identifier: MZTWstvAB7SWiutnHbCsyON4i+w0GeycH+C8M5K71Xo=
Subject key identifier: E7:3E:A3:9D:7D:41:0C:75:06:6A:F9:73:7B:7E:51:00:71:F1:81:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02B423A060E01D59ACB63A6CE99B7B46A3FED591
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:b4:23:a0:60:e0:1d:59:ac:b6:3a:6c:e9:9b:7b:46:a3:fe:d5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=dce805537a67364f798c3dd6a2ee8fe43df5993e42cec2c075bd25273bd8ae7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:02:fb:d9:32:73:b9:2f:60:52:2e:ff:34:fa:
81:39:84:c0:46:e4:8f:47:2c:a0:e1:94:4c:b0:13:
d9:0d:f7:87:d3:12:27:ed:e3:e1:a0:d6:64:ce:2b:
86:18:59:44:7e:aa:b6:ff:56:16:25:ef:6f:c3:f5:
08:c5:e0:64:8c:af:90:7f:1f:e9:4a:9d:3d:64:2e:
47:9d:dc:89:cf:37:4c:e3:2b:48:7d:da:ce:1f:f8:
59:54:7a:28:4f:29:00:95:37:52:06:0d:a1:5e:0b:
82:c8:71:cc:f0:f1:6a:14:b0:36:7c:87:0a:c2:e6:
5b:62:bd:30:80:e5:12:87:87:56:d1:98:e6:a7:17:
1a:60:f4:87:79:a8:97:fc:99:fe:03:8f:64:43:2a:
00:c6:c2:04:59:45:d9:4e:da:05:1e:d3:cc:87:31:
34:16:49:39:da:10:c6:58:12:cf:70:cf:c9:d1:52:
4d:b8:0a:9f:b7:44:95:99:de:f4:93:a6:e1:9f:e0:
13:3b:d1:2b:ba:73:f8:4f:98:fb:1e:5d:7a:ff:70:
dc:47:5a:a3:2d:4e:00:54:2e:77:11:73:e2:15:ac:
24:40:5b:55:6c:ac:d0:49:05:ac:8b:1c:e6:f9:d8:
ba:64:b6:11:f1:3b:0f:67:92:db:75:5e:34:fd:13:
db:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3E:A3:9D:7D:41:0C:75:06:6A:F9:73:7B:7E:51:00:71:F1:81:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9080::/48
Signature Algorithm: sha256WithRSAEncryption
0f:9a:b0:09:73:e4:92:73:11:28:7c:53:25:8a:8e:21:8c:54:
c1:65:fc:70:5f:cd:8c:83:fd:0a:5d:32:9e:b5:4e:62:cf:6f:
1c:8a:67:e3:90:4f:45:42:eb:68:52:61:4d:19:65:6e:60:f4:
62:20:f9:3b:c3:14:19:9d:c4:7b:3c:5f:31:e7:dc:4a:0b:21:
fd:82:70:75:53:21:6a:1d:94:3b:32:44:29:3e:59:83:d7:48:
b2:22:34:f7:d8:83:d4:4c:15:46:c1:d3:91:c7:0c:b3:79:e6:
38:ef:fd:1f:1b:8d:0d:b9:b3:e2:f7:10:90:2b:1e:f6:9e:fc:
6b:75:0e:13:4e:36:9a:c7:e4:a8:00:c4:76:2b:76:ae:3c:ef:
66:62:fa:93:a9:51:af:9c:83:c0:ac:38:49:5c:14:91:4c:23:
99:68:6b:d7:25:80:81:54:81:57:bd:a6:87:5a:44:2f:db:c3:
02:b8:7d:7f:dc:83:8e:11:78:a1:c6:53:fd:a1:d8:9d:2c:5f:
84:a9:2a:72:eb:95:93:44:e3:62:f7:df:6c:f5:2b:a4:52:9a:
49:af:0d:bc:15:d4:5a:bf:09:34:df:66:d4:16:fa:2a:ef:08:
0b:60:52:46:b3:7d:d6:98:c8:14:86:f1:20:b5:c9:8a:92:71:
f8:79:32:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUArQjoGDgHVmstjps6Zt7RqP+1ZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZTgwNTUzN2E2NzM2NGY3OThjM2RkNmEyZWU4ZmU0M2RmNTk5M2U0MmNl
YzJjMDc1YmQyNTI3M2JkOGFlN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQC+9kyc7kvYFIu/zT6gTmEwEbkj0csoOGUTLAT2Q33h9MSJ+3j4aDWZM4r
hhhZRH6qtv9WFiXvb8P1CMXgZIyvkH8f6UqdPWQuR53cic83TOMrSH3azh/4WVR6
KE8pAJU3UgYNoV4LgshxzPDxahSwNnyHCsLmW2K9MIDlEoeHVtGY5qcXGmD0h3mo
l/yZ/gOPZEMqAMbCBFlF2U7aBR7TzIcxNBZJOdoQxlgSz3DPydFSTbgKn7dElZne
9JOm4Z/gEzvRK7pz+E+Y+x5dev9w3Edaoy1OAFQudxFz4hWsJEBbVWys0EkFrIsc
5vnYumS2EfE7D2eS23VeNP0T27ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTnPqOd
fUEMdQZq+XN7flEAcfGBtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzhhZjE4ZmMtYWUwNi00MmFlLTk1MzMtYTU1MTZlYTcyMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAD5qwCXPkknMRKHxTJYqOIYxUwWX8cF/NjIP9
Cl0ynrVOYs9vHIpn45BPRULraFJhTRllbmD0YiD5O8MUGZ3EezxfMefcSgsh/YJw
dVMhah2UOzJEKT5Zg9dIsiI099iD1EwVRsHTkccMs3nmOO/9HxuNDbmz4vcQkCse
9p78a3UOE042msfkqADEdit2rjzvZmL6k6lRr5yDwKw4SVwUkUwjmWhr1yWAgVSB
V72mh1pEL9vDArh9f9yDjhF4ocZT/aHYnSxfhKkqcuuVk0TjYvffbPUrpFKaSa8N
vBXUWr8JNN9m1Bb6Ku8IC2BSRrN91pjIFIbxILXJipJx+Hkypg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:20 2025 by rpki-client