Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
File: c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa (raw, json)
Hash identifier: RMSV89lnxKSCehNITXFgIvPh4PEIJuonBhXipDjrCFY=
Subject key identifier: 95:62:AB:40:79:09:E8:EB:72:34:EB:BC:0E:E2:5E:9A:7C:8E:69:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 328FBF42C2722E979E19EEA4708820168767C427
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:60c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:8f:bf:42:c2:72:2e:97:9e:19:ee:a4:70:88:20:16:87:67:c4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=5c7b9fbe9ba13985e66ce5bab6b00818aae77afb7831b8071dd33d6811ce1e3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:f8:bc:82:9c:27:8e:a8:d8:62:64:08:42:
09:a1:3b:58:fd:d7:25:1c:18:c9:1e:51:8f:0d:f5:
88:53:65:b5:12:65:61:a0:bf:de:d2:ea:df:e8:6f:
94:bb:19:79:02:b5:08:af:27:c5:d9:cd:61:e4:a9:
ad:27:cd:3a:89:59:5b:67:14:bb:de:b1:7f:e3:3e:
d2:3f:ed:e6:e4:b5:bc:07:f9:31:48:ad:ba:d8:05:
0f:dd:16:55:27:90:85:37:7a:75:43:11:4f:8e:de:
b3:c4:b0:b6:f5:17:9e:d7:c6:ec:16:46:54:93:80:
77:23:e2:07:08:b7:34:8d:74:08:b8:2d:d1:c5:d5:
cd:44:77:53:ba:ac:71:2c:17:0c:84:94:48:92:de:
46:09:c2:c6:8b:9f:20:09:ae:6b:c8:19:34:42:f4:
52:11:60:58:a6:9c:2f:ce:f0:c6:51:a4:8b:7e:25:
24:df:66:8f:df:11:00:e1:59:8c:38:14:2f:4d:2f:
b7:13:67:28:5a:6e:6d:05:dc:26:74:83:26:dd:da:
0c:ff:9e:c5:ee:de:1d:90:23:f7:f7:08:f5:e8:3f:
01:f4:ce:b8:3d:31:5d:92:b1:c4:f4:74:fd:c0:e9:
15:e5:54:64:9f:63:be:10:89:93:d0:f6:ff:10:1e:
f6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:62:AB:40:79:09:E8:EB:72:34:EB:BC:0E:E2:5E:9A:7C:8E:69:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
38:d9:e6:42:db:43:46:4b:a8:4a:55:d1:86:81:a2:22:c8:75:
8c:e0:19:26:01:f5:ec:41:ee:c6:ef:5c:fc:5e:64:2d:b6:c3:
e2:21:1d:4f:f5:6e:bc:5d:c3:3c:2b:e4:d8:22:1d:e8:6e:5c:
0d:d1:80:d4:82:11:f5:2d:3b:e4:e2:ae:f1:a2:dd:d3:4f:2e:
4c:a6:9a:13:5e:7e:d5:70:50:c1:ef:b5:d1:20:3e:fa:d5:a0:
72:f0:c4:70:17:56:ed:a4:fc:ba:10:b0:b8:41:f7:05:c1:a7:
d4:ac:80:44:9e:aa:9e:74:78:6b:79:2a:bc:f4:fa:7a:35:98:
58:b3:52:87:a7:ad:20:a6:62:40:01:3f:61:63:8c:9e:db:ad:
98:e2:4f:51:ad:ee:15:e9:23:fa:36:ba:23:1f:8a:c0:b8:cb:
fb:4c:73:52:0d:bc:7c:21:5b:56:de:f2:63:13:41:ab:11:ce:
ee:3d:7d:87:e4:60:86:ce:7d:ec:08:3c:7b:24:3b:16:06:55:
61:5c:96:86:ca:79:3b:a0:fd:3e:99:c2:84:eb:be:35:67:98:
1f:42:a9:57:05:f6:fd:56:85:05:e6:f2:ef:35:45:46:48:1a:
b5:93:4d:fb:6d:e8:0b:d7:bb:5f:c8:d9:5b:cf:4f:7d:27:53:
f5:66:20:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMo+/QsJyLpeeGe6kcIggFodnxCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjN2I5ZmJlOWJhMTM5ODVlNjZjZTViYWI2YjAwODE4YWFlNzdhZmI3ODMx
YjgwNzFkZDMzZDY4MTFjZTFlM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE3+LyCnCeOqNhiZAhCCaE7WP3XJRwYyR5Rjw31iFNltRJlYaC/3tLq3+hv
lLsZeQK1CK8nxdnNYeSprSfNOolZW2cUu96xf+M+0j/t5uS1vAf5MUitutgFD90W
VSeQhTd6dUMRT47es8SwtvUXntfG7BZGVJOAdyPiBwi3NI10CLgt0cXVzUR3U7qs
cSwXDISUSJLeRgnCxoufIAmua8gZNEL0UhFgWKacL87wxlGki34lJN9mj98RAOFZ
jDgUL00vtxNnKFpubQXcJnSDJt3aDP+exe7eHZAj9/cI9eg/AfTOuD0xXZKxxPR0
/cDpFeVUZJ9jvhCJk9D2/xAe9lcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSVYqtA
eQno63I067wO4l6afI5pQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkxYWI4ZTctODM3MC00OGVkLTllMjUtMGRjMjYwYmExOTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
wDANBgkqhkiG9w0BAQsFAAOCAQEAONnmQttDRkuoSlXRhoGiIsh1jOAZJgH17EHu
xu9c/F5kLbbD4iEdT/VuvF3DPCvk2CId6G5cDdGA1IIR9S075OKu8aLd008uTKaa
E15+1XBQwe+10SA++tWgcvDEcBdW7aT8uhCwuEH3BcGn1KyARJ6qnnR4a3kqvPT6
ejWYWLNSh6etIKZiQAE/YWOMntutmOJPUa3uFekj+ja6Ix+KwLjL+0xzUg28fCFb
Vt7yYxNBqxHO7j19h+Rghs597Ag8eyQ7FgZVYVyWhsp5O6D9PpnChOu+NWeYH0Kp
VwX2/VaFBeby7zVFRkgatZNN+23oC9e7X8jZW89PfSdT9WYgtg==
-----END CERTIFICATE-----
Generated at Fri May 2 18:06:21 2025 by rpki-client