Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1bbfc0-2eff-4e40-9237-7b92cdb79b78.roa
File: ca1bbfc0-2eff-4e40-9237-7b92cdb79b78.roa (raw, json)
Hash identifier: KCBEUxgE5Ake882Jh0upvKyQifKcgr10o6zvnh5gMAE=
Subject key identifier: 00:B7:F4:9F:54:E9:15:7B:CD:7C:86:C8:81:91:A9:9D:4E:3F:89:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FDF40CC67A266D916CCDB79263034419E3EA86E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1bbfc0-2eff-4e40-9237-7b92cdb79b78.roa
Signing time: Fri 17 Jan 2025 00:00:00 +0000
ROA not before: Fri 17 Jan 2025 00:00:00 +0000
ROA not after: Fri 21 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:df:40:cc:67:a2:66:d9:16:cc:db:79:26:30:34:41:9e:3e:a8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 17 00:00:00 2025 GMT
Not After : Feb 21 23:59:59 2025 GMT
Subject: serialNumber=8847f34325af37572cd7840f583b58342599cc4fa74a3e67e42e0921e704c03e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f7:74:df:f3:71:4f:3d:50:1a:78:f1:34:46:
e8:73:30:cc:53:ae:41:a7:b7:c9:f4:ad:9e:23:25:
69:62:05:dd:98:f2:43:a1:13:15:f1:cf:05:e4:78:
5f:67:1f:6b:97:e9:f1:84:2d:38:29:23:44:93:4a:
8a:83:05:d7:f0:86:96:40:5d:a0:3a:e7:04:06:74:
c4:24:21:f1:06:9c:2d:32:52:87:a8:86:c1:d4:e4:
e8:17:f7:74:40:52:34:61:d1:35:11:60:d0:ab:44:
a7:97:cc:ce:c5:b0:13:f4:cb:7d:db:e1:2d:4c:bc:
89:fb:1f:74:85:33:dd:ef:77:d8:46:16:f3:b9:d3:
cb:30:f3:d2:9d:66:2c:f6:10:d9:f3:ba:dd:f6:e8:
99:9c:e5:cd:bf:e1:e9:71:e8:5a:63:9f:7a:4d:4f:
ac:5a:e8:4f:d1:91:b9:af:95:cb:2f:c3:26:5b:75:
db:68:89:2e:98:31:20:bc:19:85:c3:90:8f:aa:2d:
1d:02:96:fc:59:43:3e:10:2d:dc:bc:82:1e:19:aa:
fa:9b:14:db:42:ca:87:2d:16:4b:67:11:b3:ab:27:
b9:6d:f9:55:b6:a8:ab:c3:5c:f7:b2:f4:a7:dd:72:
8f:7f:eb:54:98:04:44:5a:94:49:42:6b:fc:e0:64:
84:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B7:F4:9F:54:E9:15:7B:CD:7C:86:C8:81:91:A9:9D:4E:3F:89:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1bbfc0-2eff-4e40-9237-7b92cdb79b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
b9:58:1c:fc:43:19:53:de:0b:b9:1a:db:c8:86:87:81:ce:f7:
72:dd:ac:b4:21:9a:80:b8:1e:5c:33:65:69:2e:58:13:b1:c8:
eb:8d:f1:05:77:7b:20:a2:22:4b:cb:a8:5e:dd:b5:f9:aa:fe:
7f:f3:ad:dd:f2:95:20:72:d3:a6:3b:a2:a2:ea:e2:8f:7b:c1:
b1:a7:c9:e1:71:7e:ad:bb:39:83:8b:d1:54:cc:49:b7:c5:64:
97:3d:2c:43:81:12:bf:09:8d:8e:68:31:1f:be:15:f8:f2:54:
a4:ff:45:ca:80:d5:18:0e:f0:a0:a1:45:bd:fb:81:eb:12:90:
50:20:33:63:c0:25:a8:c6:cf:4a:9b:41:ba:9a:7e:57:5f:1a:
56:63:09:e0:7f:7c:b8:0c:33:32:df:78:96:4a:3c:72:3a:59:
83:3e:a3:23:d8:69:02:80:cb:b6:76:36:73:d5:1d:ba:f7:00:
4d:bd:a6:c1:6f:25:9d:c8:cb:9e:32:55:02:68:a5:8e:ca:b2:
b4:74:d9:6f:45:65:f0:73:83:d5:1b:36:b3:08:d5:ce:59:a9:
b7:f7:5a:ae:77:34:81:c4:58:17:26:78:10:67:64:01:47:a3:
cf:b1:8d:b6:40:ba:58:a2:1e:01:c8:90:b2:25:ab:6f:18:48:
74:02:67:38
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUH99AzGeiZtkWzNt5JjA0QZ4+qG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTcwMDAwMDBaFw0yNTAyMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NDdmMzQzMjVhZjM3NTcyY2Q3ODQwZjU4M2I1ODM0MjU5OWNjNGZhNzRh
M2U2N2U0MmUwOTIxZTcwNGMwM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/3dN/zcU89UBp48TRG6HMwzFOuQae3yfStniMlaWIF3ZjyQ6ETFfHPBeR4
X2cfa5fp8YQtOCkjRJNKioMF1/CGlkBdoDrnBAZ0xCQh8QacLTJSh6iGwdTk6Bf3
dEBSNGHRNRFg0KtEp5fMzsWwE/TLfdvhLUy8ifsfdIUz3e932EYW87nTyzDz0p1m
LPYQ2fO63fbomZzlzb/h6XHoWmOfek1PrFroT9GRua+Vyy/DJlt122iJLpgxILwZ
hcOQj6otHQKW/FlDPhAt3LyCHhmq+psU20LKhy0WS2cRs6snuW35Vbaoq8Nc97L0
p91yj3/rVJgERFqUSUJr/OBkhIECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQAt/Sf
VOkVe818hsiBkamdTj+JhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ExYmJmYzAtMmVmZi00ZTQwLTkyMzctN2I5MmNkYjc5Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBALlYHPxDGVPeC7ka28iGh4HO93LdrLQhmoC4Hlwz
ZWkuWBOxyOuN8QV3eyCiIkvLqF7dtfmq/n/zrd3ylSBy06Y7oqLq4o97wbGnyeFx
fq27OYOL0VTMSbfFZJc9LEOBEr8JjY5oMR++FfjyVKT/RcqA1RgO8KChRb37gesS
kFAgM2PAJajGz0qbQbqafldfGlZjCeB/fLgMMzLfeJZKPHI6WYM+oyPYaQKAy7Z2
NnPVHbr3AE29psFvJZ3Iy54yVQJopY7KsrR02W9FZfBzg9UbNrMI1c5Zqbf3Wq53
NIHEWBcmeBBnZAFHo8+xjbZAuliiHgHIkLIlq28YSHQCZzg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:11 2025 by rpki-client