Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa
File: ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa (raw, json)
Hash identifier: uXkK1UWczvnG/Gs2vlIs3TFTyB8FeEssNE2Fh5iKf1I=
Subject key identifier: 1C:B4:47:67:4E:B6:8A:31:2A:6F:9C:6A:BF:CF:A5:3A:C5:A4:74:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5769E8EE6CE46964CEDC594B9213866B8A255010
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:60c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:69:e8:ee:6c:e4:69:64:ce:dc:59:4b:92:13:86:6b:8a:25:50:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=2267ed4644943241b5ce4996019576044ed33001fc3f54d8cbe6d2ec88454b12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:e8:7e:bc:78:41:13:04:a1:ad:ab:30:38:
02:a7:36:6a:02:9b:dc:11:ab:8c:5c:95:d5:f0:72:
3a:a5:2b:ab:f0:0f:c6:98:9b:e4:ea:82:5d:89:cc:
cd:aa:64:19:4f:36:7b:08:ae:9a:0c:06:2c:91:8a:
70:e4:59:38:68:96:8e:38:f2:40:e5:7f:b2:71:6a:
5b:a4:0d:74:67:f0:3c:51:6a:bc:c8:06:cf:25:2f:
f0:3f:87:8b:da:9a:f9:a5:66:87:48:44:da:8c:85:
c9:9e:6d:09:b6:fb:ee:ae:d9:6c:07:7f:94:27:bd:
66:96:eb:50:12:2d:94:4a:b9:dc:06:ac:30:6d:ff:
83:a2:51:fe:2f:42:c0:fa:97:89:14:18:69:6e:a5:
da:4f:ff:fb:cb:7f:df:ad:95:42:2b:03:c9:35:c1:
1d:c2:67:bd:65:fa:22:59:f9:2d:5f:30:92:79:fc:
c2:3d:68:b2:08:14:25:3f:0d:c0:d0:e3:40:bc:e1:
25:5c:3c:10:7b:51:73:93:7a:ba:2d:27:31:72:cb:
06:ee:1b:ca:3b:4a:13:31:56:38:2f:35:a5:06:58:
00:b7:3e:ac:51:f4:0c:fd:4b:ff:08:0c:69:6b:96:
fd:53:6e:9f:38:e3:8f:c7:0b:4e:59:8f:db:17:25:
79:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B4:47:67:4E:B6:8A:31:2A:6F:9C:6A:BF:CF:A5:3A:C5:A4:74:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
b4:17:e0:e9:43:a0:f8:82:e9:c8:d5:e3:db:0d:8d:c9:be:15:
13:ae:4f:3e:c0:d6:17:0d:3f:65:ab:dc:b8:07:6e:3d:3c:ac:
54:2f:3f:7f:ab:83:38:b5:58:d4:f6:c7:55:3b:e7:66:f4:5f:
b5:5e:de:51:c7:7d:aa:32:3f:72:d8:a4:3a:b1:5b:18:fc:01:
84:37:ff:b9:02:25:b0:4c:b0:bd:51:d8:9f:67:dd:cd:04:c8:
d5:8c:55:8b:eb:cd:e8:72:94:ce:e5:7c:fc:f8:53:e5:1b:f5:
f6:22:a9:20:4c:f5:3c:00:f5:d5:80:74:c2:54:c5:36:80:af:
ef:33:65:08:33:00:22:c3:ac:32:50:21:95:50:bb:94:bf:3b:
8e:8b:cb:04:6d:fc:01:4c:a3:06:df:e9:b0:7a:2e:3f:47:0c:
9b:ff:dd:08:fa:b2:ef:42:be:d4:a5:6b:25:41:4d:85:15:1e:
a6:e0:3a:c2:78:ca:d1:bd:e1:32:fe:23:19:f6:67:db:af:d1:
4a:de:bf:d9:86:50:8d:b0:be:e8:ff:ca:a7:9e:c6:e8:a7:35:
9e:06:d0:91:2e:71:12:52:94:03:26:b5:fd:5a:03:a4:4c:31:
5d:20:4d:01:2d:fe:97:7e:59:f3:af:c4:02:e8:aa:84:f4:df:
54:b0:55:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV2no7mzkaWTO3FlLkhOGa4olUBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNjdlZDQ2NDQ5NDMyNDFiNWNlNDk5NjAxOTU3NjA0NGVkMzMwMDFmYzNm
NTRkOGNiZTZkMmVjODg0NTRiMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKU6H68eEETBKGtqzA4Aqc2agKb3BGrjFyV1fByOqUrq/APxpib5OqCXYnM
zapkGU82ewiumgwGLJGKcORZOGiWjjjyQOV/snFqW6QNdGfwPFFqvMgGzyUv8D+H
i9qa+aVmh0hE2oyFyZ5tCbb77q7ZbAd/lCe9ZpbrUBItlEq53AasMG3/g6JR/i9C
wPqXiRQYaW6l2k//+8t/362VQisDyTXBHcJnvWX6Iln5LV8wknn8wj1osggUJT8N
wNDjQLzhJVw8EHtRc5N6ui0nMXLLBu4byjtKEzFWOC81pQZYALc+rFH0DP1L/wgM
aWuW/VNunzjjj8cLTlmP2xcleakCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQctEdn
TraKMSpvnGq/z6U6xaR0uzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ExZWQ0OTMtYWNjZi00ZTdlLTg1NDItY2RiMWY4ZDQ4MzRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hdg
wDANBgkqhkiG9w0BAQsFAAOCAQEAtBfg6UOg+ILpyNXj2w2Nyb4VE65PPsDWFw0/
ZavcuAduPTysVC8/f6uDOLVY1PbHVTvnZvRftV7eUcd9qjI/ctikOrFbGPwBhDf/
uQIlsEywvVHYn2fdzQTI1YxVi+vN6HKUzuV8/PhT5Rv19iKpIEz1PAD11YB0wlTF
NoCv7zNlCDMAIsOsMlAhlVC7lL87jovLBG38AUyjBt/psHouP0cMm//dCPqy70K+
1KVrJUFNhRUepuA6wnjK0b3hMv4jGfZn26/RSt6/2YZQjbC+6P/Kp57G6Kc1ngbQ
kS5xElKUAya1/VoDpEwxXSBNAS3+l35Z86/EAuiqhPTfVLBVxw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:19 2025 by rpki-client