Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: u+oZ0/ItEC3vo/Lv+p915bximDfMafg9B81VR1QDgQc=
Subject key identifier: 3D:B8:CD:77:22:26:63:A0:33:A6:F4:6A:D2:8B:1C:90:0C:88:89:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B0D2C4A16510290BD16BC658D83CDEBFC8F7F52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:0d:2c:4a:16:51:02:90:bd:16:bc:65:8d:83:cd:eb:fc:8f:7f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d8c46dcb98f88f7484664d4907ea4f8d2c1b7896bd9c28e5cc889c1ddcac0a96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:e5:2b:e2:e3:93:ad:14:5d:ee:18:34:20:
35:eb:87:04:65:93:d9:ce:e5:bb:c2:0e:82:bb:9d:
32:f8:4f:4f:3c:e6:6d:5f:8a:52:83:36:39:ed:1f:
65:8a:07:38:e9:74:16:81:b9:4b:75:e2:99:bf:a4:
78:1f:d7:c7:58:3d:79:91:39:07:eb:5a:f4:22:1d:
80:27:32:ae:ae:4a:96:57:09:f3:01:4f:b5:8e:1b:
b6:c9:64:10:7e:8d:6d:af:46:19:bf:e3:eb:50:05:
1b:28:1e:cd:24:e4:db:0f:d2:f4:1a:bc:69:84:91:
ee:58:5c:45:dc:66:19:79:08:20:b6:4c:3e:30:ac:
46:69:cb:dd:7a:50:36:3a:5a:1c:cd:21:92:d0:6a:
87:3a:cc:b9:3a:bc:1d:67:b6:6c:e6:f9:81:b3:02:
b6:25:04:90:ef:7c:d5:72:40:52:3c:f6:06:56:fa:
7f:73:0f:4d:9a:ef:9a:7c:7a:36:98:49:e2:cf:23:
a1:d8:20:10:6f:85:93:7c:33:d8:5a:f9:f3:6d:13:
58:fd:59:13:8c:87:43:e7:8c:53:07:d8:18:91:8a:
8b:e7:93:f7:ef:93:1e:1c:3a:49:d9:5a:3b:20:f2:
8d:20:ae:8a:33:df:b9:e4:27:76:05:84:23:72:14:
b6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B8:CD:77:22:26:63:A0:33:A6:F4:6A:D2:8B:1C:90:0C:88:89:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
67:14:00:47:d7:c5:64:ca:7a:66:92:e7:8d:d3:a8:60:ac:64:
fa:fa:86:18:9d:4f:4f:15:17:ad:1a:1d:34:c2:49:ca:1f:52:
5e:fa:54:79:38:e4:f8:6e:35:bd:86:35:a0:7d:00:b8:2a:dd:
f4:54:de:2b:bc:54:5d:fa:c8:d6:c6:fc:9d:67:c1:b5:b6:16:
21:5c:2c:c5:4e:54:93:69:3c:68:ab:3e:7d:64:83:21:d8:4b:
e6:53:3b:1b:b5:ae:94:89:8c:8f:7e:3a:4b:bd:a7:21:21:45:
45:e9:a1:55:a9:e8:70:78:e3:fb:a1:7f:26:2d:eb:12:a9:ad:
7c:4c:48:e5:5f:9e:85:9e:d6:84:31:8f:ab:f2:bd:0d:68:06:
05:bd:3f:a8:bc:a4:f3:e9:fd:ff:16:a0:50:04:fa:99:34:a6:
74:1b:9c:47:db:c9:45:3e:12:68:94:4c:25:17:ec:19:1a:2a:
c6:b5:48:8b:01:10:fd:af:02:48:74:01:c8:42:34:ba:45:ee:
c9:e1:f0:77:b8:ef:4a:92:62:e7:a9:24:63:15:43:18:c1:42:
42:16:a6:c4:87:62:5f:ff:3b:4f:f2:9d:97:5e:2e:cc:a5:11:
95:3c:3e:9e:6b:0b:8b:99:44:4f:37:d6:6b:6c:a5:06:66:7a:
c2:93:7a:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKw0sShZRApC9FrxljYPN6/yPf1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4YzQ2ZGNiOThmODhmNzQ4NDY2NGQ0OTA3ZWE0ZjhkMmMxYjc4OTZiZDlj
MjhlNWNjODg5YzFkZGNhYzBhOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmN5Svi45OtFF3uGDQgNeuHBGWT2c7lu8IOgrudMvhPTzzmbV+KUoM2Oe0f
ZYoHOOl0FoG5S3Ximb+keB/Xx1g9eZE5B+ta9CIdgCcyrq5KllcJ8wFPtY4btslk
EH6Nba9GGb/j61AFGygezSTk2w/S9Bq8aYSR7lhcRdxmGXkIILZMPjCsRmnL3XpQ
NjpaHM0hktBqhzrMuTq8HWe2bOb5gbMCtiUEkO981XJAUjz2Blb6f3MPTZrvmnx6
NphJ4s8jodggEG+Fk3wz2Fr5820TWP1ZE4yHQ+eMUwfYGJGKi+eT9++THhw6Sdla
OyDyjSCuijPfueQndgWEI3IUttsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9uM13
IiZjoDOm9GrSixyQDIiJ0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQBnFABH18VkynpmkueN06hgrGT6+oYYnU9PFRet
Gh00wknKH1Je+lR5OOT4bjW9hjWgfQC4Kt30VN4rvFRd+sjWxvydZ8G1thYhXCzF
TlSTaTxoqz59ZIMh2EvmUzsbta6UiYyPfjpLvachIUVF6aFVqehweOP7oX8mLesS
qa18TEjlX56FntaEMY+r8r0NaAYFvT+ovKTz6f3/FqBQBPqZNKZ0G5xH28lFPhJo
lEwlF+wZGirGtUiLARD9rwJIdAHIQjS6Re7J4fB3uO9KkmLnqSRjFUMYwUJCFqbE
h2Jf/ztP8p2XXi7MpRGVPD6eawuLmURPN9ZrbKUGZnrCk3oa
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:44 2025 by rpki-client