Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: z1/liXhPk87/DToxJqlD9Z0KKsgYPYonHgP3xuu9nNg=
Subject key identifier: 63:00:81:0A:CC:9C:53:8E:EC:FC:87:8C:33:00:6C:10:7F:F3:7C:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04826FE30FFAF27B893EC442A4434BAA4BD3E332
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:82:6f:e3:0f:fa:f2:7b:89:3e:c4:42:a4:43:4b:aa:4b:d3:e3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f510a1b597e4de12d47b3ad1d1449f279450bc496c90571e9b944d4dbe046a24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:18:b8:5e:e7:35:cf:6d:96:d5:ce:4d:e0:9c:
9a:59:85:a1:d9:f8:74:1b:20:1a:d8:3a:bc:10:c2:
e4:20:9a:3e:28:90:1e:81:72:87:0d:5f:c1:8b:53:
01:16:1d:bc:b7:af:5c:d6:66:11:47:c6:9f:ab:3c:
d1:3d:eb:13:a0:ab:4d:20:61:56:b8:31:44:49:ea:
ef:32:cd:02:5f:fb:01:92:70:cd:b7:26:1a:02:e4:
47:5e:83:f3:55:73:e8:c2:89:6d:3d:ef:bb:74:88:
23:83:f2:41:b4:c2:d5:c7:f5:7f:f8:ec:cf:f4:6e:
2f:27:b8:a1:48:45:5f:7f:13:64:d5:f6:10:ee:04:
c9:fb:31:8e:98:72:ea:97:72:11:9b:94:51:05:f4:
6b:7d:62:f7:df:d6:27:1d:4b:fc:a3:c2:11:5d:10:
f3:55:9e:51:0b:ca:13:64:aa:20:cd:7a:0a:a2:12:
58:83:12:d3:f4:b5:c5:01:fd:28:2f:11:93:7a:86:
08:1f:cd:40:05:1a:95:06:67:1e:4b:0f:d7:f0:2e:
c2:94:af:ca:9d:fe:2f:31:9c:de:27:c6:a3:26:e9:
92:ec:c0:84:12:69:2e:3f:91:40:e5:88:2b:2c:dd:
a7:57:b6:59:cf:59:c5:88:c9:05:60:04:22:a0:2b:
4a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:00:81:0A:CC:9C:53:8E:EC:FC:87:8C:33:00:6C:10:7F:F3:7C:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
5f:01:49:20:ef:0c:f1:1d:25:6d:8b:c0:3a:36:81:7b:26:5d:
65:0c:fe:35:91:32:e5:b4:d0:ce:3b:46:46:6d:99:29:22:73:
d4:6a:c8:fb:37:e8:58:a0:35:b9:d2:b2:aa:42:ec:69:44:af:
3d:cb:2c:a7:70:9c:df:cb:7e:3b:10:06:19:32:d2:d1:d2:ec:
04:92:65:96:39:17:8d:50:14:1e:f8:ca:e5:3c:71:af:47:2d:
a6:3b:19:82:14:80:f6:eb:ca:e5:6f:ef:33:af:45:10:7e:a3:
d7:5d:ed:76:b1:e6:e7:f8:bb:c6:55:13:07:81:6f:de:85:ea:
8f:d8:98:45:69:22:c3:85:a4:19:49:73:6d:72:b2:79:dc:8b:
56:75:ff:d1:77:53:db:a2:1c:33:97:76:e0:a4:94:d8:c9:10:
7c:79:51:9a:a8:cf:6d:d4:02:75:c9:c1:c6:23:ef:c7:86:d9:
ae:36:71:46:0c:3f:77:84:ba:75:a1:9a:ae:8d:07:5c:23:b7:
47:85:eb:c7:d2:62:bf:4c:91:cd:99:50:a2:67:70:23:f1:d8:
e3:f9:66:67:fc:7a:b9:1c:3f:b7:d6:da:55:13:ad:6a:39:7c:
6c:29:5f:b8:ac:4e:b7:01:76:c1:90:de:6f:ef:66:e7:83:52:
11:e0:e7:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBIJv4w/68nuJPsRCpENLqkvT4zIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MTBhMWI1OTdlNGRlMTJkNDdiM2FkMWQxNDQ5ZjI3OTQ1MGJjNDk2Yzkw
NTcxZTliOTQ0ZDRkYmUwNDZhMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQYuF7nNc9tltXOTeCcmlmFodn4dBsgGtg6vBDC5CCaPiiQHoFyhw1fwYtT
ARYdvLevXNZmEUfGn6s80T3rE6CrTSBhVrgxREnq7zLNAl/7AZJwzbcmGgLkR16D
81Vz6MKJbT3vu3SII4PyQbTC1cf1f/jsz/RuLye4oUhFX38TZNX2EO4Eyfsxjphy
6pdyEZuUUQX0a31i99/WJx1L/KPCEV0Q81WeUQvKE2SqIM16CqISWIMS0/S1xQH9
KC8Rk3qGCB/NQAUalQZnHksP1/AuwpSvyp3+LzGc3ifGoybpkuzAhBJpLj+RQOWI
Kyzdp1e2Wc9ZxYjJBWAEIqArSjUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjAIEK
zJxTjuz8h4wzAGwQf/N8EzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQBfAUkg7wzxHSVti8A6NoF7Jl1lDP41kTLltNDO
O0ZGbZkpInPUasj7N+hYoDW50rKqQuxpRK89yyyncJzfy347EAYZMtLR0uwEkmWW
OReNUBQe+MrlPHGvRy2mOxmCFID268rlb+8zr0UQfqPXXe12sebn+LvGVRMHgW/e
heqP2JhFaSLDhaQZSXNtcrJ53ItWdf/Rd1Pbohwzl3bgpJTYyRB8eVGaqM9t1AJ1
ycHGI+/HhtmuNnFGDD93hLp1oZqujQdcI7dHhevH0mK/TJHNmVCiZ3Aj8djj+WZn
/Hq5HD+31tpVE61qOXxsKV+4rE63AXbBkN5v72bng1IR4OcP
-----END CERTIFICATE-----
Generated at Fri May 2 16:50:00 2025 by rpki-client