Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: +fNBem0N3LTVEFZVlmUw9hUAXPyeRhIevXDGtsdmOhU=
Subject key identifier: CD:F0:06:85:3C:1D:B1:7C:45:49:84:18:5C:AF:D3:39:9F:6B:FE:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5011725B0D81E48D9D2E1917B81299A2B8C5EF93
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:11:72:5b:0d:81:e4:8d:9d:2e:19:17:b8:12:99:a2:b8:c5:ef:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=39d52df43921aa46c2ae1011c980702e6cfae15c65531a6f449b70aed1e65638, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:85:8b:58:45:1c:0c:9d:b1:e3:33:7e:3c:2d:
0e:d0:7e:89:a0:65:94:04:07:c0:36:18:e3:6f:d9:
e5:30:34:9d:fa:d4:ae:f5:e6:a0:08:b4:78:b2:60:
f4:07:c9:2f:87:f2:23:33:49:60:9a:56:38:60:1c:
c5:f3:2f:42:84:5d:b2:60:dc:7b:33:38:6a:f1:ab:
49:d0:a7:4d:f8:27:5e:42:9b:30:3e:2f:0e:13:17:
1d:d8:61:aa:c7:b5:3c:19:ce:97:e1:33:71:96:7e:
7a:12:b9:73:bf:25:28:a0:1c:c5:c3:27:55:fb:69:
f6:5a:d3:9d:dc:7e:a6:6e:fb:57:bb:44:c2:4e:01:
2f:aa:8b:4c:7c:32:69:4f:a1:93:b6:bd:f6:46:eb:
37:0b:fa:bf:cc:c2:cc:79:e0:22:dd:05:f2:63:1e:
95:d5:bc:88:8c:ce:3f:5b:4b:8a:00:c2:7b:b4:82:
05:76:8d:fa:d8:bf:cd:39:43:44:38:ca:c5:37:10:
8a:69:d3:b2:02:c9:10:d7:0b:5b:48:2a:91:3c:2d:
7e:8c:96:d8:65:50:0c:90:bd:ac:77:87:ea:23:f5:
b6:52:ad:7f:28:3f:10:7f:c1:a5:d6:e8:2f:73:80:
f7:ae:35:f8:8c:01:36:4d:16:b4:94:d8:f5:ce:32:
0f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F0:06:85:3C:1D:B1:7C:45:49:84:18:5C:AF:D3:39:9F:6B:FE:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
33:eb:cb:d1:8e:3b:bd:b8:bc:29:0b:83:bc:a3:1f:8c:02:07:
d2:b9:1d:e7:2c:ec:02:a6:5a:81:64:95:10:89:77:3a:d5:05:
60:24:53:b3:93:90:e9:97:e2:de:bb:e4:bc:03:43:bb:ef:57:
8a:aa:71:53:11:36:5e:97:f3:f1:79:38:40:9b:f7:5a:9a:6c:
be:7b:e7:e4:a6:df:e8:f7:d0:47:31:5e:c3:e8:4e:68:d4:c0:
a1:0a:e9:62:14:3d:6f:8f:9a:b0:e5:43:0f:a0:58:39:d9:7e:
12:95:dc:03:c1:26:9c:4b:d4:b1:1b:0b:9a:24:28:b6:2a:65:
74:ea:8c:62:64:cf:61:e0:53:a6:fb:6e:05:f1:20:20:2d:e1:
2f:b3:5b:a1:38:5f:da:53:6f:b6:5a:2d:3f:23:68:bf:44:3e:
43:b9:ea:7d:21:98:03:4a:59:d3:a3:bc:b1:a6:11:51:89:78:
f7:43:36:d6:84:1c:07:f2:d6:ff:07:66:53:12:36:0b:48:33:
c1:59:69:26:39:1d:97:fa:a2:7d:38:61:de:7c:e4:cf:fe:9c:
7b:73:81:96:da:73:a1:43:97:07:35:74:e6:53:2e:5a:e7:18:
a2:07:ce:e5:9c:08:b4:1a:da:5d:b2:24:d1:07:c0:21:bf:86:
a3:80:b3:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUBFyWw2B5I2dLhkXuBKZorjF75MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5ZDUyZGY0MzkyMWFhNDZjMmFlMTAxMWM5ODA3MDJlNmNmYWUxNWM2NTUz
MWE2ZjQ0OWI3MGFlZDFlNjU2MzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuFi1hFHAydseMzfjwtDtB+iaBllAQHwDYY42/Z5TA0nfrUrvXmoAi0eLJg
9AfJL4fyIzNJYJpWOGAcxfMvQoRdsmDcezM4avGrSdCnTfgnXkKbMD4vDhMXHdhh
qse1PBnOl+EzcZZ+ehK5c78lKKAcxcMnVftp9lrTndx+pm77V7tEwk4BL6qLTHwy
aU+hk7a99kbrNwv6v8zCzHngIt0F8mMeldW8iIzOP1tLigDCe7SCBXaN+ti/zTlD
RDjKxTcQimnTsgLJENcLW0gqkTwtfoyW2GVQDJC9rHeH6iP1tlKtfyg/EH/Bpdbo
L3OA9641+IwBNk0WtJTY9c4yD8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTN8AaF
PB2xfEVJhBhcr9M5n2v+mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQAz68vRjju9uLwpC4O8ox+MAgfSuR3nLOwCplqB
ZJUQiXc61QVgJFOzk5Dpl+Leu+S8A0O771eKqnFTETZel/PxeThAm/dammy+e+fk
pt/o99BHMV7D6E5o1MChCuliFD1vj5qw5UMPoFg52X4SldwDwSacS9SxGwuaJCi2
KmV06oxiZM9h4FOm+24F8SAgLeEvs1uhOF/aU2+2Wi0/I2i/RD5Duep9IZgDSlnT
o7yxphFRiXj3QzbWhBwH8tb/B2ZTEjYLSDPBWWkmOR2X+qJ9OGHefOTP/px7c4GW
2nOhQ5cHNXTmUy5a5xiiB87lnAi0GtpdsiTRB8Ahv4ajgLNt
-----END CERTIFICATE-----
Generated at Fri May 2 15:37:13 2025 by rpki-client