Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
File: cf464545-0601-4fd5-a3a2-f4f3c022f248.roa (raw, json)
Hash identifier: kQW4GyLcKv3t/n3/ZB5VBOK7kBpZwc93yDEfbG5dpjY=
Subject key identifier: 09:A9:39:EE:81:A7:88:3A:D3:C0:6D:C4:6A:07:98:D1:74:E8:92:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79269CC7F591BBB706E2377AEEEAA557053908EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:26:9c:c7:f5:91:bb:b7:06:e2:37:7a:ee:ea:a5:57:05:39:08:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=76c48e2aedf4df77d8348b0815dfa6c89061847fcfdf50479935bd543a61684e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:10:75:7c:d4:27:00:e3:0c:c4:b3:65:a7:bc:
a7:5c:21:53:47:95:0d:2e:c3:a5:e5:5f:53:4a:6d:
97:cf:d5:bf:06:ad:58:72:9b:aa:c3:2a:fd:b8:63:
10:e4:ef:07:bb:cb:19:63:08:8f:b3:85:aa:b7:8c:
5f:3f:d7:9f:dd:f9:72:44:22:82:31:7d:f3:d7:ab:
32:a3:46:31:65:2e:b8:d6:e3:d4:a1:5b:dc:c6:2e:
01:85:17:71:49:64:9c:7f:10:c3:28:4b:a7:b2:f5:
43:84:80:14:a4:d8:71:ea:88:24:c1:9b:f2:9c:b1:
33:39:c9:2c:e7:8b:64:d0:69:de:dc:44:da:5b:c4:
0c:a4:5e:2c:32:f6:91:22:16:b0:39:0c:8e:8a:eb:
a2:f2:c4:9f:30:ff:58:2e:89:8e:c0:92:cb:6f:5c:
ff:b5:a7:4e:9d:2a:28:24:0d:38:2a:4d:30:66:15:
a5:f2:73:ce:14:89:83:17:1f:bd:a4:bc:b5:f2:fb:
ad:64:9c:42:74:00:30:22:ba:bc:5c:b2:5a:e6:3b:
8c:f8:66:fa:01:82:2e:88:40:1c:93:f8:15:0c:46:
9c:6b:aa:40:98:07:b3:70:59:ed:7e:16:a1:64:41:
1f:fa:d6:84:4a:4c:04:6b:e4:92:52:be:a0:20:ed:
43:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A9:39:EE:81:A7:88:3A:D3:C0:6D:C4:6A:07:98:D1:74:E8:92:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8040::/46
Signature Algorithm: sha256WithRSAEncryption
a2:8e:ad:5a:e9:c1:c4:d1:09:91:d1:ac:09:2d:e6:c7:29:4f:
94:3b:1b:ad:db:fe:d0:50:22:88:01:7d:02:24:1b:31:7e:d4:
6e:4f:62:eb:48:dd:4e:11:5d:b4:f8:0d:04:f8:8b:7b:48:e2:
de:02:75:1a:6f:14:bf:a5:4e:bf:c5:5e:3a:f1:6d:71:61:70:
32:3d:90:1d:22:ac:bd:78:ec:ee:f9:b4:7d:67:01:00:2a:3a:
4a:58:fd:44:6d:0b:2b:d9:27:be:6f:35:67:72:9b:37:1f:dd:
aa:ec:a0:8c:b1:33:ae:c6:4c:fa:f7:8c:e2:ae:9e:46:72:d1:
65:c7:42:06:8d:2e:fe:2d:3a:6e:36:64:ac:ba:de:a5:a8:8c:
32:68:4e:fa:51:7e:4a:ad:13:0c:a6:da:62:da:37:90:3f:bb:
6c:1f:e6:c1:79:3b:a4:a7:8e:f1:bb:61:7c:78:fc:41:2c:dc:
18:16:66:46:ce:14:32:91:5e:67:da:65:db:1e:87:6b:b3:db:
dd:57:11:17:a2:34:d2:b5:4f:27:fb:b5:13:77:60:0a:0c:64:
19:90:35:89:0d:20:55:6b:b0:26:65:24:1a:fc:fa:0f:08:aa:
7f:fa:a2:5c:7f:fb:73:23:5f:7a:26:30:ef:15:5f:0c:0b:f4:
4b:ab:73:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeSacx/WRu7cG4jd67uqlVwU5COswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YzQ4ZTJhZWRmNGRmNzdkODM0OGIwODE1ZGZhNmM4OTA2MTg0N2ZjZmRm
NTA0Nzk5MzViZDU0M2E2MTY4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoQdXzUJwDjDMSzZae8p1whU0eVDS7DpeVfU0ptl8/VvwatWHKbqsMq/bhj
EOTvB7vLGWMIj7OFqreMXz/Xn935ckQigjF989erMqNGMWUuuNbj1KFb3MYuAYUX
cUlknH8QwyhLp7L1Q4SAFKTYceqIJMGb8pyxMznJLOeLZNBp3txE2lvEDKReLDL2
kSIWsDkMjorrovLEnzD/WC6JjsCSy29c/7WnTp0qKCQNOCpNMGYVpfJzzhSJgxcf
vaS8tfL7rWScQnQAMCK6vFyyWuY7jPhm+gGCLohAHJP4FQxGnGuqQJgHs3BZ7X4W
oWRBH/rWhEpMBGvkklK+oCDtQ1kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJqTnu
gaeIOtPAbcRqB5jRdOiSKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y0NjQ1NDUtMDYwMS00ZmQ1LWEzYTItZjRmM2MwMjJmMjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
QDANBgkqhkiG9w0BAQsFAAOCAQEAoo6tWunBxNEJkdGsCS3mxylPlDsbrdv+0FAi
iAF9AiQbMX7Ubk9i60jdThFdtPgNBPiLe0ji3gJ1Gm8Uv6VOv8VeOvFtcWFwMj2Q
HSKsvXjs7vm0fWcBACo6Slj9RG0LK9knvm81Z3KbNx/dquygjLEzrsZM+veM4q6e
RnLRZcdCBo0u/i06bjZkrLrepaiMMmhO+lF+Sq0TDKbaYto3kD+7bB/mwXk7pKeO
8bthfHj8QSzcGBZmRs4UMpFeZ9pl2x6Ha7Pb3VcRF6I00rVPJ/u1E3dgCgxkGZA1
iQ0gVWuwJmUkGvz6Dwiqf/qiXH/7cyNfeiYw7xVfDAv0S6tzmg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:42 2025 by rpki-client