Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
File: cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa (raw, json)
Hash identifier: BYdPzcQhM+juOPBy+gWSatM6aKZDEn6ANEsbEUQbUvw=
Subject key identifier: F0:4E:92:E5:46:1C:67:96:A9:FB:E6:94:47:C3:FE:F5:11:86:37:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 347F5A2E90FDE306EFF73A8A7C720EA90EC1FFF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
Signing time: Fri 31 Jan 2025 00:00:00 +0000
ROA not before: Fri 31 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:7f:5a:2e:90:fd:e3:06:ef:f7:3a:8a:7c:72:0e:a9:0e:c1:ff:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 31 00:00:00 2025 GMT
Not After : Mar 7 23:59:59 2025 GMT
Subject: serialNumber=d60a2c35d1c63db9aaaffde9d2b9c64c784c5bd59fa9e41defe8c060ace4ada4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b5:46:e8:88:4a:19:d0:2d:a0:5d:58:f7:25:
24:e6:97:50:04:73:ea:f5:92:e1:f4:bc:ed:a2:1f:
41:81:73:89:02:79:29:27:40:06:7c:a2:d9:02:42:
80:49:f4:02:34:27:e9:af:46:19:86:2a:8a:70:57:
a7:ab:40:a0:5f:14:0e:6a:fb:44:2d:4f:59:67:8e:
60:a6:e8:55:5b:99:0d:ba:89:e2:64:80:bc:47:19:
6d:0c:ea:78:46:d9:cd:51:36:c9:0f:6b:bd:a6:dc:
1b:d1:28:a4:fb:fa:7a:e6:63:73:24:13:6c:f2:84:
c8:4f:49:68:2b:30:c5:10:6a:e8:77:52:b1:20:36:
03:23:a9:69:3b:bb:10:91:9c:bf:0e:5d:30:dd:11:
fc:8e:30:7d:e8:c4:7a:e3:e0:73:73:7a:f4:ad:57:
c0:e3:2c:d1:88:a9:f7:a6:5e:d1:d8:9d:67:64:88:
ee:06:31:de:5a:3f:4e:9c:c0:df:8b:3f:75:8c:1d:
99:b8:21:90:d0:ef:08:71:17:d5:76:d8:74:86:30:
12:b2:f4:d2:78:88:42:19:89:6b:43:23:00:b8:60:
6a:08:5a:23:5f:ae:a3:9b:b4:2c:1f:87:64:66:68:
0b:11:16:c9:37:13:f6:29:49:f3:c4:e4:9e:0e:59:
a0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4E:92:E5:46:1C:67:96:A9:FB:E6:94:47:C3:FE:F5:11:86:37:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/48
Signature Algorithm: sha256WithRSAEncryption
2c:6b:1d:58:c7:ec:9b:0a:82:7f:07:21:b9:4c:f0:02:9d:92:
d8:06:d4:01:e6:5a:36:94:09:5a:64:8d:52:87:e7:45:81:65:
7b:45:1d:76:1f:fb:99:86:6b:cb:d9:b2:79:be:39:39:d8:f6:
f8:f5:58:03:8d:6e:c5:f2:67:e1:0b:16:e6:71:92:df:d8:a0:
65:53:91:61:04:75:d6:4f:8c:5b:5e:02:2d:3a:ff:15:2e:b9:
10:8c:85:44:fa:37:b0:aa:e8:98:b1:d0:2b:cb:67:88:67:00:
e7:c2:a7:42:b2:9f:cf:01:6a:76:84:e0:13:92:27:2f:85:f5:
f4:ea:54:06:10:b5:5b:80:fa:74:8f:a0:1a:76:b9:96:e3:3b:
4e:3f:e4:69:20:f8:84:dd:dc:be:19:7f:ec:5e:41:f2:2b:a7:
cb:3b:28:bf:29:2b:43:24:e2:33:12:cb:2c:d6:33:af:f1:03:
d9:6f:ad:a0:b5:db:84:70:3f:58:58:0e:52:a1:4f:d7:3e:72:
48:90:47:06:13:80:e3:c1:ba:43:07:8c:75:09:aa:fa:fc:08:
b6:97:81:b7:79:98:e0:95:b3:11:f2:79:05:eb:29:12:30:82:
d6:90:33:ee:47:51:dc:3d:5a:1e:44:89:ff:fa:e2:5d:1d:d8:
f7:fc:2f:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNH9aLpD94wbv9zqKfHIOqQ7B//gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMzEwMDAwMDBaFw0yNTAzMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MGEyYzM1ZDFjNjNkYjlhYWFmZmRlOWQyYjljNjRjNzg0YzViZDU5ZmE5
ZTQxZGVmZThjMDYwYWNlNGFkYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq1RuiIShnQLaBdWPclJOaXUARz6vWS4fS87aIfQYFziQJ5KSdABnyi2QJC
gEn0AjQn6a9GGYYqinBXp6tAoF8UDmr7RC1PWWeOYKboVVuZDbqJ4mSAvEcZbQzq
eEbZzVE2yQ9rvabcG9EopPv6euZjcyQTbPKEyE9JaCswxRBq6HdSsSA2AyOpaTu7
EJGcvw5dMN0R/I4wfejEeuPgc3N69K1XwOMs0Yip96Ze0didZ2SI7gYx3lo/TpzA
34s/dYwdmbghkNDvCHEX1XbYdIYwErL00niIQhmJa0MjALhgaghaI1+uo5u0LB+H
ZGZoCxEWyTcT9ilJ88Tkng5ZoPUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTwTpLl
Rhxnlqn75pRHw/71EYY3LDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3OGI3MTQtY2U2Yy00YTlkLWE3MmUtZDMwYTM0NzBmMDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZQ
ADANBgkqhkiG9w0BAQsFAAOCAQEALGsdWMfsmwqCfwchuUzwAp2S2AbUAeZaNpQJ
WmSNUofnRYFle0Uddh/7mYZry9myeb45Odj2+PVYA41uxfJn4QsW5nGS39igZVOR
YQR11k+MW14CLTr/FS65EIyFRPo3sKromLHQK8tniGcA58KnQrKfzwFqdoTgE5In
L4X19OpUBhC1W4D6dI+gGna5luM7Tj/kaSD4hN3cvhl/7F5B8iunyzsovykrQyTi
MxLLLNYzr/ED2W+toLXbhHA/WFgOUqFP1z5ySJBHBhOA48G6QweMdQmq+vwItpeB
t3mY4JWzEfJ5BespEjCC1pAz7kdR3D1aHkSJ//riXR3Y9/wvpw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:03 2025 by rpki-client