Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
File: cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa (raw, json)
Hash identifier: en1syLoEh8FVfG+GfNNCtWBkwDLyCwtp6/M+zvRiCRY=
Subject key identifier: D2:D3:A0:22:8E:E1:E6:C4:3B:A7:BF:1C:76:C3:10:4F:76:0E:CD:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F38D9E6C7E784490A8E5BCCA57124B36CC28558
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:38:d9:e6:c7:e7:84:49:0a:8e:5b:cc:a5:71:24:b3:6c:c2:85:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=6459f3d5c7d7c724830a3308aba0071490261857b6c592089148415b88594216, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:57:b0:cc:ce:83:12:0d:16:b9:2b:60:86:bf:
0c:5f:83:d2:38:8a:d1:bc:9b:73:fd:03:fd:67:b7:
16:8b:d7:49:79:11:99:ea:0e:d9:87:96:22:d9:7a:
4c:a1:fa:c6:c5:d8:e4:32:5a:04:8d:d5:be:25:c6:
e5:a7:fa:d7:c9:64:a3:7f:25:c1:a1:0b:67:d9:23:
1c:72:0d:10:a2:87:be:4a:c0:3d:a6:e1:15:a7:65:
7e:1b:e1:ae:04:0b:ed:00:87:c5:f1:6d:de:df:77:
4c:93:12:22:db:47:9e:93:36:e1:18:e8:bb:d1:b1:
6b:40:99:df:e5:69:e5:1e:89:63:33:5f:70:03:2c:
21:eb:ac:60:82:d4:6d:e7:00:cf:dc:60:a4:91:25:
f9:66:5f:c5:30:fa:87:10:f4:f3:07:35:0a:51:4c:
c4:fd:61:87:a6:41:44:e5:7b:dc:5e:c6:ba:0b:7a:
26:f1:78:25:9f:af:65:23:db:05:ca:7f:41:0a:0e:
6a:e0:00:46:22:3d:d9:19:2d:74:ed:af:43:68:fe:
5e:81:64:d2:36:3e:30:85:72:2d:50:ac:2e:d5:07:
db:5c:23:5f:2f:6d:75:93:d3:98:74:06:34:36:df:
28:a3:fe:24:ce:a7:4f:cd:dd:a4:b7:42:a8:53:43:
e7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D3:A0:22:8E:E1:E6:C4:3B:A7:BF:1C:76:C3:10:4F:76:0E:CD:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8020::/48
Signature Algorithm: sha256WithRSAEncryption
81:2b:1b:f9:72:eb:14:bb:48:a2:d4:14:de:10:8f:dd:4b:2c:
63:98:95:6d:a1:5c:1c:47:8d:b8:b6:3b:b9:5d:71:f0:24:a5:
41:26:8b:34:c6:d0:cd:79:53:a9:d4:6d:da:ac:da:9e:ef:aa:
ca:4c:9b:69:70:d2:cb:10:2e:0f:e6:2e:b8:a9:20:ff:3c:18:
92:c7:d0:b8:1c:f9:43:6f:ba:42:ee:c5:3f:d3:86:8f:cf:42:
39:ee:38:18:41:af:79:6d:89:64:e1:6e:a3:81:c8:c6:e0:4b:
20:7c:bf:f3:05:31:05:c3:66:5b:d2:61:0a:b3:25:c2:d0:7e:
c6:b4:fd:0a:3f:4e:aa:8e:c3:b4:b8:fe:0f:d1:3f:63:d7:92:
63:42:53:72:50:3c:a3:f2:0b:c9:60:8d:52:f5:06:d1:9c:7c:
2a:9d:76:12:2b:77:d2:88:ca:7f:3e:2e:28:5f:1f:10:18:41:
6f:18:6b:53:6c:5f:24:7b:3b:34:9c:ec:98:66:ce:48:19:67:
5b:ac:95:cf:1c:8a:bc:c9:e7:f7:1a:5e:3c:a5:3a:dc:e2:70:
2b:ca:ac:e4:51:0a:22:8f:67:6a:6c:ab:8f:ac:08:e4:a8:d1:
6b:9c:60:98:be:b4:08:a6:e5:3d:16:b9:d7:f6:33:bd:cd:ab:
a9:93:0a:61
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULzjZ5sfnhEkKjlvMpXEks2zChVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NTlmM2Q1YzdkN2M3MjQ4MzBhMzMwOGFiYTAwNzE0OTAyNjE4NTdiNmM1
OTIwODkxNDg0MTViODg1OTQyMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxXsMzOgxINFrkrYIa/DF+D0jiK0bybc/0D/We3FovXSXkRmeoO2YeWItl6
TKH6xsXY5DJaBI3VviXG5af618lko38lwaELZ9kjHHINEKKHvkrAPabhFadlfhvh
rgQL7QCHxfFt3t93TJMSIttHnpM24Rjou9Gxa0CZ3+Vp5R6JYzNfcAMsIeusYILU
becAz9xgpJEl+WZfxTD6hxD08wc1ClFMxP1hh6ZBROV73F7Gugt6JvF4JZ+vZSPb
Bcp/QQoOauAARiI92RktdO2vQ2j+XoFk0jY+MIVyLVCsLtUH21wjXy9tdZPTmHQG
NDbfKKP+JM6nT83dpLdCqFND51ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTS06Ai
juHmxDunvxx2wxBPdg7NmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZlMzE1ZTYtYzYzMC00OGJkLThkZTUtMjNlZWUwYWQ0MGNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
IDANBgkqhkiG9w0BAQsFAAOCAQEAgSsb+XLrFLtIotQU3hCP3UssY5iVbaFcHEeN
uLY7uV1x8CSlQSaLNMbQzXlTqdRt2qzanu+qykybaXDSyxAuD+YuuKkg/zwYksfQ
uBz5Q2+6Qu7FP9OGj89COe44GEGveW2JZOFuo4HIxuBLIHy/8wUxBcNmW9JhCrMl
wtB+xrT9Cj9Oqo7DtLj+D9E/Y9eSY0JTclA8o/ILyWCNUvUG0Zx8Kp12Eit30ojK
fz4uKF8fEBhBbxhrU2xfJHs7NJzsmGbOSBlnW6yVzxyKvMnn9xpePKU63OJwK8qs
5FEKIo9namyrj6wI5KjRa5xgmL60CKblPRa51/Yzvc2rqZMKYQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:26 2025 by rpki-client