Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
File: d4a512a3-4257-431f-b201-8d747948cebb.roa (raw, json)
Hash identifier: tb0MKqX6fxIpup2TBBnV+1GivPD3HX9YxEfiJq9kJeY=
Subject key identifier: 21:E7:3B:1F:34:37:71:21:3D:E1:BA:06:6B:83:30:2D:F8:EE:A1:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 329775C28051C85E6847544BF34A563B4743EB7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:97:75:c2:80:51:c8:5e:68:47:54:4b:f3:4a:56:3b:47:43:eb:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=7428fd96a70bfabbd078fd5377f2f8dcef78b1b82321f71d8ee96f0e7d8021a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ce:8d:6c:5f:99:52:e4:e8:f9:4a:f9:c4:da:
31:79:f8:e0:62:eb:72:31:cc:58:72:ce:70:47:84:
30:70:4d:98:88:2e:ab:60:4f:ea:f9:1e:29:b2:64:
58:1f:f0:97:c0:77:2f:1b:8b:24:9d:a1:bf:8d:0a:
31:1a:63:e4:d3:2d:62:43:71:a0:83:50:16:75:d6:
9a:59:7f:86:b2:bd:04:73:44:6e:13:6b:6e:bb:c1:
59:65:38:03:f7:f8:6a:23:92:cf:7a:c9:4e:36:bb:
81:e4:37:9a:d7:32:2e:98:b3:48:40:31:2f:20:f9:
ea:40:50:b8:26:22:df:08:af:5b:dc:c3:b4:a7:c0:
ca:48:0a:84:41:3a:60:43:9b:08:4a:3b:8a:cb:a0:
6c:f5:b4:4c:6a:82:c3:a9:39:65:8e:bd:20:80:5d:
38:2c:f0:cd:11:c3:96:83:4a:78:89:6a:af:38:7c:
db:36:51:aa:e9:e1:61:bb:ed:af:26:0e:46:2c:22:
74:bd:9e:9a:10:1e:da:62:2d:e8:c8:8d:c8:ed:4d:
a5:0a:6d:7c:b3:59:23:6b:57:6c:8f:7f:0a:0b:c6:
ab:80:cc:ca:8b:93:12:39:29:c8:41:f9:3d:68:22:
03:cf:6f:2c:81:cc:19:45:4a:4c:82:e9:60:8a:e9:
fe:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E7:3B:1F:34:37:71:21:3D:E1:BA:06:6B:83:30:2D:F8:EE:A1:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
13:f6:aa:ed:08:0a:3a:95:06:f4:00:68:16:2a:13:1e:77:89:
34:da:60:4c:3d:21:fa:dd:16:3c:43:97:d8:12:c9:4f:41:fd:
76:0a:95:d6:fb:91:9c:13:50:89:9e:17:18:3e:91:d8:f5:85:
6f:80:96:a6:46:c0:1f:7a:d0:83:7d:82:75:cc:2b:c9:75:07:
5e:d0:b5:08:54:46:ab:75:0a:b8:26:30:3b:cf:c8:53:05:be:
73:fe:00:92:84:7a:0c:71:04:ce:34:0b:ff:74:eb:5e:d3:24:
01:a7:e8:24:10:3c:9a:bb:c2:f1:86:e9:3b:5f:e3:b6:7f:65:
45:71:ec:cf:5e:82:2e:b6:fb:8a:9e:89:a5:ff:3b:b7:dd:81:
5a:0c:2b:aa:b8:50:aa:e7:f6:ea:fc:e7:45:15:5b:c7:14:a9:
0a:57:de:36:9b:1a:d2:58:40:0e:7e:38:c3:38:c9:79:6e:c5:
e0:2f:ab:a5:fb:79:4f:41:f2:7e:5a:36:f5:10:b4:45:5e:8a:
9d:b9:0b:14:f2:e9:71:ec:77:39:63:ae:7c:57:9a:a5:dc:d5:
96:25:51:ed:a5:46:8b:8c:31:d7:af:8f:91:e9:41:04:5d:6f:
1b:e7:03:27:4b:46:40:b7:be:c0:10:17:ad:bd:b1:b1:fb:3a:
fb:2d:95:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMpd1woBRyF5oR1RL80pWO0dD63wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MjhmZDk2YTcwYmZhYmJkMDc4ZmQ1Mzc3ZjJmOGRjZWY3OGIxYjgyMzIx
ZjcxZDhlZTk2ZjBlN2Q4MDIxYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvOjWxfmVLk6PlK+cTaMXn44GLrcjHMWHLOcEeEMHBNmIguq2BP6vkeKbJk
WB/wl8B3LxuLJJ2hv40KMRpj5NMtYkNxoINQFnXWmll/hrK9BHNEbhNrbrvBWWU4
A/f4aiOSz3rJTja7geQ3mtcyLpizSEAxLyD56kBQuCYi3wivW9zDtKfAykgKhEE6
YEObCEo7isugbPW0TGqCw6k5ZY69IIBdOCzwzRHDloNKeIlqrzh82zZRqunhYbvt
ryYORiwidL2emhAe2mIt6MiNyO1NpQptfLNZI2tXbI9/CgvGq4DMyouTEjkpyEH5
PWgiA89vLIHMGUVKTILpYIrp/vcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQh5zsf
NDdxIT3hugZrgzAt+O6hXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDRhNTEyYTMtNDI1Ny00MzFmLWIyMDEtOGQ3NDc5NDhjZWJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
wDANBgkqhkiG9w0BAQsFAAOCAQEAE/aq7QgKOpUG9ABoFioTHneJNNpgTD0h+t0W
PEOX2BLJT0H9dgqV1vuRnBNQiZ4XGD6R2PWFb4CWpkbAH3rQg32CdcwryXUHXtC1
CFRGq3UKuCYwO8/IUwW+c/4AkoR6DHEEzjQL/3TrXtMkAafoJBA8mrvC8YbpO1/j
tn9lRXHsz16CLrb7ip6Jpf87t92BWgwrqrhQquf26vznRRVbxxSpClfeNpsa0lhA
Dn44wzjJeW7F4C+rpft5T0Hyflo29RC0RV6KnbkLFPLpcex3OWOufFeapdzVliVR
7aVGi4wx16+PkelBBF1vG+cDJ0tGQLe+wBAXrb2xsfs6+y2VRg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:25 2025 by rpki-client