Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
File: d62aaac2-f54a-4bc2-8155-22367e855165.roa (raw, json)
Hash identifier: /WdI8L3j9JKs90gnzNHGwOtepDpuoA8KR3uVqxrhEl0=
Subject key identifier: AF:5F:58:4B:83:5A:28:0C:4D:83:70:9F:A7:98:9E:DD:C6:39:44:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 725A991EA280C8C4FDA75AA1F8611BC63477D32E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:5a:99:1e:a2:80:c8:c4:fd:a7:5a:a1:f8:61:1b:c6:34:77:d3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=03311990b19d457586a0eb75c39849e919d9cbfcb7a46400d2436090be3c439e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:52:32:d8:a0:3c:ab:a8:93:e7:94:64:9c:f0:
72:27:78:9f:80:c1:8b:64:08:c1:db:36:06:a4:22:
96:77:e0:59:84:88:57:24:ee:8e:3b:38:8d:2b:07:
3b:80:bd:97:75:c9:a1:02:f9:60:09:b6:d4:32:b4:
3e:12:1a:8c:40:25:1a:67:ff:e8:63:a1:ae:dd:a5:
23:f5:6f:02:46:b1:2d:85:6f:7b:5e:34:44:97:38:
65:01:b0:cc:6f:f7:57:b9:a6:42:56:03:61:2f:65:
c2:2b:a3:3b:70:ef:ab:a4:c1:53:ad:a3:dc:be:f2:
99:f5:08:7b:e3:37:75:0f:e7:e5:50:68:c7:92:53:
de:b2:9c:e7:08:fd:be:52:e2:2a:f6:4b:7a:7e:f0:
ac:c2:cf:12:02:28:2e:56:2c:cc:d8:91:97:e5:b5:
f0:ec:d0:a3:ec:0b:35:8a:01:6d:63:aa:73:6a:4e:
64:ae:46:41:01:ba:11:85:41:1b:49:f5:60:d6:7b:
95:70:ac:5e:2d:2d:56:bc:b1:08:8d:6c:3b:07:fd:
72:b0:65:a5:50:ad:bf:ad:fb:3b:12:97:45:e3:31:
f5:b6:c8:63:74:f0:8e:39:c6:13:88:49:6e:db:bc:
7f:23:64:d4:d2:d6:47:9c:df:58:ae:ad:ac:29:04:
79:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5F:58:4B:83:5A:28:0C:4D:83:70:9F:A7:98:9E:DD:C6:39:44:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:b000::/40
Signature Algorithm: sha256WithRSAEncryption
36:f4:8b:f1:fe:9d:a9:d0:9e:75:39:a2:f8:08:6a:e7:23:e6:
c8:bc:d8:e5:30:fc:c0:fa:92:ae:3a:07:2c:48:aa:9d:3c:4a:
05:7d:f0:1f:fe:f1:e6:76:1f:ba:20:8e:93:37:30:9a:99:51:
34:3e:78:74:74:91:14:35:4b:89:1a:aa:c1:e8:60:ac:01:a5:
d3:e3:8d:b7:1d:2a:9c:d8:67:ec:71:cd:31:7d:58:95:8b:8c:
78:cb:e6:7e:01:f2:88:72:a0:6c:c8:5e:b9:09:cf:90:a7:5c:
e0:c1:0c:c4:45:d5:39:1c:a3:62:82:3c:40:94:68:02:59:c7:
0a:35:f7:77:4b:1c:77:86:d1:93:4d:f8:c7:f9:2f:8c:e2:15:
37:a6:61:8d:0a:3e:a0:c1:75:57:d1:a4:98:8d:dc:d0:0a:a5:
73:4c:1b:25:41:0b:b7:2e:99:e5:03:59:08:03:00:77:8b:5e:
8e:0d:08:12:0a:70:1f:37:e6:16:04:60:82:ed:18:2b:5d:56:
ee:ce:f9:97:0c:d6:3d:d4:a5:77:04:67:5e:85:5e:5d:17:d4:
e9:b0:e2:01:06:cf:70:54:f0:c8:fc:21:f1:f4:46:9b:63:66:
18:1d:fa:9f:6f:50:ad:18:23:f5:bb:ce:f2:1a:b3:5a:48:c5:
6c:d0:a6:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUclqZHqKAyMT9p1qh+GEbxjR30y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMzExOTkwYjE5ZDQ1NzU4NmEwZWI3NWMzOTg0OWU5MTlkOWNiZmNiN2E0
NjQwMGQyNDM2MDkwYmUzYzQzOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9SMtigPKuok+eUZJzwcid4n4DBi2QIwds2BqQilnfgWYSIVyTujjs4jSsH
O4C9l3XJoQL5YAm21DK0PhIajEAlGmf/6GOhrt2lI/VvAkaxLYVve140RJc4ZQGw
zG/3V7mmQlYDYS9lwiujO3Dvq6TBU62j3L7ymfUIe+M3dQ/n5VBox5JT3rKc5wj9
vlLiKvZLen7wrMLPEgIoLlYszNiRl+W18OzQo+wLNYoBbWOqc2pOZK5GQQG6EYVB
G0n1YNZ7lXCsXi0tVryxCI1sOwf9crBlpVCtv637OxKXReMx9bbIY3TwjjnGE4hJ
btu8fyNk1NLWR5zfWK6trCkEeaECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvX1hL
g1ooDE2DcJ+nmJ7dxjlEQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyYWFhYzItZjU0YS00YmMyLTgxNTUtMjIzNjdlODU1MTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKw
MA0GCSqGSIb3DQEBCwUAA4IBAQA29Ivx/p2p0J51OaL4CGrnI+bIvNjlMPzA+pKu
OgcsSKqdPEoFffAf/vHmdh+6II6TNzCamVE0Pnh0dJEUNUuJGqrB6GCsAaXT4423
HSqc2Gfscc0xfViVi4x4y+Z+AfKIcqBsyF65Cc+Qp1zgwQzERdU5HKNigjxAlGgC
WccKNfd3Sxx3htGTTfjH+S+M4hU3pmGNCj6gwXVX0aSYjdzQCqVzTBslQQu3Lpnl
A1kIAwB3i16ODQgSCnAfN+YWBGCC7RgrXVbuzvmXDNY91KV3BGdehV5dF9TpsOIB
Bs9wVPDI/CHx9EabY2YYHfqfb1CtGCP1u87yGrNaSMVs0Kb6
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:55 2025 by rpki-client