Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: R+0klza3qD9wOb8aJcRm3MYIW2sCVKG/Oycv477dpNc=
Subject key identifier: 8D:C1:82:65:E4:E4:9A:29:D2:A6:52:A1:41:50:83:5C:3D:DC:A1:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76E7DE35650079D8621994F11F576093DA942706
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:e7:de:35:65:00:79:d8:62:19:94:f1:1f:57:60:93:da:94:27:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=16148f04adde50d19366dcfef875447005bd99c8ab4e82e32d0ca2972176bed7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ee:ad:62:dc:0a:0a:83:b3:63:34:4e:e5:2b:
3a:fa:05:af:7a:e0:ee:bc:de:2c:47:b9:68:18:e5:
74:e3:4f:79:0f:7b:db:83:59:12:46:d3:94:d6:23:
d6:d4:70:ba:09:a1:c1:48:bd:50:b7:5f:af:42:b8:
f1:63:9d:bc:0e:c1:28:78:d6:24:ab:a2:9d:d0:b8:
53:85:cb:40:07:2d:a0:cd:d6:f8:52:86:c9:96:21:
46:72:f9:72:b0:a9:bd:aa:7b:30:d8:a5:5d:7b:68:
8d:c3:f5:d3:0e:53:96:13:cf:0a:66:ca:8b:36:e3:
e8:66:b8:40:58:df:1c:3f:76:a3:c3:30:2d:a0:f4:
b9:4c:5d:04:4b:aa:9f:4c:64:9a:5a:c2:aa:47:77:
c7:4b:e3:b3:43:49:74:ff:44:24:20:07:bb:9c:15:
d7:80:4e:c3:07:4b:ed:43:78:c2:52:49:fc:ee:b2:
6e:47:6b:93:09:47:29:3a:86:5d:fe:87:1a:dc:06:
36:5d:05:82:d7:9e:a2:14:48:90:a1:45:b8:d6:94:
37:e8:eb:23:d8:84:68:17:0c:61:5b:c0:31:8a:14:
7d:71:64:85:74:f9:af:87:15:5b:5d:1b:d8:74:9f:
d5:14:7f:72:8e:13:70:a3:29:83:8e:ba:76:07:74:
be:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C1:82:65:E4:E4:9A:29:D2:A6:52:A1:41:50:83:5C:3D:DC:A1:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
8c:ed:a2:b6:d2:3d:fa:13:6d:6f:a5:8e:d9:0a:98:c6:f1:03:
fd:00:77:55:11:75:e0:4c:a8:00:99:2c:2e:1c:e6:d0:4e:59:
d7:03:a1:90:51:d7:8b:92:a1:ba:a1:14:b5:1b:2a:3a:61:95:
b4:0f:66:de:d6:bf:8e:92:d2:fa:58:65:98:e1:2f:df:ea:42:
f5:1d:5f:b1:de:42:ea:4e:95:c8:fa:4d:7f:e0:dc:68:1c:01:
a7:88:b0:88:43:e6:6e:93:3a:b3:02:b8:4c:b7:55:3f:70:cc:
2a:f0:95:75:02:bc:a3:08:d4:ec:8f:32:5f:63:a0:72:40:09:
a3:71:92:12:49:82:e6:70:35:e1:b2:6d:5c:48:ed:f6:4c:85:
32:b5:ea:e2:9e:c6:bb:1d:09:c3:cd:6f:31:e5:d7:f8:f1:dc:
f6:fb:a1:f8:31:10:03:5f:0f:89:f9:2a:9d:dd:07:c9:7f:82:
f5:d9:88:25:72:3b:b4:32:58:d5:ca:b1:43:09:d5:05:74:71:
45:c6:bc:4b:a8:0f:2f:fa:70:6f:6c:f3:91:b9:99:b8:5e:21:
5e:8b:54:af:be:42:17:b2:c0:1b:73:e9:a9:b1:a1:c1:94:ad:
15:f7:59:57:da:9f:5e:c3:5e:cc:06:c2:ac:1c:80:17:88:d9:
b3:f0:5a:5c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUdufeNWUAedhiGZTxH1dgk9qUJwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MTQ4ZjA0YWRkZTUwZDE5MzY2ZGNmZWY4NzU0NDcwMDViZDk5YzhhYjRl
ODJlMzJkMGNhMjk3MjE3NmJlZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjurWLcCgqDs2M0TuUrOvoFr3rg7rzeLEe5aBjldONPeQ9724NZEkbTlNYj
1tRwugmhwUi9ULdfr0K48WOdvA7BKHjWJKuindC4U4XLQActoM3W+FKGyZYhRnL5
crCpvap7MNilXXtojcP10w5TlhPPCmbKizbj6Ga4QFjfHD92o8MwLaD0uUxdBEuq
n0xkmlrCqkd3x0vjs0NJdP9EJCAHu5wV14BOwwdL7UN4wlJJ/O6ybkdrkwlHKTqG
Xf6HGtwGNl0FgteeohRIkKFFuNaUN+jrI9iEaBcMYVvAMYoUfXFkhXT5r4cVW10b
2HSf1RR/co4TcKMpg466dgd0vuECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSNwYJl
5OSaKdKmUqFBUINcPdyhHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBAIztorbSPfoTbW+ljtkKmMbxA/0Ad1URdeBMqACZ
LC4c5tBOWdcDoZBR14uSobqhFLUbKjphlbQPZt7Wv46S0vpYZZjhL9/qQvUdX7He
QupOlcj6TX/g3GgcAaeIsIhD5m6TOrMCuEy3VT9wzCrwlXUCvKMI1OyPMl9joHJA
CaNxkhJJguZwNeGybVxI7fZMhTK16uKexrsdCcPNbzHl1/jx3Pb7ofgxEANfD4n5
Kp3dB8l/gvXZiCVyO7QyWNXKsUMJ1QV0cUXGvEuoDy/6cG9s85G5mbheIV6LVK++
QheywBtz6amxocGUrRX3WVfan17DXswGwqwcgBeI2bPwWlw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:35 2025 by rpki-client