Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: yOh9McwWGXKZ31a36jvboVk3gSCD1dRE45XqyuUhhxk=
Subject key identifier: D0:50:9B:24:BB:A8:05:01:E6:E1:2C:7A:50:8E:36:62:08:A0:FD:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36FB8420E1C8005B9BD33B522F42F8F899E23E6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:fb:84:20:e1:c8:00:5b:9b:d3:3b:52:2f:42:f8:f8:99:e2:3e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=2800ef5ffdfbff4c2c857d92bed4fd0816be3837c85579ddf7b9443efd69993d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:7f:d8:5f:be:4a:5d:77:f7:9f:16:f0:92:
8d:c3:e2:e6:ea:7d:12:d1:a9:d6:38:ec:84:7e:02:
c6:d9:a1:16:f8:2f:45:ea:9f:b0:cb:67:13:00:ff:
f1:ef:1b:14:9b:40:87:00:eb:7f:4a:f3:f8:cd:de:
76:5e:6f:60:c3:19:bf:e6:4e:3f:d4:11:8c:1b:8a:
ac:ba:37:7f:e5:06:f6:6c:af:1c:f9:5f:b3:d8:bf:
f7:23:1e:0a:d0:aa:1a:71:80:5e:83:b5:42:e8:86:
6a:67:82:11:b9:0e:d2:a8:00:c3:57:07:eb:78:ef:
75:85:8c:48:69:03:3f:0a:ac:fd:a2:5e:b7:94:a6:
c3:82:48:3c:0f:e9:94:79:0b:f5:3a:73:5a:a6:58:
ac:9e:e3:55:5c:70:54:de:67:db:6f:0e:d3:94:06:
f2:b2:d4:01:b6:1b:3a:fc:7a:5e:e3:d4:27:96:98:
c3:60:5a:a1:de:c6:5f:32:6d:56:0a:3c:ce:ce:c6:
cc:ce:8f:53:70:08:ae:cf:67:a9:c1:a9:ae:06:46:
05:cc:a6:85:58:ee:ef:d7:60:48:fe:37:e4:9d:32:
a4:16:ba:56:05:57:b2:0e:7a:24:82:aa:9c:1c:63:
8b:5d:65:05:05:ad:db:9d:3a:56:e9:87:14:9b:14:
61:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:50:9B:24:BB:A8:05:01:E6:E1:2C:7A:50:8E:36:62:08:A0:FD:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
68:be:f5:f5:92:c8:43:eb:88:57:6b:f5:02:39:f1:60:f8:e8:
d0:f7:5f:30:cc:4c:1b:e1:cc:b1:dd:b9:ac:59:a8:96:66:e2:
0b:04:54:46:3b:f2:6a:16:e9:f9:3f:34:03:d2:42:81:69:c7:
ca:c9:e0:9a:cb:36:9d:e3:a0:ac:a0:93:7d:a8:07:24:b0:be:
84:0f:c1:33:d1:af:88:66:ce:66:10:a2:e8:9f:7e:5e:76:9e:
3e:7b:e0:4a:d5:80:27:d6:54:3c:37:66:18:d5:3d:c3:62:e9:
49:fc:0e:5a:94:e2:25:76:f2:87:28:da:95:9a:ba:12:ae:6c:
2d:f8:9b:61:09:d6:ae:b8:13:58:1d:5d:d7:01:6a:1f:15:67:
7b:7a:65:70:65:da:7b:43:14:a5:c1:55:c2:2f:d8:d4:2d:4c:
08:7e:11:e5:92:d0:92:da:03:82:e6:86:f3:81:58:58:d1:ca:
1f:7a:44:60:2d:40:d1:70:a2:3e:83:9c:bc:84:4b:8c:ab:79:
f0:db:f2:36:14:61:e8:cf:0e:79:40:bf:37:b7:59:d5:85:d2:
ba:b1:d2:a3:61:da:49:d4:d8:49:ed:17:eb:f6:9c:86:46:55:
4e:7e:d8:1f:d8:42:08:be:44:66:ee:ea:45:67:20:ff:66:f0:
4b:90:d7:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNvuEIOHIAFub0ztSL0L4+JniPmswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MDBlZjVmZmRmYmZmNGMyYzg1N2Q5MmJlZDRmZDA4MTZiZTM4MzdjODU1
NzlkZGY3Yjk0NDNlZmQ2OTk5M2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0Lf9hfvkpdd/efFvCSjcPi5up9EtGp1jjshH4CxtmhFvgvReqfsMtnEwD/
8e8bFJtAhwDrf0rz+M3edl5vYMMZv+ZOP9QRjBuKrLo3f+UG9myvHPlfs9i/9yMe
CtCqGnGAXoO1QuiGameCEbkO0qgAw1cH63jvdYWMSGkDPwqs/aJet5Smw4JIPA/p
lHkL9TpzWqZYrJ7jVVxwVN5n228O05QG8rLUAbYbOvx6XuPUJ5aYw2Baod7GXzJt
Vgo8zs7GzM6PU3AIrs9nqcGprgZGBcymhVju79dgSP435J0ypBa6VgVXsg56JIKq
nBxji11lBQWt2506VumHFJsUYTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQUJsk
u6gFAebhLHpQjjZiCKD9bTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQBovvX1kshD64hXa/UCOfFg+OjQ918wzEwb4cyx
3bmsWaiWZuILBFRGO/JqFun5PzQD0kKBacfKyeCayzad46CsoJN9qAcksL6ED8Ez
0a+IZs5mEKLon35edp4+e+BK1YAn1lQ8N2YY1T3DYulJ/A5alOIldvKHKNqVmroS
rmwt+JthCdauuBNYHV3XAWofFWd7emVwZdp7QxSlwVXCL9jULUwIfhHlktCS2gOC
5obzgVhY0cofekRgLUDRcKI+g5y8hEuMq3nw2/I2FGHozw55QL83t1nVhdK6sdKj
YdpJ1NhJ7Rfr9pyGRlVOftgf2EIIvkRm7upFZyD/ZvBLkNd+
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:25 2025 by rpki-client