Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa
File: d7bd85bf-2af2-46a0-91d6-f945e7063231.roa (raw, json)
Hash identifier: M243RLOVn+tEKanfpXQpMEfSOKgwHcB6BINh/eAr1a8=
Subject key identifier: 4A:62:0F:48:05:D6:E4:04:5D:A8:F6:83:07:F9:76:F7:1C:6D:54:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0AD28105A097460C63643605F14855A82442EC7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d2:81:05:a0:97:46:0c:63:64:36:05:f1:48:55:a8:24:42:ec:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=3daa76d64405d62df72498ecf8743f3b833ac6ff54c286c96728bd0923484f6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d9:86:4b:47:57:39:66:ef:df:0b:5a:1e:a0:
42:b4:d6:48:7e:4c:12:1b:70:e7:47:7c:a5:24:0d:
72:ec:95:43:ca:e0:37:6c:c2:80:eb:82:d4:2b:1d:
67:22:7e:86:70:7a:78:01:17:05:65:88:66:62:6e:
80:39:31:74:48:2c:d9:d5:3b:a2:a1:f0:4e:a0:f8:
7d:63:e5:0b:96:dd:e1:2a:39:3c:46:73:ac:ab:94:
da:ed:fd:4a:d6:d4:25:29:92:42:c4:e4:c4:d7:d7:
5d:f3:57:40:2d:ec:0b:59:ed:9a:c9:3b:ee:37:c7:
78:3a:53:27:06:11:be:fe:c0:3d:20:41:13:4a:4a:
78:11:a5:4c:3b:21:9b:c4:42:e2:6c:2d:bd:02:61:
ac:46:e6:0a:de:cb:f4:c2:ff:1e:6c:90:60:48:ec:
e4:a8:fb:66:fa:00:75:ac:f0:78:80:95:c5:ff:db:
9d:c4:54:fe:b4:99:d1:00:37:21:b8:36:ce:51:9c:
3e:b4:65:3e:27:cd:0c:06:1a:d6:2a:2f:a8:37:f1:
c4:0d:48:ba:92:ed:df:02:3e:50:f1:d8:46:c4:41:
51:9b:71:e2:55:02:b3:e1:fd:0c:d8:8f:b6:8b:91:
60:12:a0:17:27:2d:04:6d:0a:3b:0d:a7:38:8d:aa:
f4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:62:0F:48:05:D6:E4:04:5D:A8:F6:83:07:F9:76:F7:1C:6D:54:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c080::/48
Signature Algorithm: sha256WithRSAEncryption
81:88:2a:a6:86:91:fd:f3:af:97:ab:b5:d7:9c:02:1e:b8:e0:
83:a2:26:74:af:4b:27:f0:30:80:e6:c8:ff:72:9d:47:2f:b5:
73:af:e7:a5:3d:e8:3f:4d:75:aa:ed:46:86:18:1d:77:54:8b:
8d:11:6d:0a:56:a2:d5:d7:21:68:a4:d4:25:c8:34:46:ea:f4:
db:72:1f:a7:64:4c:5c:79:e2:d0:dd:9b:c2:2f:25:19:41:21:
92:51:5a:2c:69:41:0c:b5:ca:07:b0:34:b1:0d:2b:56:7d:44:
15:a4:fd:16:70:8f:2e:a6:ea:dd:ca:74:2e:db:a4:21:82:0c:
1c:92:bf:ee:06:0a:99:cc:57:c7:3b:13:ad:3c:ca:14:86:4e:
c7:a6:41:9b:95:19:fd:50:07:1b:ea:e1:06:a7:5f:8c:f0:a7:
e9:d0:ea:1a:f0:66:4c:df:fb:7f:14:a5:e7:e2:c5:72:58:ab:
42:89:19:4f:11:f3:a9:10:85:08:e9:68:85:9f:17:07:56:8b:
e6:ff:84:94:64:2c:72:53:ce:32:c9:75:f0:eb:00:c6:0f:23:
75:86:4f:99:f3:bf:c0:b5:28:e3:00:c8:11:51:a5:e9:4e:0d:
77:fd:43:07:52:15:66:7d:3b:47:e8:67:bb:9f:0f:35:a7:ad:
a0:aa:85:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCtKBBaCXRgxjZDYF8UhVqCRC7H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkYWE3NmQ2NDQwNWQ2MmRmNzI0OThlY2Y4NzQzZjNiODMzYWM2ZmY1NGMy
ODZjOTY3MjhiZDA5MjM0ODRmNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTZhktHVzlm798LWh6gQrTWSH5MEhtw50d8pSQNcuyVQ8rgN2zCgOuC1Csd
ZyJ+hnB6eAEXBWWIZmJugDkxdEgs2dU7oqHwTqD4fWPlC5bd4So5PEZzrKuU2u39
StbUJSmSQsTkxNfXXfNXQC3sC1ntmsk77jfHeDpTJwYRvv7APSBBE0pKeBGlTDsh
m8RC4mwtvQJhrEbmCt7L9ML/HmyQYEjs5Kj7ZvoAdazweICVxf/bncRU/rSZ0QA3
Ibg2zlGcPrRlPifNDAYa1iovqDfxxA1IupLt3wI+UPHYRsRBUZtx4lUCs+H9DNiP
touRYBKgFyctBG0KOw2nOI2q9IMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKYg9I
BdbkBF2o9oMH+Xb3HG1UEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiZDg1YmYtMmFmMi00NmEwLTkxZDYtZjk0NWU3MDYzMjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
gDANBgkqhkiG9w0BAQsFAAOCAQEAgYgqpoaR/fOvl6u115wCHrjgg6ImdK9LJ/Aw
gObI/3KdRy+1c6/npT3oP011qu1Ghhgdd1SLjRFtClai1dchaKTUJcg0Rur023If
p2RMXHni0N2bwi8lGUEhklFaLGlBDLXKB7A0sQ0rVn1EFaT9FnCPLqbq3cp0Ltuk
IYIMHJK/7gYKmcxXxzsTrTzKFIZOx6ZBm5UZ/VAHG+rhBqdfjPCn6dDqGvBmTN/7
fxSl5+LFclirQokZTxHzqRCFCOlohZ8XB1aL5v+ElGQsclPOMsl18OsAxg8jdYZP
mfO/wLUo4wDIEVGl6U4Nd/1DB1IVZn07R+hnu58PNaetoKqFqQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:51 2025 by rpki-client