Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: grVUb4NaPFgy/yTUSe3JMVwJoY/5dCp4EdIKvdmH6Sw=
Subject key identifier: AE:03:47:1F:E0:F2:29:E1:85:06:72:20:56:FD:69:25:44:26:44:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 507F477CC8E303A41D8EB3950FC26F6D71ECC0A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:7f:47:7c:c8:e3:03:a4:1d:8e:b3:95:0f:c2:6f:6d:71:ec:c0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a435b53a3a57c0ddd9ee6d3bb1739d10f60c7b2d2a4daf8c85560c9c47d3f0f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:71:1b:05:3e:b1:ca:73:e2:70:b2:06:3c:3b:
ef:86:2d:ab:09:5b:60:78:3c:fb:ca:dd:38:52:e2:
60:cf:ed:c6:b1:09:5a:77:22:67:82:84:5a:45:8d:
b6:a1:0e:ad:b8:5e:99:b9:cb:4e:4a:90:77:47:c3:
25:85:e0:67:9a:8f:88:c2:0a:a4:88:94:e7:a4:ce:
f5:3b:dd:5f:87:e0:d4:b2:50:e2:7a:f7:09:e9:f3:
8c:fb:df:fc:e1:b6:f8:4b:93:85:ef:87:ce:01:3e:
44:0e:8b:09:5b:b5:4a:71:68:6e:4d:cf:07:28:58:
c1:87:4b:8b:3b:ad:2b:81:e1:a3:5c:a2:15:08:eb:
a7:8b:65:c3:b0:4f:2a:e0:82:6d:94:1e:0a:5b:3c:
3a:95:1f:3b:0b:aa:25:11:47:93:47:e1:af:46:1b:
77:59:c7:89:d6:b3:68:f4:af:12:ce:71:9e:2e:c8:
1b:77:44:1e:93:df:72:c8:d7:ce:da:bd:18:89:23:
56:e3:03:0b:e1:7b:11:e1:21:46:a3:43:34:cc:08:
10:f4:58:1a:21:fc:f7:ac:7e:db:c2:32:e6:50:49:
c6:70:02:e6:eb:57:0d:24:30:8e:12:ec:7c:e3:dd:
b8:6e:73:4d:3d:91:95:0d:97:b9:3b:b3:21:50:2b:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:03:47:1F:E0:F2:29:E1:85:06:72:20:56:FD:69:25:44:26:44:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
69:d4:bd:77:c5:44:e6:1a:bf:e4:fb:51:3b:69:43:05:23:63:
2c:09:48:73:78:9c:c1:e7:1d:5a:71:23:e9:58:2b:da:56:e3:
cd:fe:c1:d5:0c:77:81:9a:fb:06:b4:c9:35:f5:0f:14:73:80:
1c:26:7c:4e:5f:36:b1:5a:50:ec:6b:eb:8b:3c:bb:fb:59:36:
58:bb:42:29:57:4d:f0:71:fe:01:06:2b:f0:15:49:b4:35:bf:
85:ab:c3:32:95:23:cf:a9:7d:64:f3:d7:99:a8:1d:d3:f8:49:
73:d7:e0:60:f0:f3:2d:49:d9:10:42:1c:1a:c8:58:1f:8b:a6:
9e:81:f8:4e:a0:14:bc:bc:60:ad:02:64:59:80:5f:48:56:fa:
e8:cb:30:a1:ad:c1:21:f0:99:8f:86:23:47:05:28:b9:18:db:
38:3e:0e:84:48:7f:64:61:46:1f:9b:6d:d4:69:f7:29:e0:31:
44:34:98:75:41:05:40:37:28:65:4f:b2:4d:e6:37:0f:f9:3a:
b4:eb:3e:52:8b:4f:c9:74:03:b2:78:d7:83:8a:98:90:f6:5f:
fd:41:b5:d5:3c:68:53:69:c3:e7:c0:65:a0:33:09:0a:94:68:
a6:c8:cf:10:77:89:42:41:31:a0:95:4e:df:04:df:f0:64:21:
9d:97:03:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUH9HfMjjA6QdjrOVD8JvbXHswKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0MzViNTNhM2E1N2MwZGRkOWVlNmQzYmIxNzM5ZDEwZjYwYzdiMmQyYTRk
YWY4Yzg1NTYwYzljNDdkM2YwZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdxGwU+scpz4nCyBjw774YtqwlbYHg8+8rdOFLiYM/txrEJWnciZ4KEWkWN
tqEOrbhembnLTkqQd0fDJYXgZ5qPiMIKpIiU56TO9TvdX4fg1LJQ4nr3CenzjPvf
/OG2+EuThe+HzgE+RA6LCVu1SnFobk3PByhYwYdLizutK4Hho1yiFQjrp4tlw7BP
KuCCbZQeCls8OpUfOwuqJRFHk0fhr0Ybd1nHidazaPSvEs5xni7IG3dEHpPfcsjX
ztq9GIkjVuMDC+F7EeEhRqNDNMwIEPRYGiH896x+28Iy5lBJxnAC5utXDSQwjhLs
fOPduG5zTT2RlQ2XuTuzIVAr8ZMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSuA0cf
4PIp4YUGciBW/WklRCZEvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAadS9d8VE5hq/5PtRO2lDBSNjLAlIc3icwecd
WnEj6Vgr2lbjzf7B1Qx3gZr7BrTJNfUPFHOAHCZ8Tl82sVpQ7Gvrizy7+1k2WLtC
KVdN8HH+AQYr8BVJtDW/havDMpUjz6l9ZPPXmagd0/hJc9fgYPDzLUnZEEIcGshY
H4umnoH4TqAUvLxgrQJkWYBfSFb66Mswoa3BIfCZj4YjRwUouRjbOD4OhEh/ZGFG
H5tt1Gn3KeAxRDSYdUEFQDcoZU+yTeY3D/k6tOs+UotPyXQDsnjXg4qYkPZf/UG1
1TxoU2nD58BloDMJCpRopsjPEHeJQkExoJVO3wTf8GQhnZcDzw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:01:38 2025 by rpki-client