Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: EOJys5fKgRVq3adlBLu7VUNoSjkAx4wYazyMKCCVfQI=
Subject key identifier: 60:AA:21:B0:FB:30:2B:3F:33:46:B0:A1:4F:C7:7D:15:FE:2A:37:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6549D64EC0FEF57824AEB82C5BB35606FCD52B63
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:49:d6:4e:c0:fe:f5:78:24:ae:b8:2c:5b:b3:56:06:fc:d5:2b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0b9edea48b2029cf76f8876fa0ce4a859a779beeb490add19d891e6607a157de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:6d:e9:47:2b:a9:c1:2c:22:58:fe:f8:23:
d9:c1:79:be:8f:0c:39:d7:c6:41:f1:ea:04:00:35:
54:eb:70:8b:77:27:d1:a7:e0:71:20:b8:ec:33:0c:
e1:97:7c:ac:56:a0:3d:c7:c4:1c:86:57:63:06:85:
42:98:53:f9:90:1d:59:ec:84:72:53:2f:b1:f5:a0:
08:27:ec:05:75:74:61:bd:bc:54:3b:5a:1f:84:2f:
4f:a9:af:08:62:5c:16:eb:8f:26:28:fe:3c:1c:d5:
f2:4e:b8:b9:99:54:f3:54:28:9a:8a:3f:d3:3c:ad:
ac:da:62:13:a2:98:fc:ff:c2:01:9d:3a:94:d5:0e:
33:8a:21:36:af:d8:65:65:49:9b:c5:04:2a:df:4f:
45:05:34:44:02:4a:8f:f1:84:0c:f7:b3:2c:dc:56:
73:83:e1:b6:a2:2a:b0:58:b9:bb:f0:15:75:f6:ff:
0e:58:c4:08:bb:41:05:95:9b:9c:90:3c:fe:dd:29:
8d:c3:de:82:ee:70:cf:94:41:8f:e3:84:50:43:6e:
7e:6d:6d:40:a8:0c:48:bc:09:f8:f5:d2:0e:44:25:
fd:cf:7e:43:de:08:c1:99:fd:f5:30:c8:78:4a:c9:
10:67:4f:7f:81:be:0d:bd:04:54:1f:81:bb:9b:44:
da:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AA:21:B0:FB:30:2B:3F:33:46:B0:A1:4F:C7:7D:15:FE:2A:37:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
4b:21:81:5b:bf:18:8c:dc:80:93:09:3c:fd:42:a8:18:c8:76:
bd:fa:72:ac:19:14:50:4f:b7:3f:fa:74:61:bf:73:ba:b9:33:
f5:16:e6:38:04:11:16:d7:a2:37:bb:11:ac:a4:31:ed:15:bb:
99:58:72:c6:21:46:27:52:fe:ef:bb:1b:bc:20:43:5a:ba:ad:
e8:21:cd:6b:e4:f0:6d:14:75:fa:46:2b:c1:f1:83:98:91:75:
df:37:be:f2:5e:cf:d9:7a:83:bc:b4:29:2d:1d:18:46:94:97:
40:e2:db:c1:80:51:1d:07:29:f6:45:d3:d2:ce:06:c7:7b:ec:
7e:8c:d7:a4:10:1b:7c:5f:e2:6c:e8:ba:e2:b7:7a:d4:27:74:
f2:ae:99:27:fc:42:53:d1:2c:e2:e5:32:ea:7d:c7:df:0f:6f:
c6:7b:2a:c2:e5:3a:25:35:38:db:fd:ca:83:55:6a:69:18:78:
9c:7a:ea:74:e1:16:3c:55:de:1c:58:0c:db:cf:59:81:29:13:
80:f9:9e:9b:39:0d:e4:3e:dc:cb:d0:24:36:d1:53:a6:8a:c5:
f3:8e:15:05:7f:86:bc:ea:2c:a2:1a:4e:76:e8:93:a8:24:ed:
94:fd:10:ab:0a:df:1a:b4:f9:44:4f:93:66:df:80:1b:64:1a:
ff:fc:97:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZUnWTsD+9XgkrrgsW7NWBvzVK2MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiOWVkZWE0OGIyMDI5Y2Y3NmY4ODc2ZmEwY2U0YTg1OWE3NzliZWViNDkw
YWRkMTlkODkxZTY2MDdhMTU3ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0mbelHK6nBLCJY/vgj2cF5vo8MOdfGQfHqBAA1VOtwi3cn0afgcSC47DMM
4Zd8rFagPcfEHIZXYwaFQphT+ZAdWeyEclMvsfWgCCfsBXV0Yb28VDtaH4QvT6mv
CGJcFuuPJij+PBzV8k64uZlU81Qomoo/0zytrNpiE6KY/P/CAZ06lNUOM4ohNq/Y
ZWVJm8UEKt9PRQU0RAJKj/GEDPezLNxWc4PhtqIqsFi5u/AVdfb/DljECLtBBZWb
nJA8/t0pjcPegu5wz5RBj+OEUENufm1tQKgMSLwJ+PXSDkQl/c9+Q94IwZn99TDI
eErJEGdPf4G+Db0EVB+Bu5tE2vcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgqiGw
+zArPzNGsKFPx30V/io3mDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEASyGBW78YjNyAkwk8/UKoGMh2vfpyrBkUUE+3
P/p0Yb9zurkz9RbmOAQRFteiN7sRrKQx7RW7mVhyxiFGJ1L+77sbvCBDWrqt6CHN
a+TwbRR1+kYrwfGDmJF13ze+8l7P2XqDvLQpLR0YRpSXQOLbwYBRHQcp9kXT0s4G
x3vsfozXpBAbfF/ibOi64rd61Cd08q6ZJ/xCU9Es4uUy6n3H3w9vxnsqwuU6JTU4
2/3Kg1VqaRh4nHrqdOEWPFXeHFgM289ZgSkTgPmemzkN5D7cy9AkNtFTporF844V
BX+GvOosohpOduiTqCTtlP0QqwrfGrT5RE+TZt+AG2Qa//yXuw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:12 2025 by rpki-client