Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da2145b5-6513-419c-a72b-3b41bbdf3573.roa
File: da2145b5-6513-419c-a72b-3b41bbdf3573.roa (raw, json)
Hash identifier: CbAQtH2fSC4JiPAPFetRt7qWkn3NU6HSJyrOPYV9Loo=
Subject key identifier: A7:BC:F0:68:17:52:BB:15:99:B4:E8:9C:18:42:14:91:65:DE:36:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 143C79CF378E1CEF0EAFDAA3653CB04C7FD88398
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da2145b5-6513-419c-a72b-3b41bbdf3573.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:3c:79:cf:37:8e:1c:ef:0e:af:da:a3:65:3c:b0:4c:7f:d8:83:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=fc837441e681d9230469d1c8f063e83e652276d77f7f3bed9293071b3d6644b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:83:02:2a:e1:55:3e:0c:8f:07:b5:44:d1:cb:
c1:ef:aa:68:73:27:8f:50:2e:70:2a:49:5b:f2:25:
71:97:f3:21:b2:de:42:a5:ff:46:f0:44:ab:23:96:
2f:83:54:9f:8c:d9:94:9e:f3:c7:2e:2b:2e:c2:4c:
26:fe:33:07:8a:8e:71:6c:25:46:90:80:71:05:b2:
68:84:aa:1f:31:24:37:52:04:c5:af:e5:74:7f:66:
e1:23:91:66:2a:73:c9:92:1d:8e:86:85:71:84:5d:
33:06:40:95:7b:23:c8:51:9e:f6:1c:b5:9d:34:38:
84:ab:67:f2:e6:63:16:d6:84:0f:b5:b0:98:22:82:
7e:ba:b4:10:18:a2:6f:8c:44:4d:29:66:a1:c6:03:
d1:92:68:ae:1f:9c:24:16:7f:90:7e:47:28:99:83:
31:51:90:9b:7f:43:47:33:52:39:2f:f1:1a:30:d6:
22:23:97:1d:09:0c:f2:a0:d8:41:3c:4a:7f:4a:78:
ec:41:d3:39:f8:5b:e5:d2:f7:3f:24:e2:ae:01:ef:
38:37:6e:54:79:9c:68:00:b2:99:71:5d:4f:5d:2c:
cb:73:c3:d4:b6:b7:e2:de:f6:c4:41:d1:71:f7:58:
b6:51:a8:cb:11:1d:77:08:14:c5:35:b8:14:60:cd:
7e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BC:F0:68:17:52:BB:15:99:B4:E8:9C:18:42:14:91:65:DE:36:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da2145b5-6513-419c-a72b-3b41bbdf3573.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
99:9e:07:9d:a3:c9:1b:57:5b:d1:72:e4:4c:b5:cf:01:88:4d:
24:62:d3:d6:e9:6f:57:01:79:60:b5:bf:31:cd:00:b2:19:11:
93:5a:a1:63:3f:b1:84:e8:10:28:18:41:c8:cb:3e:35:2a:39:
60:8c:b4:78:8b:e7:34:0f:d8:07:4c:1c:c1:39:0d:f0:42:d3:
24:d2:01:71:f9:61:e1:d0:18:9d:a8:17:68:8c:b1:1f:69:40:
13:47:f6:31:8f:6a:2d:02:f7:cb:75:48:1d:f6:d4:ed:46:6b:
5c:76:be:fb:b3:97:d7:8e:a7:9a:16:49:22:ed:74:9b:fc:01:
cd:b9:4e:3c:fa:8c:e0:6b:a6:fa:70:fb:ca:b5:b5:f8:e3:14:
fa:a4:e9:4f:47:da:eb:0e:11:38:d6:6f:3e:02:a8:2e:39:3c:
3c:a6:5a:cc:95:33:7a:db:6d:a6:49:ac:3e:79:0f:d5:e0:78:
e3:e3:5b:37:ed:62:36:4a:f1:0f:d0:1e:5f:67:30:e2:db:7b:
68:da:08:68:4c:ad:d5:eb:33:7c:eb:69:05:16:96:e6:91:e1:
9e:d6:a5:07:89:9c:a1:ad:91:b7:86:68:51:e8:a4:e9:2b:c7:
8b:42:1d:93:c5:4e:71:39:15:b9:7e:47:3f:24:f5:3e:78:ed:
d2:56:f7:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFDx5zzeOHO8Or9qjZTywTH/Yg5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjODM3NDQxZTY4MWQ5MjMwNDY5ZDFjOGYwNjNlODNlNjUyMjc2ZDc3Zjdm
M2JlZDkyOTMwNzFiM2Q2NjQ0YjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP2DAirhVT4Mjwe1RNHLwe+qaHMnj1AucCpJW/IlcZfzIbLeQqX/RvBEqyOW
L4NUn4zZlJ7zxy4rLsJMJv4zB4qOcWwlRpCAcQWyaISqHzEkN1IExa/ldH9m4SOR
ZipzyZIdjoaFcYRdMwZAlXsjyFGe9hy1nTQ4hKtn8uZjFtaED7WwmCKCfrq0EBii
b4xETSlmocYD0ZJorh+cJBZ/kH5HKJmDMVGQm39DRzNSOS/xGjDWIiOXHQkM8qDY
QTxKf0p47EHTOfhb5dL3PyTirgHvODduVHmcaACymXFdT10sy3PD1La34t72xEHR
cfdYtlGoyxEddwgUxTW4FGDNftkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnvPBo
F1K7FZm06JwYQhSRZd42SzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGEyMTQ1YjUtNjUxMy00MTljLWE3MmItM2I0MWJiZGYzNTczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCZngedo8kbV1vRcuRMtc8BiE0kYtPW6W9XAXlg
tb8xzQCyGRGTWqFjP7GE6BAoGEHIyz41KjlgjLR4i+c0D9gHTBzBOQ3wQtMk0gFx
+WHh0BidqBdojLEfaUATR/Yxj2otAvfLdUgd9tTtRmtcdr77s5fXjqeaFkki7XSb
/AHNuU48+ozga6b6cPvKtbX44xT6pOlPR9rrDhE41m8+AqguOTw8plrMlTN6222m
Saw+eQ/V4Hjj41s37WI2SvEP0B5fZzDi23to2ghoTK3V6zN862kFFpbmkeGe1qUH
iZyhrZG3hmhR6KTpK8eLQh2TxU5xORW5fkc/JPU+eO3SVvcE
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:24 2025 by rpki-client