Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: BEd7wqfWoRWa2gh3rxAYTdu4JVhnJgrh+i2NlMFz0qU=
Subject key identifier: E1:FB:6E:62:AE:ED:3C:0A:70:39:AA:5C:4D:6B:10:05:15:61:27:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4080D5E2BC13635C565E6B692B3C7762AA91F59D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:80:d5:e2:bc:13:63:5c:56:5e:6b:69:2b:3c:77:62:aa:91:f5:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d6bc9cc215716ef0724123d4d5d29f4bef0aa3702136d26708151417084130a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a1:6a:8d:44:ea:75:5e:cc:fb:06:d1:f0:1d:
c1:50:47:8d:1e:e8:8f:71:c5:90:4a:2f:e7:6c:6b:
e7:f5:51:73:8e:e0:e4:78:86:62:87:cd:2e:fd:08:
e3:aa:8e:c2:13:86:2d:1b:3f:72:b7:cf:0d:b5:33:
99:eb:3b:7e:8d:93:15:26:a9:8a:70:cd:34:e7:7e:
77:eb:90:a4:31:10:8b:32:76:44:86:f2:8b:28:b6:
0b:84:44:b6:70:6f:e3:aa:99:28:d8:e8:a6:c1:27:
2b:c4:d2:2d:91:33:50:01:82:d3:c1:e2:f8:b1:40:
bf:94:4b:64:2f:54:2a:5e:2a:f0:c3:7e:39:7c:0c:
28:15:d4:2a:ec:fa:fe:10:af:fe:89:7f:b6:50:ed:
07:c6:22:bd:fa:ba:42:75:8e:a9:08:79:d4:b9:79:
9c:90:59:05:fd:7b:77:ce:81:87:22:49:f2:85:e3:
89:77:62:b3:be:23:34:a4:8b:35:9e:33:12:36:e4:
e1:1f:92:e1:fd:1f:fe:db:fb:b1:21:be:ab:c9:ce:
01:6a:0a:ac:24:79:fe:fd:c0:75:d1:fd:af:fe:1e:
90:b0:b8:5a:ab:73:5f:2c:f5:18:df:97:1f:70:23:
86:98:f7:f7:17:6b:8f:38:ea:fb:53:b7:a3:d4:ce:
34:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FB:6E:62:AE:ED:3C:0A:70:39:AA:5C:4D:6B:10:05:15:61:27:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:69:f3:c6:4d:19:89:2e:c6:e1:7e:f5:fd:3f:60:a0:21:25:
30:d9:5a:61:92:7c:17:71:b3:ef:99:4d:61:a8:67:5c:d4:30:
c3:43:70:96:97:45:e9:5b:30:c5:94:dd:2d:3a:89:cb:ff:4b:
cf:af:8f:f5:ed:a4:b4:de:d5:f5:03:54:3a:5f:4f:09:10:f0:
74:93:ee:39:d6:93:4b:bb:dc:08:35:d7:48:3b:ed:7f:f8:e2:
f6:64:5c:47:e2:72:0c:2e:43:00:b9:02:8a:1d:11:e2:0f:f6:
c0:ba:39:ef:50:0f:63:a5:20:22:60:fa:12:28:27:70:b0:e4:
17:6d:c2:78:d8:d7:98:c2:ca:7b:08:cc:a5:de:ef:f5:7c:9e:
34:4d:6f:43:50:43:e7:5a:0e:58:33:b2:da:b1:77:f4:26:51:
e6:d7:82:d7:ed:f9:cd:51:73:38:19:48:f8:25:fc:f7:3e:4c:
9f:3b:43:7a:cd:42:72:12:c3:1a:e8:0f:23:22:fb:15:d4:a7:
99:fa:af:93:e1:82:db:f3:31:94:6c:5f:1c:53:1f:37:36:eb:
ff:10:66:f9:20:47:e7:1a:97:65:d0:00:5f:5a:43:95:ed:1b:
7e:4d:9a:dc:5e:8e:40:59:5c:1a:c8:69:b0:09:c4:6f:c7:01:
ac:a9:0c:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQIDV4rwTY1xWXmtpKzx3YqqR9Z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2YmM5Y2MyMTU3MTZlZjA3MjQxMjNkNGQ1ZDI5ZjRiZWYwYWEzNzAyMTM2
ZDI2NzA4MTUxNDE3MDg0MTMwYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKhao1E6nVezPsG0fAdwVBHjR7oj3HFkEov52xr5/VRc47g5HiGYofNLv0I
46qOwhOGLRs/crfPDbUzmes7fo2TFSapinDNNOd+d+uQpDEQizJ2RIbyiyi2C4RE
tnBv46qZKNjopsEnK8TSLZEzUAGC08Hi+LFAv5RLZC9UKl4q8MN+OXwMKBXUKuz6
/hCv/ol/tlDtB8Yivfq6QnWOqQh51Ll5nJBZBf17d86BhyJJ8oXjiXdis74jNKSL
NZ4zEjbk4R+S4f0f/tv7sSG+q8nOAWoKrCR5/v3AddH9r/4ekLC4WqtzXyz1GN+X
H3Ajhpj39xdrjzjq+1O3o9TONJsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTh+25i
ru08CnA5qlxNaxAFFWEnFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3afPGTRmJLsbhfvX9P2CgISUw2VphknwXcbPv
mU1hqGdc1DDDQ3CWl0XpWzDFlN0tOonL/0vPr4/17aS03tX1A1Q6X08JEPB0k+45
1pNLu9wINddIO+1/+OL2ZFxH4nIMLkMAuQKKHRHiD/bAujnvUA9jpSAiYPoSKCdw
sOQXbcJ42NeYwsp7CMyl3u/1fJ40TW9DUEPnWg5YM7LasXf0JlHm14LX7fnNUXM4
GUj4Jfz3PkyfO0N6zUJyEsMa6A8jIvsV1KeZ+q+T4YLb8zGUbF8cUx83Nuv/EGb5
IEfnGpdl0ABfWkOV7Rt+TZrcXo5AWVwayGmwCcRvxwGsqQyH
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:06 2025 by rpki-client