Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd294e80-dbb7-45f1-a3fd-9866794b3ce0.roa
File: dd294e80-dbb7-45f1-a3fd-9866794b3ce0.roa (raw, json)
Hash identifier: vjJ0jqc/zDyS/bNVwEY65SRjmo1/sDH1ld6sDLa0rUI=
Subject key identifier: 1B:CF:75:AF:EA:C4:B8:CD:54:54:33:05:3C:05:9D:89:61:7B:A4:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3872F63E98C9E939A664EEC93509CFC8ED865581
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd294e80-dbb7-45f1-a3fd-9866794b3ce0.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:72:f6:3e:98:c9:e9:39:a6:64:ee:c9:35:09:cf:c8:ed:86:55:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=522188f3398ec974a219760b5a93d8aec1b0f7dfc0e4cdd67e22eec1d8ba5c57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:a3:92:19:0d:fe:7f:eb:4c:3d:ab:b1:ad:
75:0a:59:eb:5b:f4:97:28:57:4b:29:88:78:d7:40:
30:3a:58:e8:e0:91:27:de:e1:dd:e4:8c:c1:f1:7f:
76:46:7c:7d:c0:65:e7:ba:65:24:5b:78:65:44:31:
72:88:51:22:1a:2d:65:ec:45:4c:27:50:0c:43:84:
c3:59:ac:45:7e:b9:dd:f9:5a:d4:85:ec:8e:73:74:
88:4c:c4:a9:71:62:2e:bb:95:80:ca:1f:bc:c4:c0:
b2:f7:23:d9:1f:5c:15:1d:45:2e:12:4e:18:82:18:
33:83:16:8b:12:8d:9a:7d:54:15:f7:bc:75:3e:cf:
4f:3b:bd:7e:2f:e6:c8:94:7a:50:da:a7:b7:1f:7f:
2c:eb:55:57:85:3d:eb:7c:f4:34:78:c4:ad:00:96:
d9:45:5e:81:dc:aa:0c:0c:61:ae:6c:03:27:b9:de:
2f:32:1f:41:9f:0f:fb:6a:ed:3a:09:c1:5d:a1:87:
ac:34:e6:04:9d:86:dc:14:cb:62:b2:b7:5a:eb:77:
87:35:50:3c:94:b5:d4:1c:f1:ed:4a:cb:a7:88:77:
79:cf:f6:fb:51:09:af:d8:ea:ce:e7:4c:92:ac:fc:
59:fb:78:cf:8d:3d:8a:1c:f5:fd:43:88:0c:e1:47:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CF:75:AF:EA:C4:B8:CD:54:54:33:05:3C:05:9D:89:61:7B:A4:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd294e80-dbb7-45f1-a3fd-9866794b3ce0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:1000::/40
Signature Algorithm: sha256WithRSAEncryption
51:f7:64:f4:9a:0f:98:10:f5:77:7b:ca:00:d2:ee:56:99:b3:
02:c1:37:13:4f:c9:55:62:79:d3:d8:74:49:80:20:73:9c:52:
0a:be:13:45:84:ba:bc:96:04:5c:3c:3c:ea:86:0b:71:30:32:
13:80:86:c1:8b:e9:3a:10:c7:98:92:f1:45:9b:0c:a7:c2:79:
d7:14:dd:06:61:f4:18:fb:d0:6b:3b:96:24:97:fa:bc:9f:bd:
ed:0d:56:20:32:35:49:d7:91:75:cd:5c:3f:e6:09:e9:f0:1b:
41:65:09:61:d7:bb:ee:b0:24:e4:48:91:6f:21:25:6e:e0:c7:
15:c9:80:be:dd:97:82:0e:1f:f5:cf:ec:a5:1d:23:70:8e:74:
3c:b6:c0:6c:8d:56:14:f6:ce:e7:bb:14:3b:38:25:4f:e2:78:
f5:b9:a5:17:a8:2b:98:c9:a4:73:ea:a8:d7:0a:75:9b:46:6d:
b4:38:3e:0e:46:27:20:9d:18:30:2d:0d:75:95:97:94:74:60:
1b:6b:6e:9c:32:84:97:08:70:75:29:0b:1d:f1:8e:34:dc:40:
4a:5f:7a:b1:b8:e6:d1:2e:6f:eb:b6:da:73:16:df:3a:f7:ff:
5d:25:53:1e:89:01:01:3e:81:2e:da:2b:27:a0:2b:16:64:7a:
c2:24:12:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOHL2PpjJ6TmmZO7JNQnPyO2GVYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMjE4OGYzMzk4ZWM5NzRhMjE5NzYwYjVhOTNkOGFlYzFiMGY3ZGZjMGU0
Y2RkNjdlMjJlZWMxZDhiYTVjNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANC8o5IZDf5/60w9q7GtdQpZ61v0lyhXSymIeNdAMDpY6OCRJ97h3eSMwfF/
dkZ8fcBl57plJFt4ZUQxcohRIhotZexFTCdQDEOEw1msRX653fla1IXsjnN0iEzE
qXFiLruVgMofvMTAsvcj2R9cFR1FLhJOGIIYM4MWixKNmn1UFfe8dT7PTzu9fi/m
yJR6UNqntx9/LOtVV4U963z0NHjErQCW2UVegdyqDAxhrmwDJ7neLzIfQZ8P+2rt
OgnBXaGHrDTmBJ2G3BTLYrK3Wut3hzVQPJS11Bzx7UrLp4h3ec/2+1EJr9jqzudM
kqz8Wft4z409ihz1/UOIDOFHvBkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbz3Wv
6sS4zVRUMwU8BZ2JYXukpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQyOTRlODAtZGJiNy00NWYxLWEzZmQtOTg2Njc5NGIzY2UwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBR92T0mg+YEPV3e8oA0u5WmbMCwTcTT8lVYnnT
2HRJgCBznFIKvhNFhLq8lgRcPDzqhgtxMDITgIbBi+k6EMeYkvFFmwynwnnXFN0G
YfQY+9BrO5Ykl/q8n73tDVYgMjVJ15F1zVw/5gnp8BtBZQlh17vusCTkSJFvISVu
4McVyYC+3ZeCDh/1z+ylHSNwjnQ8tsBsjVYU9s7nuxQ7OCVP4nj1uaUXqCuYyaRz
6qjXCnWbRm20OD4ORicgnRgwLQ11lZeUdGAba26cMoSXCHB1KQsd8Y403EBKX3qx
uObRLm/rttpzFt869/9dJVMeiQEBPoEu2isnoCsWZHrCJBJq
-----END CERTIFICATE-----
Generated at Fri May 2 14:10:29 2025 by rpki-client