Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
File: dd7459b4-43ce-4e19-8904-9681781506ff.roa (raw, json)
Hash identifier: tJ4VvHjJwdYqah2ts/9BLy8Qvl6BDLPupoOt3/xdLOQ=
Subject key identifier: FC:BE:45:51:9B:0E:3A:A4:3E:87:AA:17:6B:61:BC:AB:3A:F3:3B:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FBBF34603C98AD11DF0AA931E09956378FBDA86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:bb:f3:46:03:c9:8a:d1:1d:f0:aa:93:1e:09:95:63:78:fb:da:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ba88a04b3dafd6a132cd7d231257737c9764c88cbca73a80f88cdd3106f7d050, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:27:30:c1:81:5e:4f:18:49:d9:95:63:ff:
40:bd:fb:07:2b:61:e2:b4:42:da:3b:15:1b:38:3d:
4e:fd:5e:7d:ac:c2:2c:b8:21:d3:e8:3e:38:69:26:
8c:49:4a:51:b2:ff:6b:67:e9:77:98:13:27:b3:c6:
0c:bd:a7:48:d0:b0:35:48:21:be:74:db:53:81:bd:
14:43:45:e7:b6:81:87:bd:e5:f9:cc:5c:9d:b2:13:
20:b2:36:6f:ac:3b:c5:d7:d8:f9:a8:20:f3:40:9c:
87:31:24:83:9d:07:20:e5:67:29:da:fd:18:c0:f5:
03:e2:42:f6:14:8b:67:8f:ff:31:c0:1a:c5:4f:fc:
8d:6f:98:bd:25:33:ac:59:dd:c1:4b:5b:fc:45:a3:
fd:3e:94:d0:a7:15:52:81:f0:7a:cc:68:ac:24:ce:
f9:bd:16:c3:c8:44:54:7e:fe:b7:fe:0d:53:a7:dc:
a7:e9:70:b4:4a:69:be:76:e3:c3:03:94:e7:dc:fd:
69:83:d2:8c:18:d1:78:a5:b2:67:e8:54:87:f1:2b:
bf:0e:84:63:59:7c:d4:88:ef:97:5a:0c:f4:66:ed:
90:12:ad:15:ae:6b:7f:29:89:af:8f:41:8c:68:15:
c0:4d:bf:a6:2b:10:0c:7e:1c:5d:b0:5b:4d:ec:63:
48:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BE:45:51:9B:0E:3A:A4:3E:87:AA:17:6B:61:BC:AB:3A:F3:3B:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:5b:fc:85:44:cc:e7:7f:f4:d6:57:e2:c0:34:56:ad:3c:61:
39:45:79:4d:5c:19:ae:59:de:38:f1:68:b1:52:c0:e9:4d:e8:
e2:57:7f:48:9f:2a:99:b5:fe:b9:57:6c:fd:cd:de:98:43:7b:
6a:53:4e:cb:48:41:eb:aa:c3:c2:df:b7:3b:70:9b:07:98:66:
d9:ea:c9:64:ca:d3:ed:79:8d:fc:52:de:f9:7e:36:fb:49:59:
d2:f3:c0:53:96:7f:11:5b:f3:82:d4:66:97:71:be:89:b0:84:
30:2d:0a:2e:64:53:25:bb:e5:e1:b5:c3:50:59:6b:9b:78:29:
90:95:ce:89:88:52:6b:95:b2:28:d7:6b:91:0e:c4:c3:28:b4:
cd:23:1c:22:3f:e2:fb:49:7d:23:a2:9b:d7:fb:16:dc:2c:37:
0e:46:bc:cf:f9:44:71:0e:fb:7d:e8:19:a4:62:0b:0e:bb:8c:
7a:20:19:6b:22:65:bf:9e:21:52:b4:96:8a:cb:87:0d:d2:13:
84:18:df:f2:10:d5:83:de:d7:b1:e5:71:4e:06:c7:71:ad:bf:
90:38:e3:a5:35:42:32:9e:80:b3:a1:af:74:ba:21:25:99:4a:
1a:82:9a:ab:ae:7c:5d:64:30:81:a9:d7:ea:85:fa:dd:00:79:
59:9f:da:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL7vzRgPJitEd8KqTHgmVY3j72oYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhODhhMDRiM2RhZmQ2YTEzMmNkN2QyMzEyNTc3MzdjOTc2NGM4OGNiY2E3
M2E4MGY4OGNkZDMxMDZmN2QwNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUCJzDBgV5PGEnZlWP/QL37Byth4rRC2jsVGzg9Tv1efazCLLgh0+g+OGkm
jElKUbL/a2fpd5gTJ7PGDL2nSNCwNUghvnTbU4G9FENF57aBh73l+cxcnbITILI2
b6w7xdfY+agg80CchzEkg50HIOVnKdr9GMD1A+JC9hSLZ4//McAaxU/8jW+YvSUz
rFndwUtb/EWj/T6U0KcVUoHwesxorCTO+b0Ww8hEVH7+t/4NU6fcp+lwtEppvnbj
wwOU59z9aYPSjBjReKWyZ+hUh/Ervw6EY1l81Ijvl1oM9GbtkBKtFa5rfymJr49B
jGgVwE2/pisQDH4cXbBbTexjSCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8vkVR
mw46pD6HqhdrYbyrOvM73jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NDU5YjQtNDNjZS00ZTE5LTg5MDQtOTY4MTc4MTUwNmZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC8W/yFRMznf/TWV+LANFatPGE5RXlNXBmuWd44
8WixUsDpTejiV39InyqZtf65V2z9zd6YQ3tqU07LSEHrqsPC37c7cJsHmGbZ6slk
ytPteY38Ut75fjb7SVnS88BTln8RW/OC1GaXcb6JsIQwLQouZFMlu+XhtcNQWWub
eCmQlc6JiFJrlbIo12uRDsTDKLTNIxwiP+L7SX0jopvX+xbcLDcORrzP+URxDvt9
6BmkYgsOu4x6IBlrImW/niFStJaKy4cN0hOEGN/yENWD3tex5XFOBsdxrb+QOOOl
NUIynoCzoa90uiElmUoagpqrrnxdZDCBqdfqhfrdAHlZn9rb
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:36 2025 by rpki-client