Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddcd2931-1cb6-49c5-af5a-01999a3cff3d.roa
File: ddcd2931-1cb6-49c5-af5a-01999a3cff3d.roa (raw, json)
Hash identifier: JjcYVy4L0doWbrAekLRSEe9HRGZLF46WT+qmWNb2CCU=
Subject key identifier: C5:7C:21:84:9D:57:06:80:BF:28:6D:C2:D9:F0:9B:EE:99:EE:8D:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 594CC0382CD993B5D675CAF6B5CFC2BA71D1D922
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddcd2931-1cb6-49c5-af5a-01999a3cff3d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:4c:c0:38:2c:d9:93:b5:d6:75:ca:f6:b5:cf:c2:ba:71:d1:d9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=fed492e378c33ad56f25ffa014f7eaa0cf529e073a7474ec47418bcf2dd6def4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:17:e1:78:f4:4c:aa:c8:f0:82:c4:18:a2:ef:
c5:db:54:ca:66:a3:eb:c5:ff:44:5a:5d:50:e8:0b:
28:16:39:9b:ad:b8:bd:c5:d3:bf:5f:3a:55:12:a1:
0f:4a:33:9e:8a:f4:7f:9a:02:cd:26:96:93:ad:ff:
96:d3:1d:69:a9:b7:39:52:4f:40:cc:8f:ef:84:11:
89:90:71:58:c6:0d:fe:0a:28:b8:9f:5d:63:ad:71:
62:06:0a:f5:93:77:2c:05:c2:2f:51:22:c2:02:c6:
92:4d:97:44:97:ca:c4:ab:05:84:2f:ee:48:ac:94:
96:0a:3b:81:bf:21:49:7c:c8:4a:d1:81:cf:e6:c7:
c7:39:d7:e6:2b:9b:d1:fb:0c:fd:33:13:e7:0e:a2:
b0:96:76:38:66:4d:d9:14:f9:16:36:52:80:91:b5:
f7:e0:7e:47:44:ac:6e:e9:0b:08:f5:95:9a:6d:70:
46:eb:17:72:16:4f:67:49:9d:34:9b:d1:b8:ba:58:
6c:87:29:b3:26:4d:44:0b:ab:fb:91:9b:d5:b1:f5:
ef:64:f0:61:28:16:86:af:79:60:be:f4:18:71:cc:
96:ad:80:6a:33:be:25:5b:17:76:89:c8:6c:e7:b2:
09:5d:69:f4:2f:e1:62:0a:48:56:7e:dc:aa:3f:36:
df:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7C:21:84:9D:57:06:80:BF:28:6D:C2:D9:F0:9B:EE:99:EE:8D:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddcd2931-1cb6-49c5-af5a-01999a3cff3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4080::/46
Signature Algorithm: sha256WithRSAEncryption
1d:11:96:46:4e:e0:1e:2e:5a:a3:d1:72:da:b7:bb:e3:e5:56:
e6:db:c3:91:89:3a:ed:eb:a0:4c:ae:43:af:f3:bf:6b:f6:67:
5a:8d:b4:94:48:b0:71:12:5e:29:60:1c:b2:4b:46:a5:8f:87:
86:41:25:d1:dd:4f:83:d8:75:fc:fc:73:85:3b:56:81:96:2f:
9b:c0:41:95:b6:a3:d0:1a:dd:7f:a9:ce:cb:74:a6:c1:7b:3a:
6f:44:48:cd:7b:a7:57:62:fe:53:77:4a:a9:4f:65:c9:57:28:
2f:78:4c:65:b8:3e:7e:76:d4:f4:c9:3f:42:51:01:88:7c:d9:
b7:9a:03:44:53:fa:80:e7:ec:9d:33:45:3e:56:9a:6c:9d:45:
00:80:6d:f3:e0:1c:e8:f3:1d:60:09:6f:07:0a:f1:02:6e:d9:
b1:6b:3f:68:98:85:db:76:79:26:26:03:96:d6:a5:95:e1:c8:
82:a7:6a:ad:1c:a9:31:4f:bd:46:51:c6:11:c2:af:e7:66:86:
9a:1d:fb:ad:7a:18:e2:d1:fe:d5:19:70:07:a9:7e:a0:8f:1e:
9e:71:1c:51:e0:27:43:54:28:66:50:e2:c1:43:73:10:07:41:
cc:27:77:02:6d:17:8f:de:8e:29:b0:3d:e4:59:d6:3a:8e:ee:
04:29:08:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWUzAOCzZk7XWdcr2tc/CunHR2SIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZDQ5MmUzNzhjMzNhZDU2ZjI1ZmZhMDE0ZjdlYWEwY2Y1MjllMDczYTc0
NzRlYzQ3NDE4YmNmMmRkNmRlZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAX4Xj0TKrI8ILEGKLvxdtUymaj68X/RFpdUOgLKBY5m624vcXTv186VRKh
D0oznor0f5oCzSaWk63/ltMdaam3OVJPQMyP74QRiZBxWMYN/goouJ9dY61xYgYK
9ZN3LAXCL1EiwgLGkk2XRJfKxKsFhC/uSKyUlgo7gb8hSXzIStGBz+bHxznX5iub
0fsM/TMT5w6isJZ2OGZN2RT5FjZSgJG19+B+R0SsbukLCPWVmm1wRusXchZPZ0md
NJvRuLpYbIcpsyZNRAur+5Gb1bH172TwYSgWhq95YL70GHHMlq2AajO+JVsXdonI
bOeyCV1p9C/hYgpIVn7cqj8230sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFfCGE
nVcGgL8obcLZ8Jvume6NuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRjZDI5MzEtMWNiNi00OWM1LWFmNWEtMDE5OTlhM2NmZjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtA
gDANBgkqhkiG9w0BAQsFAAOCAQEAHRGWRk7gHi5ao9Fy2re74+VW5tvDkYk67eug
TK5Dr/O/a/ZnWo20lEiwcRJeKWAcsktGpY+HhkEl0d1Pg9h1/PxzhTtWgZYvm8BB
lbaj0Brdf6nOy3SmwXs6b0RIzXunV2L+U3dKqU9lyVcoL3hMZbg+fnbU9Mk/QlEB
iHzZt5oDRFP6gOfsnTNFPlaabJ1FAIBt8+Ac6PMdYAlvBwrxAm7ZsWs/aJiF23Z5
JiYDltalleHIgqdqrRypMU+9RlHGEcKv52aGmh37rXoY4tH+1RlwB6l+oI8ennEc
UeAnQ1QoZlDiwUNzEAdBzCd3Am0Xj96OKbA95FnWOo7uBCkIcw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:48 2025 by rpki-client