Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
File: dedc9540-e267-4454-a449-e65933af6f0f.roa (raw, json)
Hash identifier: kZDetNg01Tu7ZGR/ekpFEFVQepOwM2NnsqIVoJ6Weaw=
Subject key identifier: 1D:E8:05:DA:F4:BB:62:E4:C1:6C:A0:59:DA:34:CE:F0:F3:5F:AB:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 597115E622D1BE1AA27974875E9D024809A86185
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:71:15:e6:22:d1:be:1a:a2:79:74:87:5e:9d:02:48:09:a8:61:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=a31ba346e321c19812a5dbcdf97ee7d563e70be3a2d0c1594c9f349ffe6bf396, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:75:80:db:0f:f0:65:ba:c2:a4:40:56:5e:e6:
fd:21:2d:ff:75:00:eb:97:75:a6:08:db:65:31:e3:
c3:8c:50:d8:21:bb:ec:a2:31:31:99:df:dc:4b:f2:
dc:ef:9f:74:d8:54:1b:77:70:57:7c:38:16:a3:1e:
90:74:4a:2f:52:6f:cb:3c:12:6a:ed:a1:ce:15:ed:
a3:ec:0e:71:3f:f2:cb:f0:0c:99:fc:8d:9a:28:a8:
05:d4:43:82:a4:60:2e:6d:15:06:a7:e1:49:fb:cb:
4b:53:78:b8:dd:e1:62:9b:f4:30:15:e8:8a:26:0d:
6b:a0:e3:f2:d9:2b:b3:26:24:6b:da:13:4a:79:1b:
9c:33:56:21:a0:9e:86:c4:e3:51:2c:67:92:57:94:
95:84:ad:66:9a:74:4e:a1:74:45:6d:f5:87:31:66:
a6:79:97:5f:91:84:bd:07:c7:79:35:a3:80:8c:bb:
a7:41:88:4c:42:52:5d:f7:ce:86:27:db:92:97:28:
68:c2:12:00:68:e8:4b:d7:f9:b2:f2:15:84:1e:49:
d1:f2:19:c7:ee:e1:98:9c:66:4e:0e:ad:2a:e7:3f:
18:c1:54:3f:4f:53:a3:c2:71:dd:34:25:0f:87:f4:
73:fc:2c:28:a9:69:c5:f9:b5:89:e5:3b:78:45:9d:
1e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E8:05:DA:F4:BB:62:E4:C1:6C:A0:59:DA:34:CE:F0:F3:5F:AB:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:1000::/40
Signature Algorithm: sha256WithRSAEncryption
32:87:dc:46:d3:3f:fd:1e:51:d0:d3:d7:6c:f4:c2:34:40:9f:
df:fe:95:e6:98:99:1b:d3:93:3f:ae:23:99:f1:31:2d:87:6d:
69:55:1b:f6:29:df:dc:7e:15:cc:84:b2:cd:d2:a9:7f:e3:cd:
00:77:92:04:65:46:a3:6c:8b:19:c5:28:ae:16:ae:ea:35:23:
58:3e:92:e3:d1:ce:53:96:26:23:6b:a0:92:f9:dd:48:58:9c:
94:a7:9e:8d:67:67:2a:90:51:c1:72:a2:31:91:91:90:70:7f:
a5:47:b8:b3:90:35:36:de:9f:71:07:c3:43:94:98:05:b4:a8:
cd:ae:94:eb:10:a0:76:23:2d:0f:2c:cd:9c:1d:d9:fb:82:66:
d0:be:0e:4c:01:d2:5e:cb:fd:25:54:b4:7c:89:d2:d2:4f:83:
fd:2c:bd:3a:5c:81:c9:9b:90:b4:7f:83:1d:1f:84:e1:c0:bf:
f8:7a:c9:66:5e:f5:65:d3:61:cb:2c:8b:aa:31:75:f3:0f:f4:
32:5a:c3:9d:1a:46:42:0a:af:45:8d:16:0f:43:e6:68:e2:39:
27:c7:e8:df:54:53:a5:dc:bd:11:50:4a:c7:97:b3:e8:12:e6:
d7:a8:ab:ab:97:da:6d:27:dc:1d:3f:a5:64:9a:11:2a:ac:69:
f6:8d:88:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWXEV5iLRvhqieXSHXp0CSAmoYYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMWJhMzQ2ZTMyMWMxOTgxMmE1ZGJjZGY5N2VlN2Q1NjNlNzBiZTNhMmQw
YzE1OTRjOWYzNDlmZmU2YmYzOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN51gNsP8GW6wqRAVl7m/SEt/3UA65d1pgjbZTHjw4xQ2CG77KIxMZnf3Evy
3O+fdNhUG3dwV3w4FqMekHRKL1JvyzwSau2hzhXto+wOcT/yy/AMmfyNmiioBdRD
gqRgLm0VBqfhSfvLS1N4uN3hYpv0MBXoiiYNa6Dj8tkrsyYka9oTSnkbnDNWIaCe
hsTjUSxnkleUlYStZpp0TqF0RW31hzFmpnmXX5GEvQfHeTWjgIy7p0GITEJSXffO
hifbkpcoaMISAGjoS9f5svIVhB5J0fIZx+7hmJxmTg6tKuc/GMFUP09To8Jx3TQl
D4f0c/wsKKlpxfm1ieU7eEWdHlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQd6AXa
9Lti5MFsoFnaNM7w81+rHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVkYzk1NDAtZTI2Ny00NDU0LWE0NDktZTY1OTMzYWY2ZjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAyh9xG0z/9HlHQ09ds9MI0QJ/f/pXmmJkb05M/
riOZ8TEth21pVRv2Kd/cfhXMhLLN0ql/480Ad5IEZUajbIsZxSiuFq7qNSNYPpLj
0c5TliYja6CS+d1IWJyUp56NZ2cqkFHBcqIxkZGQcH+lR7izkDU23p9xB8NDlJgF
tKjNrpTrEKB2Iy0PLM2cHdn7gmbQvg5MAdJey/0lVLR8idLST4P9LL06XIHJm5C0
f4MdH4ThwL/4eslmXvVl02HLLIuqMXXzD/QyWsOdGkZCCq9FjRYPQ+Zo4jknx+jf
VFOl3L0RUErHl7PoEubXqKurl9ptJ9wdP6VkmhEqrGn2jYhT
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:09 2025 by rpki-client