Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
File: df59e31f-1e32-4e7a-a595-74adb3f93176.roa (raw, json)
Hash identifier: OCstFfkmpme4a7jIP4Vlh35zrmspg3laD0MQdMdSK/w=
Subject key identifier: 49:E0:9E:2E:92:48:92:AA:D6:CF:37:36:BE:29:B8:86:29:48:DE:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64520F0F70D282B1DEC374660776FA70803CC33F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:52:0f:0f:70:d2:82:b1:de:c3:74:66:07:76:fa:70:80:3c:c3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0902ce1ea6f1c67c235e3af81d92e0ae957071b3d01f1102a5910265e23396a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ba:4c:66:69:4c:07:ac:21:e3:67:ce:85:ac:
5b:24:09:d5:85:bf:81:2f:b6:4d:eb:1e:18:97:75:
5a:4c:c3:e8:b5:5e:3e:22:20:b4:6c:63:4c:59:0e:
57:0f:52:cc:43:f3:2d:96:b5:f4:32:2c:3f:5c:9b:
aa:8f:30:0d:2c:4e:cb:8a:24:eb:0b:95:af:96:8b:
7d:90:83:7d:9a:f4:ee:d9:b8:89:04:d5:21:f7:37:
b2:2e:f9:68:6a:66:4b:a6:02:ae:cc:2c:71:6c:0c:
b4:e4:69:ee:06:f1:2d:21:7d:90:31:35:60:f3:1b:
1c:ef:6b:ef:65:10:f6:5c:78:ed:bf:5f:66:1d:2c:
37:18:24:37:83:c0:bd:3e:5b:3b:c7:f5:37:33:a8:
73:26:c5:be:33:63:b8:00:90:c2:32:21:3e:49:8e:
2f:d6:ce:54:50:1c:b4:24:37:54:d7:16:b3:dd:6d:
2b:02:60:d1:98:4e:ca:ac:85:a3:cd:33:75:1a:68:
d7:5a:2c:11:40:24:09:8a:d2:34:61:77:7a:2b:ec:
01:4e:a5:24:a7:50:36:54:dc:84:85:6a:f6:dc:4b:
02:65:17:b9:58:e7:a0:e8:55:6b:38:79:d8:3a:e7:
8d:b3:fa:7f:58:5f:c1:a2:9a:d3:bd:b5:6e:e9:9b:
57:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E0:9E:2E:92:48:92:AA:D6:CF:37:36:BE:29:B8:86:29:48:DE:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:a4:9c:44:71:ac:b8:64:70:52:16:49:07:13:65:0a:c2:b6:
86:12:14:bd:8c:20:25:e7:d5:5b:dc:d7:57:42:47:1d:0e:83:
8e:cb:dd:08:11:9a:8d:82:01:f7:f1:0c:a7:17:66:84:d7:da:
2a:9c:c7:8a:88:4e:21:16:d0:d0:73:ba:e9:e2:34:39:f4:c8:
bd:a3:35:0e:e2:bf:8b:3a:2d:b3:71:ea:4c:6f:c5:48:ab:6a:
08:33:51:76:99:df:28:e5:81:48:45:2a:aa:0a:ed:54:7e:7f:
84:c5:3a:e0:8a:89:41:ea:dd:87:5e:08:f4:69:c7:84:8b:93:
8b:6a:d1:85:4f:ed:21:17:49:fb:ac:62:1c:17:6e:74:c2:56:
37:1a:9c:67:5f:39:64:72:e3:6f:e6:53:90:d6:d7:30:04:99:
5f:52:57:a7:53:41:c2:1c:b8:76:5f:50:f0:9a:07:a7:d9:c5:
63:dd:95:df:c1:bc:31:1c:bb:f0:aa:83:7f:5e:22:04:1e:1e:
68:0e:38:84:7a:a8:aa:cf:74:5c:1b:f6:64:07:35:7c:01:b0:
05:a0:c8:62:e0:3d:72:d5:5a:9a:54:16:93:16:09:e3:ed:6f:
08:d9:9d:c3:e5:7c:41:a0:75:0f:20:a2:fd:dc:bd:7f:da:67:
ea:0a:3e:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZFIPD3DSgrHew3RmB3b6cIA8wz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MDJjZTFlYTZmMWM2N2MyMzVlM2FmODFkOTJlMGFlOTU3MDcxYjNkMDFm
MTEwMmE1OTEwMjY1ZTIzMzk2YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMa6TGZpTAesIeNnzoWsWyQJ1YW/gS+2TeseGJd1WkzD6LVePiIgtGxjTFkO
Vw9SzEPzLZa19DIsP1ybqo8wDSxOy4ok6wuVr5aLfZCDfZr07tm4iQTVIfc3si75
aGpmS6YCrswscWwMtORp7gbxLSF9kDE1YPMbHO9r72UQ9lx47b9fZh0sNxgkN4PA
vT5bO8f1NzOocybFvjNjuACQwjIhPkmOL9bOVFActCQ3VNcWs91tKwJg0ZhOyqyF
o80zdRpo11osEUAkCYrSNGF3eivsAU6lJKdQNlTchIVq9txLAmUXuVjnoOhVazh5
2DrnjbP6f1hfwaKa0721bumbV3MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJ4J4u
kkiSqtbPNza+KbiGKUjepDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY1OWUzMWYtMWUzMi00ZTdhLWE1OTUtNzRhZGIzZjkzMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHg
MA0GCSqGSIb3DQEBCwUAA4IBAQDHpJxEcay4ZHBSFkkHE2UKwraGEhS9jCAl59Vb
3NdXQkcdDoOOy90IEZqNggH38QynF2aE19oqnMeKiE4hFtDQc7rp4jQ59Mi9ozUO
4r+LOi2zcepMb8VIq2oIM1F2md8o5YFIRSqqCu1Ufn+ExTrgiolB6t2HXgj0aceE
i5OLatGFT+0hF0n7rGIcF250wlY3GpxnXzlkcuNv5lOQ1tcwBJlfUlenU0HCHLh2
X1Dwmgen2cVj3ZXfwbwxHLvwqoN/XiIEHh5oDjiEeqiqz3RcG/ZkBzV8AbAFoMhi
4D1y1VqaVBaTFgnj7W8I2Z3D5XxBoHUPIKL93L1/2mfqCj6t
-----END CERTIFICATE-----
Generated at Fri May 2 14:42:59 2025 by rpki-client