Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: NDwLaUqo1PVyq1PWcppu+bd0XBl5fgp/rNFmbYQmJHA=
Subject key identifier: B9:03:4F:2A:C4:24:C4:44:46:12:A5:27:6C:FD:C6:D0:8D:64:C1:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1144EE4726A53AA4289AD89A88586DFB5B43E488
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:44:ee:47:26:a5:3a:a4:28:9a:d8:9a:88:58:6d:fb:5b:43:e4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=8050e47317c1c771531953e693fe37a15a616343ffc434351e76a959fda5dca1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:91:fa:44:ba:57:0a:91:00:14:4a:e7:b0:52:
aa:30:45:a0:76:cf:a9:07:c8:ac:65:91:8d:65:bf:
9f:e2:37:89:1a:d9:ba:65:28:c4:bf:92:b7:e3:b3:
6f:0d:8e:bc:c8:72:19:55:83:95:12:6a:34:8e:e1:
35:89:f1:ba:0b:7f:22:05:72:0c:ff:76:7c:35:07:
3b:52:66:d3:1a:9a:8f:dd:d3:0c:07:a2:a5:3f:75:
7e:ef:e7:00:0d:d7:24:83:b7:ff:9a:c0:bd:20:b2:
9a:64:b4:f5:f6:00:e2:cd:9c:45:64:2b:60:77:64:
c6:73:61:2c:9f:2b:ba:4c:88:be:07:53:09:60:de:
42:f4:c4:12:ee:ec:fe:16:76:83:17:52:ef:9e:47:
1b:f5:dc:4d:df:73:e0:a7:1c:de:27:b5:67:c6:8d:
b8:d8:8c:35:55:fe:39:6c:3f:86:3d:d4:34:a4:0a:
5c:88:b4:cf:8f:58:5a:3a:ab:24:4b:f2:7f:52:45:
bf:e7:bf:fa:90:5f:aa:d1:84:f4:41:77:c6:ae:53:
b9:f8:48:5f:e0:c3:22:a7:cf:71:83:00:c2:e8:47:
98:85:0e:30:7a:32:e4:b5:d9:2d:77:01:83:1b:83:
13:da:f7:a4:e9:54:3c:9e:54:8c:3d:30:04:7f:d9:
9d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:03:4F:2A:C4:24:C4:44:46:12:A5:27:6C:FD:C6:D0:8D:64:C1:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:97:90:bd:2b:b3:20:1b:be:8c:e0:31:7c:e2:eb:bb:45:7f:
bd:d1:f3:f8:bc:a9:c5:1f:b9:c3:ef:46:7d:72:a8:cd:3e:a4:
78:e2:8f:f5:c5:bf:86:d5:b7:13:2d:5d:b3:53:74:a8:b0:f8:
a5:22:ac:3c:78:dc:df:5e:83:0e:42:d7:f6:a7:bf:22:61:40:
f1:05:6c:b7:6b:eb:70:5e:cb:04:89:9d:cb:cf:92:7c:0d:42:
fb:cd:70:a6:8d:b2:f8:95:40:7e:3a:47:c1:9b:83:8e:28:75:
c5:fc:b5:e7:f4:07:be:bf:b3:7a:79:14:df:06:9a:6e:2c:b2:
4d:1a:39:2d:9a:71:af:9b:0e:5f:6c:61:ad:e1:21:70:12:42:
38:aa:03:22:11:88:45:a9:ac:05:77:c9:fe:e0:d2:61:0e:eb:
5f:de:f2:8c:04:0a:0c:67:1f:b4:dc:ec:47:45:e3:e0:8c:46:
56:63:e5:dd:eb:1d:05:da:93:fc:0a:e9:15:66:bb:bf:51:a2:
f5:c4:c4:87:ce:be:81:7c:b8:1d:4a:98:b0:3c:97:a7:69:11:
fa:fc:c2:47:de:1b:8e:fb:27:d1:7b:ac:07:82:90:d5:48:ed:
f5:5c:67:f7:16:da:0e:37:dc:3a:e3:02:88:99:e1:e5:60:ed:
ab:25:d0:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEUTuRyalOqQomtiaiFht+1tD5IgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNTBlNDczMTdjMWM3NzE1MzE5NTNlNjkzZmUzN2ExNWE2MTYzNDNmZmM0
MzQzNTFlNzZhOTU5ZmRhNWRjYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOR+kS6VwqRABRK57BSqjBFoHbPqQfIrGWRjWW/n+I3iRrZumUoxL+St+Oz
bw2OvMhyGVWDlRJqNI7hNYnxugt/IgVyDP92fDUHO1Jm0xqaj93TDAeipT91fu/n
AA3XJIO3/5rAvSCymmS09fYA4s2cRWQrYHdkxnNhLJ8rukyIvgdTCWDeQvTEEu7s
/hZ2gxdS755HG/XcTd9z4Kcc3ie1Z8aNuNiMNVX+OWw/hj3UNKQKXIi0z49YWjqr
JEvyf1JFv+e/+pBfqtGE9EF3xq5TufhIX+DDIqfPcYMAwuhHmIUOMHoy5LXZLXcB
gxuDE9r3pOlUPJ5UjD0wBH/ZnTECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5A08q
xCTEREYSpSds/cbQjWTBOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBbl5C9K7MgG76M4DF84uu7RX+90fP4vKnFH7nD
70Z9cqjNPqR44o/1xb+G1bcTLV2zU3SosPilIqw8eNzfXoMOQtf2p78iYUDxBWy3
a+twXssEiZ3Lz5J8DUL7zXCmjbL4lUB+OkfBm4OOKHXF/LXn9Ae+v7N6eRTfBppu
LLJNGjktmnGvmw5fbGGt4SFwEkI4qgMiEYhFqawFd8n+4NJhDutf3vKMBAoMZx+0
3OxHRePgjEZWY+Xd6x0F2pP8CukVZru/UaL1xMSHzr6BfLgdSpiwPJenaRH6/MJH
3huO+yfRe6wHgpDVSO31XGf3FtoON9w64wKImeHlYO2rJdB/
-----END CERTIFICATE-----
Generated at Sat May 3 11:12:49 2025 by rpki-client