Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
File: e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa (raw, json)
Hash identifier: zIOXkttwKe5YUd5RCbRcOFN7RnNOxKRgf+WF9beNpxg=
Subject key identifier: 7E:C3:17:AB:96:3E:0A:DC:B3:35:39:2C:54:5B:82:2E:40:C5:EE:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12714C49B0F4F28859C1858144BE6AB939A1721F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:71:4c:49:b0:f4:f2:88:59:c1:85:81:44:be:6a:b9:39:a1:72:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f068e35429e0ed953da929229289a70bf81f0b896fbd7f4035ce1355ffc67d5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:77:38:8a:21:ad:61:e2:c6:56:23:6c:8b:f3:
73:98:05:47:5f:06:83:3a:9b:04:2a:8e:6a:41:9c:
6f:4b:0c:be:5f:3d:f8:67:98:ba:d3:51:bd:9c:db:
3d:4c:22:2d:c1:b4:56:d2:9a:9c:be:d1:18:0d:0b:
7a:a2:06:19:7a:5d:84:75:4c:a9:60:f3:05:6a:36:
37:1e:cf:ae:b8:f3:57:87:bd:fe:15:14:ca:f8:20:
cc:fc:1b:58:07:6e:4d:2c:b8:83:18:8e:6d:b4:85:
db:cb:b7:8e:96:85:4c:29:ea:3b:94:a4:41:98:12:
e6:2c:01:26:1c:61:5c:db:bf:8d:5f:b9:1e:bf:19:
d4:09:92:6b:94:9f:71:61:6c:32:70:a5:c4:bb:0c:
f3:37:aa:5a:e6:cc:fd:d1:f4:af:c7:51:01:f0:1b:
c3:c4:75:60:eb:3c:65:7f:6d:7f:ca:15:99:cc:f2:
34:55:c4:3b:26:8f:ef:f7:ea:22:12:14:15:fb:bd:
00:35:75:e7:36:b0:b5:13:6d:ec:12:1d:5e:6a:6b:
b1:aa:e6:0d:48:29:18:ee:11:e2:c6:8a:0f:a6:b9:
ea:19:e5:65:c7:3c:20:f1:40:4b:d0:2f:9c:28:3e:
21:ee:45:aa:9c:fc:d9:50:a0:00:14:da:16:06:4d:
da:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C3:17:AB:96:3E:0A:DC:B3:35:39:2C:54:5B:82:2E:40:C5:EE:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c040::/48
Signature Algorithm: sha256WithRSAEncryption
c2:bc:6c:9d:78:5c:14:18:19:d4:20:28:d1:42:91:dc:6a:48:
6c:4b:86:9e:3d:8d:6d:be:2f:98:cc:cf:bf:84:be:58:1f:da:
86:fa:4c:05:a0:56:70:a4:99:5d:38:ff:08:d7:50:1f:ea:b7:
03:51:fa:3d:49:49:24:8e:cb:ff:5d:29:3c:b8:fa:69:e5:19:
67:39:66:c0:28:71:42:b1:9e:41:4d:15:a6:5c:40:bc:8a:45:
a7:82:ac:c2:b0:ab:5a:5f:16:c7:ac:17:bf:09:2f:0e:bf:2a:
e6:f9:3d:b5:f9:17:0e:81:fe:7b:30:4a:d4:5c:82:d8:8b:91:
01:20:6c:0a:e3:5a:a7:2e:b5:e8:91:cc:24:a4:eb:15:6a:5d:
a5:e8:3a:ce:47:d3:bb:bf:68:97:63:62:9d:43:87:ba:b0:2e:
b7:4c:52:6d:4e:8e:fb:bc:df:af:7d:d0:75:28:78:e4:64:1c:
08:1f:d2:4d:02:c7:d4:50:8d:a3:95:c8:89:0c:5f:fd:2d:53:
7b:68:17:cd:3e:69:bf:be:ae:6d:36:25:2e:2a:be:75:4d:3e:
0f:35:c3:fb:30:23:5c:c7:b7:48:a2:69:66:4b:eb:3b:4b:94:
b5:f5:c9:49:05:34:af:61:52:69:e6:bf:d0:74:5b:2d:b4:29:
a7:c7:4f:25
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEnFMSbD08ohZwYWBRL5quTmhch8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNjhlMzU0MjllMGVkOTUzZGE5MjkyMjkyODlhNzBiZjgxZjBiODk2ZmJk
N2Y0MDM1Y2UxMzU1ZmZjNjdkNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKF3OIohrWHixlYjbIvzc5gFR18GgzqbBCqOakGcb0sMvl89+GeYutNRvZzb
PUwiLcG0VtKanL7RGA0LeqIGGXpdhHVMqWDzBWo2Nx7PrrjzV4e9/hUUyvggzPwb
WAduTSy4gxiObbSF28u3jpaFTCnqO5SkQZgS5iwBJhxhXNu/jV+5Hr8Z1AmSa5Sf
cWFsMnClxLsM8zeqWubM/dH0r8dRAfAbw8R1YOs8ZX9tf8oVmczyNFXEOyaP7/fq
IhIUFfu9ADV15zawtRNt7BIdXmprsarmDUgpGO4R4saKD6a56hnlZcc8IPFAS9Av
nCg+Ie5Fqpz82VCgABTaFgZN2gUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR+wxer
lj4K3LM1OSxUW4IuQMXubzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzMWNhYTktY2E0ZS00MjhhLWFhM2MtM2FmMzZlZmFmYzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
QDANBgkqhkiG9w0BAQsFAAOCAQEAwrxsnXhcFBgZ1CAo0UKR3GpIbEuGnj2Nbb4v
mMzPv4S+WB/ahvpMBaBWcKSZXTj/CNdQH+q3A1H6PUlJJI7L/10pPLj6aeUZZzlm
wChxQrGeQU0VplxAvIpFp4KswrCrWl8Wx6wXvwkvDr8q5vk9tfkXDoH+ezBK1FyC
2IuRASBsCuNapy616JHMJKTrFWpdpeg6zkfTu79ol2NinUOHurAut0xSbU6O+7zf
r33QdSh45GQcCB/STQLH1FCNo5XIiQxf/S1Te2gXzT5pv76ubTYlLiq+dU0+DzXD
+zAjXMe3SKJpZkvrO0uUtfXJSQU0r2FSaea/0HRbLbQpp8dPJQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:41 2025 by rpki-client