Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed090164-248d-4744-ac85-e5cadbc41a70.roa
File: ed090164-248d-4744-ac85-e5cadbc41a70.roa (raw, json)
Hash identifier: vqNQxcS4ZUwDC5u7H5zWmYBXVi2lutr3GUD2ZXxE1MU=
Subject key identifier: D8:A3:35:46:07:5E:9A:B5:3F:85:A3:CF:3E:A8:0F:44:B1:BC:18:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74A8F6DA8280525316CBAD7AA275146DD6697E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed090164-248d-4744-ac85-e5cadbc41a70.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:a8:f6:da:82:80:52:53:16:cb:ad:7a:a2:75:14:6d:d6:69:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=d870c5cab74273f431063bbc63d046c7f9a99c76cdc38d551d44bf6e3f9d6165, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:76:4b:a6:f5:23:92:9b:3a:4f:f5:35:f4:cd:
c8:2c:68:2d:00:1e:24:40:31:06:ca:6f:a4:e2:c4:
67:86:f3:32:b7:64:fd:07:05:1d:62:7b:85:b9:68:
0f:d4:af:5a:69:39:0c:cf:46:8d:ad:b3:53:db:ce:
61:7b:bf:98:2b:55:fc:19:e9:5b:9e:67:23:82:b9:
10:aa:b9:96:ef:da:ec:b1:ef:48:4c:b2:db:5e:c7:
58:ab:1c:f0:75:ef:a5:f3:9f:51:4c:86:1c:18:de:
77:ef:21:3c:e0:59:f2:59:0b:16:09:ed:e0:b9:3b:
5a:f8:3d:d4:83:6c:1b:ec:1e:af:3a:36:2c:bb:76:
ea:35:e6:1f:e0:57:3f:ec:90:d5:18:70:c9:ff:fb:
10:b7:1b:e1:48:c4:d9:55:03:0e:fc:12:56:c8:e7:
83:cd:51:17:ca:7c:9c:d5:87:2d:0b:a8:e3:10:36:
a8:60:c2:80:a5:c8:a3:39:72:ce:e1:f3:7a:fd:1a:
59:05:61:ed:e0:ab:5a:37:c9:5e:cb:34:63:02:b3:
19:03:66:e0:3c:b0:45:ac:b0:4c:21:79:41:bc:77:
b2:01:36:a1:be:55:7d:ef:d0:f1:03:9d:0f:66:bd:
07:b4:a7:66:de:f9:f5:60:70:a8:8d:49:98:d4:fb:
ef:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A3:35:46:07:5E:9A:B5:3F:85:A3:CF:3E:A8:0F:44:B1:BC:18:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed090164-248d-4744-ac85-e5cadbc41a70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e000::/40
Signature Algorithm: sha256WithRSAEncryption
47:c8:2b:8e:7c:6a:52:39:04:ff:69:6c:d2:4a:df:80:54:8b:
cb:ec:dc:ff:b9:c1:0d:f6:03:13:f5:e4:28:36:a3:52:84:71:
9c:94:b6:6c:82:14:77:4b:f5:1e:47:b0:83:b6:a2:23:9d:84:
f4:4e:c3:63:7a:78:e7:b5:bf:7b:8b:12:4f:67:5b:bc:df:61:
d2:f3:ad:8c:2c:d5:fc:de:9d:89:69:d5:c9:20:f1:04:ff:a2:
ea:df:9c:05:f4:80:d3:78:43:36:af:6f:6d:20:c0:38:69:93:
ec:7c:d1:bf:d9:d0:4f:e4:e3:22:af:dd:00:4a:9d:30:e2:85:
82:d3:2e:2b:2c:6c:c9:92:34:97:1c:3b:55:c1:39:28:9a:cb:
57:ae:df:0f:9d:9f:7d:c9:92:0f:6b:c0:6d:bb:8e:ba:27:36:
bf:1a:81:78:9b:e3:ca:b6:2b:9b:ff:b4:ec:30:00:cc:d8:29:
06:31:f9:39:b1:60:bd:e5:50:eb:19:87:22:89:26:05:e3:78:
b0:22:9e:b4:2a:af:ee:11:22:71:fb:1e:b5:f2:c0:9c:e8:9e:
33:4e:7f:d8:e3:85:2e:d9:6f:31:ed:ab:da:84:82:a7:27:24:
19:55:34:68:3a:f5:9d:0e:32:c4:0c:71:31:d8:53:3c:e0:06:
1b:9a:d2:f3
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITdKj22oKAUlMWy616onUUbdZpfjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDEwODAwMDAwMFoXDTI1MDIxMjIzNTk1OVowejFJMEcGA1UE
BRNAZDg3MGM1Y2FiNzQyNzNmNDMxMDYzYmJjNjNkMDQ2YzdmOWE5OWM3NmNkYzM4
ZDU1MWQ0NGJmNmUzZjlkNjE2NTEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunZLpvUjkps6T/U19M3ILGgtAB4kQDEGym+k4sRnhvMyt2T9BwUdYnuFuWgP
1K9aaTkMz0aNrbNT285he7+YK1X8GelbnmcjgrkQqrmW79rsse9ITLLbXsdYqxzw
de+l859RTIYcGN537yE84FnyWQsWCe3guTta+D3Ug2wb7B6vOjYsu3bqNeYf4Fc/
7JDVGHDJ//sQtxvhSMTZVQMO/BJWyOeDzVEXynyc1YctC6jjEDaoYMKApcijOXLO
4fN6/RpZBWHt4KtaN8leyzRjArMZA2bgPLBFrLBMIXlBvHeyATahvlV979DxA50P
Zr0HtKdm3vn1YHCojUmY1PvvtQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFNijNUYH
Xpq1P4Wjzz6oD0SxvBgfMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9l
ZDA5MDE2NC0yNDhkLTQ3NDQtYWM4NS1lNWNhZGJjNDFhNzAucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQd+Aw
DQYJKoZIhvcNAQELBQADggEBAEfIK458alI5BP9pbNJK34BUi8vs3P+5wQ32AxP1
5Cg2o1KEcZyUtmyCFHdL9R5HsIO2oiOdhPROw2N6eOe1v3uLEk9nW7zfYdLzrYws
1fzenYlp1ckg8QT/ourfnAX0gNN4Qzavb20gwDhpk+x80b/Z0E/k4yKv3QBKnTDi
hYLTLissbMmSNJccO1XBOSiay1eu3w+dn33Jkg9rwG27jronNr8agXib48q2K5v/
tOwwAMzYKQYx+TmxYL3lUOsZhyKJJgXjeLAinrQqr+4RInH7HrXywJzonjNOf9jj
hS7ZbzHtq9qEgqcnJBlVNGg69Z0OMsQMcTHYUzzgBhua0vM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:42 2025 by rpki-client