Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: 5Jy2NtGANlDjIQRmL99MP79GZUTSwCUHURiujiznS0E=
Subject key identifier: 35:2B:46:88:EF:36:FC:0E:0F:16:C9:4B:8E:F7:03:9F:6E:17:D2:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08902895BA92170E5D77AC9FE1B4B6543A01A334
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:90:28:95:ba:92:17:0e:5d:77:ac:9f:e1:b4:b6:54:3a:01:a3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=9f17cdf2ef78fb84a4ffa1338adba210baafac0e35c48419386bc1957e318950, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:54:a9:12:cf:1d:53:e2:c3:e7:bf:0e:dc:b9:
32:b1:93:f2:75:cd:3f:40:29:6b:c2:f0:6b:9f:b9:
fc:f3:e7:44:f2:95:21:a6:06:e2:ac:44:09:ce:f4:
ee:32:fe:05:61:32:a8:85:78:1e:0b:b4:ac:c3:19:
d5:24:d7:55:7b:11:2a:1c:8e:5e:9f:5f:b0:54:c0:
d4:f6:c7:73:05:df:67:e7:56:76:b2:d2:11:4b:03:
5a:5c:85:af:b6:f1:58:9b:38:19:cd:b9:f0:3c:ee:
91:19:84:91:56:d9:28:0b:c0:8d:7d:67:66:c9:3f:
5f:d8:e0:ba:cc:f1:1a:86:47:22:28:45:ce:53:ae:
0e:db:1e:bc:fc:42:06:46:b6:0c:01:a4:f7:ae:9a:
ed:78:3e:94:e4:fa:ff:99:72:88:8a:a0:9f:53:e3:
4a:78:96:88:fb:c5:c7:95:45:34:dc:46:60:5f:40:
34:0b:25:2f:6c:0c:a0:0b:ea:57:6e:f4:4b:6a:c4:
9a:95:f6:ee:bb:03:e4:b8:d8:a6:fa:de:d5:9d:73:
7f:1d:86:7a:d8:31:15:27:78:f6:07:72:05:c2:bd:
1b:70:9a:0e:21:78:a6:3b:48:20:16:e9:41:63:b6:
a3:dd:33:d2:b1:c8:51:48:37:0c:41:7f:56:73:97:
66:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2B:46:88:EF:36:FC:0E:0F:16:C9:4B:8E:F7:03:9F:6E:17:D2:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:f2:5d:0c:3f:e0:2b:f6:0b:48:9a:21:3e:95:ae:04:c9:0a:
e3:02:4c:19:8f:6f:9b:91:f2:1a:1c:43:db:bb:5e:e7:93:48:
59:38:37:91:b5:46:6c:41:65:c8:0f:17:2e:93:f4:8e:25:02:
cb:52:fa:97:52:85:3d:e0:bd:f7:8f:9d:6a:55:8e:f1:62:2c:
56:21:57:a4:ed:f8:3f:aa:dd:86:1d:29:d4:a6:2b:fe:61:7c:
55:86:23:2e:86:5d:68:d1:26:33:eb:41:b7:a0:53:28:90:80:
59:a7:43:b7:a3:82:c1:7b:a1:a6:98:8e:61:14:e9:ad:5f:0b:
be:fd:64:14:4a:c3:f9:06:4a:40:51:09:58:41:ee:b4:63:63:
62:0b:1a:ee:03:97:4d:e9:bf:24:35:27:cd:a7:fc:4b:9e:cd:
39:8b:90:4a:c6:92:7f:ef:97:e5:fb:d5:03:dd:80:9b:99:e5:
17:f9:0e:85:65:0c:2d:bc:26:b8:70:7b:af:56:5b:4b:fe:f8:
02:b6:ba:f1:b6:49:f6:26:47:86:30:e8:5c:20:9d:56:f6:fc:
17:eb:9e:9f:92:ab:b2:b0:0a:9b:4a:84:2a:01:50:6d:67:68:
66:73:ad:12:84:fa:7f:94:af:58:f0:e1:f9:76:0c:88:2b:e6:
4c:d7:18:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCJAolbqSFw5dd6yf4bS2VDoBozQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMTdjZGYyZWY3OGZiODRhNGZmYTEzMzhhZGJhMjEwYmFhZmFjMGUzNWM0
ODQxOTM4NmJjMTk1N2UzMTg5NTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBUqRLPHVPiw+e/Dty5MrGT8nXNP0Apa8Lwa5+5/PPnRPKVIaYG4qxECc70
7jL+BWEyqIV4Hgu0rMMZ1STXVXsRKhyOXp9fsFTA1PbHcwXfZ+dWdrLSEUsDWlyF
r7bxWJs4Gc258DzukRmEkVbZKAvAjX1nZsk/X9jguszxGoZHIihFzlOuDtsevPxC
Bka2DAGk966a7Xg+lOT6/5lyiIqgn1PjSniWiPvFx5VFNNxGYF9ANAslL2wMoAvq
V270S2rEmpX27rsD5LjYpvre1Z1zfx2GetgxFSd49gdyBcK9G3CaDiF4pjtIIBbp
QWO2o90z0rHIUUg3DEF/VnOXZp0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1K0aI
7zb8Dg8WyUuO9wOfbhfSsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCn8l0MP+Ar9gtImiE+la4EyQrjAkwZj2+bkfIa
HEPbu17nk0hZODeRtUZsQWXIDxcuk/SOJQLLUvqXUoU94L33j51qVY7xYixWIVek
7fg/qt2GHSnUpiv+YXxVhiMuhl1o0SYz60G3oFMokIBZp0O3o4LBe6GmmI5hFOmt
Xwu+/WQUSsP5BkpAUQlYQe60Y2NiCxruA5dN6b8kNSfNp/xLns05i5BKxpJ/75fl
+9UD3YCbmeUX+Q6FZQwtvCa4cHuvVltL/vgCtrrxtkn2JkeGMOhcIJ1W9vwX656f
kquysAqbSoQqAVBtZ2hmc60ShPp/lK9Y8OH5dgyIK+ZM1xgg
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:51 2025 by rpki-client