Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
File: f3be7af4-35f4-4df2-a374-b4daab598a9f.roa (raw, json)
Hash identifier: o5c0iIlj2metY0ofNgN7ngjfF0DLaRyS6kvnxG5JsbY=
Subject key identifier: E9:A2:6A:D4:67:AB:0E:34:C1:51:48:E7:5A:66:FB:5D:16:5E:F3:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0943F81CFD4879C6FFE318C7FEC8CF9EDD016315
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:43:f8:1c:fd:48:79:c6:ff:e3:18:c7:fe:c8:cf:9e:dd:01:63:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=2ceed04d9e665a8e411362f220d6f35b07194b783c3c0be7143be9a19100e0ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7c:c0:23:3b:a0:a5:92:b8:cc:be:67:a9:75:
b8:52:07:c6:bd:26:1e:c0:b5:b8:11:02:32:f4:11:
fd:c1:54:4f:f1:5f:18:d6:f5:c1:7d:8f:49:e5:69:
aa:54:17:ee:2c:28:da:45:70:25:f6:f7:19:e9:d8:
23:a5:19:7b:8a:02:9f:36:6b:46:47:f9:23:1c:6c:
a0:8c:46:6f:af:b5:bc:5e:55:6a:be:d6:13:12:3a:
67:dc:f2:c8:7f:d0:56:2e:95:bd:3b:1b:21:3a:ce:
b5:16:0b:a1:7c:de:f1:9d:8e:a4:12:94:c4:f3:aa:
66:88:75:bb:3b:eb:7b:a0:e5:4a:06:b2:43:06:ec:
8d:1c:40:7c:89:d7:0f:2c:39:31:17:92:6c:03:6c:
03:d8:08:51:b4:4f:31:4b:cf:67:e2:b2:f9:e1:8c:
83:46:7b:8c:23:09:2d:06:6f:de:46:61:98:87:91:
ad:5a:82:4d:77:87:82:76:bb:65:61:46:7f:20:ac:
c3:a2:ce:a3:0b:ec:9b:74:4b:e6:9f:c4:b1:1e:31:
53:b5:f0:2f:25:61:61:dd:5e:48:ca:90:1f:6c:af:
f6:41:91:f9:be:ca:25:17:83:91:a4:41:0f:fa:d8:
00:0c:5b:4f:28:45:be:c4:2b:e1:a9:6b:f8:38:95:
61:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A2:6A:D4:67:AB:0E:34:C1:51:48:E7:5A:66:FB:5D:16:5E:F3:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:53:cc:3f:ae:4e:c7:da:d5:d4:0e:40:a9:eb:c5:58:3b:46:
4c:71:49:85:8f:19:8a:5f:f3:03:b1:63:95:cb:da:27:bb:8a:
1e:c6:2c:90:30:8b:7f:88:af:bf:87:d5:6e:af:ff:6b:3e:4c:
0a:40:b6:c5:0f:7a:dd:0c:61:01:42:8e:0a:9f:8b:50:31:82:
ee:74:30:f6:1c:83:9d:2b:2b:5f:23:c9:1f:b1:08:4f:a0:13:
8a:39:12:2a:61:ff:94:26:c5:ed:54:27:33:5f:1a:5f:73:16:
13:10:d3:67:51:23:73:37:ab:d9:31:cb:87:dc:d3:22:33:5d:
fd:85:55:24:e6:45:35:9f:d3:ae:d2:96:43:3a:d5:27:0b:33:
dd:89:4e:41:bc:21:de:d1:01:3d:bb:3d:80:00:43:ea:c7:0c:
af:a0:55:61:bf:fc:2c:c3:52:ce:0f:09:9e:2a:ac:9c:4b:7b:
be:a4:86:ba:06:6e:bc:26:ed:61:e0:ae:6c:a9:56:53:3e:10:
1c:64:06:cd:c0:18:6e:01:bd:99:e4:e0:0d:15:fc:fc:71:83:
be:b4:0a:42:ef:7c:ee:60:b1:83:7f:6d:29:60:0d:35:0e:46:
b5:e6:4c:0b:2d:af:d4:a1:c6:87:68:d3:55:54:1e:2c:af:ef:
46:e8:54:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCUP4HP1Iecb/4xjH/sjPnt0BYxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZWVkMDRkOWU2NjVhOGU0MTEzNjJmMjIwZDZmMzViMDcxOTRiNzgzYzNj
MGJlNzE0M2JlOWExOTEwMGUwY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMl8wCM7oKWSuMy+Z6l1uFIHxr0mHsC1uBECMvQR/cFUT/FfGNb1wX2PSeVp
qlQX7iwo2kVwJfb3GenYI6UZe4oCnzZrRkf5IxxsoIxGb6+1vF5Var7WExI6Z9zy
yH/QVi6VvTsbITrOtRYLoXze8Z2OpBKUxPOqZoh1uzvre6DlSgayQwbsjRxAfInX
Dyw5MReSbANsA9gIUbRPMUvPZ+Ky+eGMg0Z7jCMJLQZv3kZhmIeRrVqCTXeHgna7
ZWFGfyCsw6LOowvsm3RL5p/EsR4xU7XwLyVhYd1eSMqQH2yv9kGR+b7KJReDkaRB
D/rYAAxbTyhFvsQr4alr+DiVYQsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpomrU
Z6sONMFRSOdaZvtdFl7z0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjNiZTdhZjQtMzVmNC00ZGYyLWEzNzQtYjRkYWFiNTk4YTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBOU8w/rk7H2tXUDkCp68VYO0ZMcUmFjxmKX/MD
sWOVy9onu4oexiyQMIt/iK+/h9Vur/9rPkwKQLbFD3rdDGEBQo4Kn4tQMYLudDD2
HIOdKytfI8kfsQhPoBOKORIqYf+UJsXtVCczXxpfcxYTENNnUSNzN6vZMcuH3NMi
M139hVUk5kU1n9Ou0pZDOtUnCzPdiU5BvCHe0QE9uz2AAEPqxwyvoFVhv/wsw1LO
DwmeKqycS3u+pIa6Bm68Ju1h4K5sqVZTPhAcZAbNwBhuAb2Z5OANFfz8cYO+tApC
73zuYLGDf20pYA01Dka15kwLLa/UocaHaNNVVB4sr+9G6FRR
-----END CERTIFICATE-----
Generated at Fri May 2 16:18:40 2025 by rpki-client