Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f490cfa0-ccb9-443c-9e85-719668591c22.roa
File: f490cfa0-ccb9-443c-9e85-719668591c22.roa (raw, json)
Hash identifier: JNxXKc6qg0XpKbTegd3Ze7EQeh7vAFl7wP6rqb3EmN4=
Subject key identifier: A0:F3:E0:A4:CC:6B:59:BE:17:AE:3D:50:74:6A:F9:E7:E7:F2:98:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59A873ACEA424DC784886C78395FDD5EB6635FC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f490cfa0-ccb9-443c-9e85-719668591c22.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:a8:73:ac:ea:42:4d:c7:84:88:6c:78:39:5f:dd:5e:b6:63:5f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=e8189d93d516abfe18c5c1af2e1c40a6a932e27f315eb0770b4bf28b929e293d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:42:a8:bf:df:ba:8b:0b:8b:52:3a:07:01:
cb:e6:81:a8:10:74:6f:13:bc:63:18:ff:80:9e:e5:
60:07:02:46:f2:8f:9a:bd:77:a2:3c:79:3d:9f:77:
ce:ba:16:cd:50:d3:6e:f4:d5:8e:54:46:23:6f:46:
61:24:64:d0:dd:43:ca:04:4d:c3:68:15:e6:b8:90:
0f:74:8e:ff:6a:02:4b:3b:0d:9a:ec:7c:52:cd:78:
2b:ef:a9:1c:3d:7a:4c:f7:f3:1b:c6:9b:15:d9:9d:
e1:58:7c:7b:88:7a:c0:44:84:ad:fe:2c:74:3a:55:
ad:06:b8:99:bc:ce:93:a2:4e:70:ac:97:fc:cb:69:
a9:fb:7f:8e:ef:da:d1:6d:01:a5:fe:69:f2:dd:0d:
7a:01:dc:f6:3d:a5:f6:68:40:4c:cc:ce:22:d4:b3:
a2:90:a0:ea:f9:c7:b1:74:49:d3:a0:9e:49:61:60:
27:90:31:9d:01:0f:38:8f:e9:86:ff:ef:14:59:6e:
6c:67:de:d3:c4:a0:b5:1c:57:a1:46:49:74:d2:ad:
12:44:99:f0:56:fd:90:7d:a7:64:45:da:4a:81:bc:
91:82:43:6b:a2:7f:70:5a:6b:4a:11:5a:cd:0b:d9:
47:b4:e4:4e:29:3e:da:56:a9:7e:1e:9d:2d:a6:ca:
a7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F3:E0:A4:CC:6B:59:BE:17:AE:3D:50:74:6A:F9:E7:E7:F2:98:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f490cfa0-ccb9-443c-9e85-719668591c22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c040::/46
Signature Algorithm: sha256WithRSAEncryption
a0:eb:64:70:c2:59:2d:95:90:f4:b2:98:05:9c:60:9d:0e:6f:
d8:a4:40:07:66:8a:83:ae:d3:cf:2d:af:d0:54:c3:72:1f:01:
91:af:8e:bf:d1:c5:7e:54:1a:98:fe:da:d3:fd:63:e9:94:8b:
39:5c:53:67:c4:49:0d:53:45:d1:f7:42:16:92:7b:41:13:70:
11:7e:e0:ff:c1:4b:4a:4a:06:43:44:92:92:c3:a3:fc:b3:d9:
fe:05:e6:5c:cb:a3:2b:c6:f4:a0:51:fb:63:92:ca:80:57:a3:
31:a3:67:fa:c8:d2:4f:e3:24:aa:f7:fb:f8:a0:b3:67:f8:3a:
40:71:08:3a:29:93:e5:e3:f2:5c:fb:8e:79:76:5a:03:dd:77:
89:ec:1d:87:a4:6b:3e:41:59:96:50:c9:10:66:e0:5f:2a:6b:
a6:04:7b:fb:da:04:37:eb:64:d1:fa:5b:49:de:d1:6c:27:5e:
a2:7b:30:6c:ca:f1:fb:c5:78:9d:97:2a:bf:2c:c4:80:a2:80:
ad:8a:da:58:b9:50:f0:19:ff:72:bd:02:63:f9:db:df:1c:0e:
c9:b4:a1:d3:49:ca:75:65:90:fd:57:63:46:e3:e5:10:b4:4e:
f6:e9:72:75:ce:20:7a:8f:e5:31:db:bd:ad:0d:62:74:c9:55:
11:d0:2e:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWahzrOpCTceEiGx4OV/dXrZjX8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4MTg5ZDkzZDUxNmFiZmUxOGM1YzFhZjJlMWM0MGE2YTkzMmUyN2YzMTVl
YjA3NzBiNGJmMjhiOTI5ZTI5M2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXGQqi/37qLC4tSOgcBy+aBqBB0bxO8Yxj/gJ7lYAcCRvKPmr13ojx5PZ93
zroWzVDTbvTVjlRGI29GYSRk0N1DygRNw2gV5riQD3SO/2oCSzsNmux8Us14K++p
HD16TPfzG8abFdmd4Vh8e4h6wESErf4sdDpVrQa4mbzOk6JOcKyX/Mtpqft/ju/a
0W0Bpf5p8t0NegHc9j2l9mhATMzOItSzopCg6vnHsXRJ06CeSWFgJ5AxnQEPOI/p
hv/vFFlubGfe08SgtRxXoUZJdNKtEkSZ8Fb9kH2nZEXaSoG8kYJDa6J/cFprShFa
zQvZR7TkTik+2lapfh6dLabKpzUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSg8+Ck
zGtZvheuPVB0avnn5/KY+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjQ5MGNmYTAtY2NiOS00NDNjLTllODUtNzE5NjY4NTkxYzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXA
QDANBgkqhkiG9w0BAQsFAAOCAQEAoOtkcMJZLZWQ9LKYBZxgnQ5v2KRAB2aKg67T
zy2v0FTDch8Bka+Ov9HFflQamP7a0/1j6ZSLOVxTZ8RJDVNF0fdCFpJ7QRNwEX7g
/8FLSkoGQ0SSksOj/LPZ/gXmXMujK8b0oFH7Y5LKgFejMaNn+sjST+Mkqvf7+KCz
Z/g6QHEIOimT5ePyXPuOeXZaA913iewdh6RrPkFZllDJEGbgXyprpgR7+9oEN+tk
0fpbSd7RbCdeonswbMrx+8V4nZcqvyzEgKKArYraWLlQ8Bn/cr0CY/nb3xwOybSh
00nKdWWQ/VdjRuPlELRO9ulydc4geo/lMdu9rQ1idMlVEdAuBA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:22:59 2025 by rpki-client