Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
File: f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa (raw, json)
Hash identifier: 8CzsIQ21EvGCvhpAEDqWicsPbwZ1K0JZ5l5+DemASQM=
Subject key identifier: 99:4F:46:75:F4:FD:91:61:3D:71:39:57:ED:4B:04:24:77:CD:49:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40A81A9D93CD518800D7724FAE15AFDD844D5017
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:a8:1a:9d:93:cd:51:88:00:d7:72:4f:ae:15:af:dd:84:4d:50:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f3da952c0c52bd60316b37da708dfe30c1c370710e23df506e2d0bf4b945ab81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c4:9d:fd:26:8e:25:94:d3:9f:0d:50:f5:19:
24:51:ad:6b:a9:e4:3b:29:89:13:cc:0f:fe:06:60:
a5:ea:30:c6:b6:df:01:c1:40:cb:4b:b1:ae:5a:63:
89:88:df:cc:1a:bd:6d:83:16:65:18:6a:6c:03:1a:
77:7e:1a:93:e3:4e:7c:7c:4c:70:82:03:77:5a:48:
3b:bd:a5:58:64:b6:10:b4:12:39:5c:2c:c2:f2:4f:
88:28:08:ae:f0:2f:6b:ec:4f:86:f9:70:21:29:55:
88:f4:7e:9f:0f:af:6c:dc:ca:f7:5b:9b:a1:46:45:
48:97:e9:f2:20:73:ec:9a:f4:37:e5:b3:e9:85:09:
e1:a3:6e:e3:b7:21:16:4b:67:f2:b4:04:26:3b:e3:
5d:89:42:a2:35:a7:2d:4c:c6:bb:b3:39:7c:f2:53:
81:de:f1:cb:a5:0a:85:36:b5:fc:88:2c:0f:1d:72:
60:b6:38:37:5f:15:b0:26:5c:c7:f1:0a:f6:6f:39:
5e:9d:a1:27:6f:25:24:7c:c3:d5:cc:28:a3:24:59:
e0:af:89:14:d9:72:f9:3f:b2:18:ba:48:a1:38:b9:
b3:34:fc:14:33:ed:24:05:a8:eb:84:fe:35:83:8f:
d8:5a:28:ee:52:ac:56:d2:3a:49:ef:7f:8b:14:0e:
f2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4F:46:75:F4:FD:91:61:3D:71:39:57:ED:4B:04:24:77:CD:49:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8080::/46
Signature Algorithm: sha256WithRSAEncryption
0b:70:c1:1b:2f:f7:df:a5:34:0b:a5:4a:dd:09:a7:b7:71:cd:
b2:8e:46:fb:21:fe:ee:7b:19:b2:50:c4:ef:a0:8a:3c:35:62:
c1:09:b8:cd:e7:fc:27:42:e1:55:3d:c8:23:8f:46:84:fb:1a:
3e:c9:fd:13:f3:ee:e6:76:fd:00:b8:82:c5:0c:5e:c4:60:77:
19:d6:1b:f5:25:01:38:5d:d6:6d:14:6c:81:91:28:39:de:e2:
2a:2d:07:ae:ac:31:95:e0:02:7e:71:f8:b7:c9:59:8d:13:fd:
13:51:1c:d0:4d:f1:c4:c3:bb:2e:db:a6:d5:99:56:9f:5b:07:
09:0b:66:8b:90:61:c0:a5:aa:f6:f6:35:a3:60:3b:3c:7c:30:
ab:79:ca:fb:e9:b1:35:bc:68:4d:e2:36:90:4e:ee:87:c5:d8:
26:b5:20:f7:4f:fe:80:50:22:25:c9:69:dd:d6:06:81:fe:14:
ae:c0:32:a5:00:8c:dd:c7:61:01:db:af:0d:5e:99:4b:b5:18:
ce:21:22:22:fb:9f:03:e4:2f:f5:0f:c5:9c:6c:f0:a9:8d:08:
91:4a:a3:a2:46:cc:55:7d:3a:6e:a3:b3:29:d3:c2:aa:ca:a5:
d4:a6:07:a5:5d:2e:14:58:69:56:84:a9:cf:3a:9d:fc:4c:cc:
dc:24:e1:1e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQKganZPNUYgA13JPrhWv3YRNUBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzZGE5NTJjMGM1MmJkNjAzMTZiMzdkYTcwOGRmZTMwYzFjMzcwNzEwZTIz
ZGY1MDZlMmQwYmY0Yjk0NWFiODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnEnf0mjiWU058NUPUZJFGta6nkOymJE8wP/gZgpeowxrbfAcFAy0uxrlpj
iYjfzBq9bYMWZRhqbAMad34ak+NOfHxMcIIDd1pIO72lWGS2ELQSOVwswvJPiCgI
rvAva+xPhvlwISlViPR+nw+vbNzK91uboUZFSJfp8iBz7Jr0N+Wz6YUJ4aNu47ch
Fktn8rQEJjvjXYlCojWnLUzGu7M5fPJTgd7xy6UKhTa1/IgsDx1yYLY4N18VsCZc
x/EK9m85Xp2hJ28lJHzD1cwooyRZ4K+JFNly+T+yGLpIoTi5szT8FDPtJAWo64T+
NYOP2Foo7lKsVtI6Se9/ixQO8q8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSZT0Z1
9P2RYT1xOVftSwQkd81JkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjcyZjhmZTItZWYxZi00Mjk3LTlkMTAtMDFlN2M2NTA2MzEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuA
gDANBgkqhkiG9w0BAQsFAAOCAQEAC3DBGy/336U0C6VK3Qmnt3HNso5G+yH+7nsZ
slDE76CKPDViwQm4zef8J0LhVT3II49GhPsaPsn9E/Pu5nb9ALiCxQxexGB3GdYb
9SUBOF3WbRRsgZEoOd7iKi0HrqwxleACfnH4t8lZjRP9E1Ec0E3xxMO7Ltum1ZlW
n1sHCQtmi5BhwKWq9vY1o2A7PHwwq3nK++mxNbxoTeI2kE7uh8XYJrUg90/+gFAi
Jclp3dYGgf4UrsAypQCM3cdhAduvDV6ZS7UYziEiIvufA+Qv9Q/FnGzwqY0IkUqj
okbMVX06bqOzKdPCqsql1KYHpV0uFFhpVoSpzzqd/EzM3CThHg==
-----END CERTIFICATE-----
Generated at Fri May 2 16:50:01 2025 by rpki-client