Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: 0YCagdTvBUArn6r8XhWiBKf/LTDK/ZXTcnvX/T/dc0I=
Subject key identifier: E8:43:13:50:49:B4:71:05:6F:0A:07:FC:84:E2:17:9B:02:24:A9:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AB2D5AE38FFCEC430D3005809A4F4E90C884A5D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b2:d5:ae:38:ff:ce:c4:30:d3:00:58:09:a4:f4:e9:0c:88:4a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=7d3f3b14181229ad1dd4dd4db074b4b42c3f1b6ca1259fca9b9985c1e83c8f7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5d:b7:7d:24:2b:8f:13:ac:de:84:a1:1b:17:
8b:0f:7a:47:6e:46:9f:08:80:e3:d0:93:87:9d:21:
d5:92:2f:fe:a0:f5:a8:1f:18:bc:fa:cf:20:c0:3a:
68:f0:1e:40:af:93:d1:16:d4:b3:71:10:76:b6:f6:
d0:6a:a0:2f:ee:59:70:2f:22:5c:b0:04:4f:a7:72:
3d:8f:60:60:b2:1d:61:01:1d:33:1d:5d:a3:f5:85:
0f:45:80:45:5a:8d:6f:48:ba:39:8b:0f:c0:8f:dc:
5c:bf:f3:ec:dd:ac:54:c7:50:ac:f5:ff:94:de:fe:
ca:ad:51:5c:d9:0a:aa:f2:e6:cc:c0:a5:e6:4c:3d:
80:ca:33:e6:5f:5a:59:45:e5:98:b1:23:66:07:da:
9f:47:3b:d5:77:f2:91:72:fa:16:0b:af:1f:a4:ae:
73:81:f8:fe:44:a5:41:8e:c4:30:ac:d4:68:0a:5f:
a7:33:1e:cb:d9:57:52:40:2b:05:bc:b2:fa:55:b8:
31:21:8c:91:b6:7f:aa:f8:9b:92:a2:71:e8:0d:5e:
26:01:5a:cc:c2:b1:b4:11:28:58:24:20:ae:89:fb:
61:0b:5a:16:1d:01:36:a7:55:b5:35:9f:56:fe:93:
a4:d2:2a:12:9b:c1:d0:57:22:d1:1c:22:db:73:e2:
9a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:43:13:50:49:B4:71:05:6F:0A:07:FC:84:E2:17:9B:02:24:A9:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
40:4d:58:f7:52:1a:51:bf:c2:71:12:97:a4:c8:35:9b:4c:1f:
9c:3a:62:dd:53:e4:c6:40:c0:38:91:1c:9c:67:3d:34:77:dc:
49:83:1e:c5:ec:46:fa:bf:f1:89:39:b3:53:c8:50:bd:4d:48:
99:02:a5:90:4a:43:f8:a0:32:3c:e7:f1:bc:10:3d:20:4f:06:
fd:3d:bc:50:b9:45:60:02:3d:e9:40:fc:d0:7a:4d:7b:92:48:
d7:70:5c:bd:80:d9:c5:37:db:c1:b4:d8:e2:92:4b:5a:67:79:
f0:16:c0:58:56:e7:1e:d9:43:51:81:51:2b:5f:7c:9d:52:08:
de:e1:bb:ff:f4:a8:b7:f1:00:0c:4b:a9:be:c5:d2:e5:35:dd:
48:3b:5e:90:2a:b2:ce:ff:93:50:e6:d0:50:91:61:42:2a:18:
20:24:7d:da:ba:1d:50:c7:be:e0:39:bd:ae:d6:21:16:89:4f:
55:3c:c2:5a:aa:bc:e1:01:39:63:b3:6b:17:2c:c2:4e:bb:ed:
44:8a:97:9f:e6:6b:68:5f:a7:d1:a2:32:85:ea:0e:91:6f:a5:
fe:fa:bd:48:fb:99:d8:5f:95:09:6c:fc:4c:ff:b8:60:a2:c2:
6a:ff:0f:72:fb:63:74:17:fc:e3:0d:53:a6:30:8e:8c:b9:8b:
29:7b:d9:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUarLVrjj/zsQw0wBYCaT06QyISl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkM2YzYjE0MTgxMjI5YWQxZGQ0ZGQ0ZGIwNzRiNGI0MmMzZjFiNmNhMTI1
OWZjYTliOTk4NWMxZTgzYzhmN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhdt30kK48TrN6EoRsXiw96R25GnwiA49CTh50h1ZIv/qD1qB8YvPrPIMA6
aPAeQK+T0RbUs3EQdrb20GqgL+5ZcC8iXLAET6dyPY9gYLIdYQEdMx1do/WFD0WA
RVqNb0i6OYsPwI/cXL/z7N2sVMdQrPX/lN7+yq1RXNkKqvLmzMCl5kw9gMoz5l9a
WUXlmLEjZgfan0c71XfykXL6FguvH6Suc4H4/kSlQY7EMKzUaApfpzMey9lXUkAr
Bbyy+lW4MSGMkbZ/qvibkqJx6A1eJgFazMKxtBEoWCQgron7YQtaFh0BNqdVtTWf
Vv6TpNIqEpvB0Fci0Rwi23Pimp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToQxNQ
SbRxBW8KB/yE4hebAiSp7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBATVj3UhpRv8JxEpekyDWbTB+cOmLdU+TGQMA4
kRycZz00d9xJgx7F7Eb6v/GJObNTyFC9TUiZAqWQSkP4oDI85/G8ED0gTwb9PbxQ
uUVgAj3pQPzQek17kkjXcFy9gNnFN9vBtNjikktaZ3nwFsBYVuce2UNRgVErX3yd
Ugje4bv/9Ki38QAMS6m+xdLlNd1IO16QKrLO/5NQ5tBQkWFCKhggJH3auh1Qx77g
Ob2u1iEWiU9VPMJaqrzhATljs2sXLMJOu+1Eipef5mtoX6fRojKF6g6Rb6X++r1I
+5nYX5UJbPxM/7hgosJq/w9y+2N0F/zjDVOmMI6MuYspe9nA
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:50 2025 by rpki-client