Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: Gcbn5IaopbW/yzis3WJAaOG5MnIyn/4ElY5D83NQ494=
Subject key identifier: 91:E7:84:41:FC:8A:D5:87:CD:FF:BB:8F:83:66:F8:FC:87:E1:06:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 125AB2B01924610D2DFD7ECAE7F56826671E7783
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:5a:b2:b0:19:24:61:0d:2d:fd:7e:ca:e7:f5:68:26:67:1e:77:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=bb04d75836d9a0e0a89d7ca0c7ae69554e99bd7257acc3b216708b5c45277c11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:61:5b:bf:e6:11:f5:59:b1:52:f3:d2:d2:6a:
56:fb:a6:79:f9:51:c8:20:61:0f:d4:b8:b7:61:83:
52:e8:fb:00:3c:1d:7f:46:16:34:e0:59:b9:20:0b:
ba:9a:a3:d4:60:fa:81:a1:a6:34:82:45:4b:67:65:
f9:1c:4c:28:4a:96:ec:77:64:8b:eb:24:fc:13:05:
d0:ad:5f:c3:47:4b:ef:a0:3c:a4:9a:25:58:89:8d:
fa:ea:f5:1a:af:42:c3:ab:9d:f0:c2:6c:34:18:c4:
fb:7c:f4:27:18:df:c1:5a:bf:67:00:fd:cb:1a:0d:
dc:5e:f6:5e:b1:67:a7:9b:27:91:59:74:22:61:15:
8d:d8:2f:fe:55:bd:27:f6:c2:9e:f9:66:5b:ee:c3:
71:41:ae:3e:6f:2b:1c:a9:bf:4c:59:43:52:53:77:
21:f6:ca:9f:6e:b3:cc:07:d1:58:d9:68:7c:30:43:
37:af:7a:c3:61:82:8e:a4:0e:6b:da:ba:a5:42:cc:
fe:0c:be:db:04:79:c9:af:3c:b8:8a:5c:0c:5e:46:
94:bb:89:a9:ef:25:d9:4a:34:a5:2e:ff:12:c0:86:
dc:c8:4e:49:4b:2b:b8:8c:24:41:c2:de:1e:08:44:
2b:f3:1f:b6:24:8f:b0:2d:25:78:58:f6:ce:d8:43:
64:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E7:84:41:FC:8A:D5:87:CD:FF:BB:8F:83:66:F8:FC:87:E1:06:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
bd:9c:ce:88:e0:10:c0:96:7c:70:69:e1:01:ab:d7:a0:d9:7b:
ac:be:f2:e8:51:3b:71:a5:d4:22:b1:58:9f:a8:dc:3c:f2:53:
6f:df:7d:2b:88:b7:ad:71:23:6d:f3:98:f0:f3:cc:8e:ba:ff:
47:0d:d7:58:30:37:b3:51:a0:73:0d:d1:8d:8c:24:6d:2a:91:
ea:7c:ff:8a:89:58:e6:a7:83:39:ce:6e:ee:ba:c5:bc:ad:4f:
eb:7c:bb:e3:ba:22:a5:a8:4e:f8:bb:ba:74:a7:bf:7b:a3:22:
80:3b:1f:76:26:91:e3:60:f2:8d:6f:2e:53:59:9d:2b:54:9e:
b5:5a:48:93:83:3a:2d:a4:d3:b3:0a:45:3b:dc:f8:e1:85:cf:
47:64:db:2a:fe:ac:ef:22:aa:7a:09:9d:35:01:3f:f5:4a:44:
51:e1:d8:cf:f2:0c:97:93:20:69:36:7f:d0:f7:83:70:5f:5b:
83:ed:42:56:90:c7:34:22:61:81:c9:03:b2:c6:e6:4d:09:ec:
57:5d:9d:b0:dd:94:b2:85:b1:2e:01:f3:09:60:3b:35:5e:8c:
32:33:99:25:e9:71:6b:1c:e3:bb:dd:e4:e3:83:f9:5f:a3:c0:
ea:5d:7e:f7:d9:60:86:16:64:fc:42:0b:20:5f:3f:ca:3a:77:
e1:4d:6b:75
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUElqysBkkYQ0t/X7K5/VoJmced4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiMDRkNzU4MzZkOWEwZTBhODlkN2NhMGM3YWU2OTU1NGU5OWJkNzI1N2Fj
YzNiMjE2NzA4YjVjNDUyNzdjMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1hW7/mEfVZsVLz0tJqVvumeflRyCBhD9S4t2GDUuj7ADwdf0YWNOBZuSAL
upqj1GD6gaGmNIJFS2dl+RxMKEqW7Hdki+sk/BMF0K1fw0dL76A8pJolWImN+ur1
Gq9Cw6ud8MJsNBjE+3z0JxjfwVq/ZwD9yxoN3F72XrFnp5snkVl0ImEVjdgv/lW9
J/bCnvlmW+7DcUGuPm8rHKm/TFlDUlN3IfbKn26zzAfRWNlofDBDN696w2GCjqQO
a9q6pULM/gy+2wR5ya88uIpcDF5GlLuJqe8l2Uo0pS7/EsCG3MhOSUsruIwkQcLe
HghEK/MftiSPsC0leFj2zthDZIkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSR54RB
/IrVh83/u4+DZvj8h+EG0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAvZzOiOAQwJZ8cGnhAavXoNl7rL7y6FE7caXU
IrFYn6jcPPJTb999K4i3rXEjbfOY8PPMjrr/Rw3XWDA3s1Ggcw3RjYwkbSqR6nz/
iolY5qeDOc5u7rrFvK1P63y747oipahO+Lu6dKe/e6MigDsfdiaR42DyjW8uU1md
K1SetVpIk4M6LaTTswpFO9z44YXPR2TbKv6s7yKqegmdNQE/9UpEUeHYz/IMl5Mg
aTZ/0PeDcF9bg+1CVpDHNCJhgckDssbmTQnsV12dsN2UsoWxLgHzCWA7NV6MMjOZ
Jelxaxzju93k44P5X6PA6l1+99lghhZk/EILIF8/yjp34U1rdQ==
-----END CERTIFICATE-----
Generated at Fri May 2 15:09:34 2025 by rpki-client