Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
File: fbd3a3af-f307-4148-9e34-70199540a838.roa (raw, json)
Hash identifier: 4JRuBsXWoIJCdjMT3TO4nM06kZPIAsb0V9UEIowj+Vk=
Subject key identifier: DF:A1:B2:AD:FC:6A:4B:59:4B:A4:69:B5:C5:02:03:23:06:13:98:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FDF45BB20B8D69103E198E75ECAABE7650EEB1E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:df:45:bb:20:b8:d6:91:03:e1:98:e7:5e:ca:ab:e7:65:0e:eb:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0e1242b5f13178a3ca04d7413e179c16fc992368a3700f2d27d668109b108faf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:3b:df:eb:e8:3c:4e:89:46:c3:19:34:b8:
27:df:f3:49:0a:3f:c2:b7:d7:78:32:6e:05:33:d5:
8a:ef:ec:3f:56:b7:53:a7:0a:15:97:8d:6f:96:46:
fb:77:1a:2e:43:96:84:ac:9a:79:2b:1c:bf:3a:dc:
39:53:79:d1:49:d1:5d:20:b1:0c:d8:9e:76:f8:6b:
c0:b7:ce:5d:21:d7:f0:15:99:dd:65:d4:40:c3:57:
69:2a:d6:96:61:94:36:e0:9d:8f:3d:9d:ea:03:75:
1c:a3:cf:3c:71:64:d6:17:8e:1b:ad:cb:de:f4:c1:
cb:69:70:d8:1b:c5:03:c0:df:24:47:c1:2a:a2:6f:
55:e3:fb:08:eb:8b:b5:06:bf:81:ea:31:6b:57:1b:
c0:25:7d:f8:b1:ac:e2:bd:0d:a9:7d:33:04:cf:da:
74:f5:a9:df:d7:55:87:d7:f1:60:c0:fc:cc:19:d3:
c3:36:77:0c:06:96:66:e6:ad:90:79:a7:68:e2:e5:
b8:b9:3e:95:5a:cf:a4:95:df:43:be:aa:40:90:ce:
fa:ae:ee:aa:98:13:ec:71:77:fe:58:cc:08:72:32:
4e:83:28:c8:7a:f1:1e:91:33:56:5b:c9:df:c4:22:
09:1a:cc:d5:9f:55:0b:91:86:ee:4f:a8:5b:b1:df:
e7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A1:B2:AD:FC:6A:4B:59:4B:A4:69:B5:C5:02:03:23:06:13:98:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:81:6a:24:2e:79:a8:32:3a:c2:34:5e:24:89:92:49:24:7f:
b7:2e:90:49:03:40:d9:d9:bc:15:05:1b:16:9d:b1:95:cf:96:
f3:2b:2f:ea:7a:44:e9:b3:f2:42:9a:00:32:a4:b5:da:53:6b:
18:09:0c:04:2f:38:3e:1f:ba:22:cb:3c:b0:bd:d1:ed:1c:d4:
4d:50:e1:f0:f3:bb:b1:ef:c6:29:e1:56:26:40:e2:d3:07:55:
22:50:61:c0:24:64:43:82:9f:49:c3:49:15:88:06:2f:31:c8:
d9:a1:77:cc:81:02:04:9e:24:0c:aa:8e:a4:18:62:bf:8f:7a:
a4:3a:fa:0c:13:ad:b5:16:15:09:d7:f8:2e:dc:4f:44:5e:05:
0a:ff:eb:44:f6:09:20:dc:b8:9c:ce:1e:1f:64:cc:00:d8:46:
4e:0a:dd:4e:0f:e4:56:4d:f8:f9:b3:b8:b6:22:9e:01:df:a7:
04:11:6e:79:cd:98:17:62:c8:ef:59:47:1f:3d:9e:39:ca:c5:
6c:ee:78:61:00:9e:88:87:94:68:b4:89:77:c7:3d:83:4c:c5:
d6:5e:76:c9:68:f0:0c:c0:3f:05:64:ec:ac:77:92:5d:62:c2:
19:af:90:79:17:40:a3:e5:00:df:31:11:a2:59:26:d9:91:bf:
89:e4:57:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb99FuyC41pED4ZjnXsqr52UO6x4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMTI0MmI1ZjEzMTc4YTNjYTA0ZDc0MTNlMTc5YzE2ZmM5OTIzNjhhMzcw
MGYyZDI3ZDY2ODEwOWIxMDhmYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIhWO9/r6DxOiUbDGTS4J9/zSQo/wrfXeDJuBTPViu/sP1a3U6cKFZeNb5ZG
+3caLkOWhKyaeSscvzrcOVN50UnRXSCxDNiedvhrwLfOXSHX8BWZ3WXUQMNXaSrW
lmGUNuCdjz2d6gN1HKPPPHFk1heOG63L3vTBy2lw2BvFA8DfJEfBKqJvVeP7COuL
tQa/geoxa1cbwCV9+LGs4r0NqX0zBM/adPWp39dVh9fxYMD8zBnTwzZ3DAaWZuat
kHmnaOLluLk+lVrPpJXfQ76qQJDO+q7uqpgT7HF3/ljMCHIyToMoyHrxHpEzVlvJ
38QiCRrM1Z9VC5GG7k+oW7Hf5w8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfobKt
/GpLWUukabXFAgMjBhOYRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmJkM2EzYWYtZjMwNy00MTQ4LTllMzQtNzAxOTk1NDBhODM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Diw
MA0GCSqGSIb3DQEBCwUAA4IBAQBrgWokLnmoMjrCNF4kiZJJJH+3LpBJA0DZ2bwV
BRsWnbGVz5bzKy/qekTps/JCmgAypLXaU2sYCQwELzg+H7oiyzywvdHtHNRNUOHw
87ux78Yp4VYmQOLTB1UiUGHAJGRDgp9Jw0kViAYvMcjZoXfMgQIEniQMqo6kGGK/
j3qkOvoME621FhUJ1/gu3E9EXgUK/+tE9gkg3Liczh4fZMwA2EZOCt1OD+RWTfj5
s7i2Ip4B36cEEW55zZgXYsjvWUcfPZ45ysVs7nhhAJ6Ih5RotIl3xz2DTMXWXnbJ
aPAMwD8FZOysd5JdYsIZr5B5F0Cj5QDfMRGiWSbZkb+J5FdJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:28 2025 by rpki-client