Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd410136-409f-4c89-bc70-90b55daa78bb.roa
File: fd410136-409f-4c89-bc70-90b55daa78bb.roa (raw, json)
Hash identifier: uuaCdY5+FCiyRSKiSC7iBnOwtVtBpMiN+uNmrjECjnA=
Subject key identifier: D2:80:C3:DB:02:52:92:66:B4:50:CB:C7:C5:54:36:82:1D:AC:5A:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1558BB83A0A19181CF1AC469A963C3DA5B3C734B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd410136-409f-4c89-bc70-90b55daa78bb.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:80c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:58:bb:83:a0:a1:91:81:cf:1a:c4:69:a9:63:c3:da:5b:3c:73:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=cfbb511857deb0d639789af3fdffa91d7d00a61f78f5355ca449c6de731bfeff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:50:2d:7d:03:bc:7a:26:65:2f:88:fe:49:
b6:1a:86:18:0a:8e:3d:81:e2:d5:24:c6:7f:79:c5:
5c:af:ff:7a:03:8b:dd:32:29:fc:19:58:aa:73:66:
ca:bb:55:1e:9c:fd:e1:1d:c1:d6:10:c0:bf:d3:2b:
db:67:dc:fa:15:69:71:f3:ab:6a:8f:9c:1b:cf:b0:
60:8d:43:97:6d:8d:46:16:e8:39:3d:b7:4a:e3:38:
e8:c9:1d:4b:a2:8e:d7:b2:85:78:9a:8d:12:c0:43:
22:8f:c4:89:f2:ca:82:a4:7c:59:0c:d8:af:89:1b:
17:62:9b:38:60:b4:a8:cd:3d:79:f4:99:63:e6:6f:
4a:1c:b7:95:2f:04:bd:79:79:1d:06:b1:ef:bb:41:
ba:1c:d3:3a:12:2d:d9:05:80:1c:7a:df:c5:0d:a7:
98:a8:91:c1:9e:b6:a7:d7:a5:35:1d:03:12:f3:fc:
46:51:11:2e:85:98:df:9a:3c:e5:48:1f:a7:88:89:
77:a4:82:84:40:ac:40:de:62:cc:6b:98:94:9c:73:
44:99:3f:f2:ee:45:bb:b4:90:43:0a:58:8c:1b:23:
86:74:cf:30:e8:63:32:e0:4b:da:da:f7:df:c5:29:
94:31:a4:6e:91:d9:49:b8:38:63:0c:ed:1e:64:8b:
6d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:80:C3:DB:02:52:92:66:B4:50:CB:C7:C5:54:36:82:1D:AC:5A:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd410136-409f-4c89-bc70-90b55daa78bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:21:0e:22:6f:db:ab:a3:c4:23:45:5a:f2:55:78:81:fb:c3:
32:f5:2e:1a:ea:65:ca:f6:c7:39:d8:1c:6b:31:5b:f9:d1:8a:
40:1f:89:29:1e:e6:27:52:a6:34:38:50:49:37:91:db:66:ae:
cf:71:a2:e2:89:3f:74:d3:2d:9c:fe:a2:36:f2:65:c1:b5:1a:
f0:89:b3:b4:ef:a7:a4:88:cc:3c:8d:d7:76:b7:19:08:b3:a0:
b3:35:6a:25:28:8d:ee:db:b2:ba:d5:ff:9a:e6:e1:78:df:fd:
bd:7b:66:6b:12:30:78:02:a8:6a:b8:25:53:f5:ab:7d:9d:de:
36:5a:a4:17:85:d3:ba:cd:94:d5:68:98:92:ea:3c:ed:95:6a:
03:10:76:2a:a5:ff:a3:81:17:c4:2a:a3:07:87:5c:1d:e1:5b:
7d:d1:94:03:9c:3f:d1:df:af:8b:e2:6b:1d:2c:c2:86:cf:8d:
8e:37:67:9a:b5:25:4d:34:3c:7b:18:bb:37:d4:47:cd:27:8f:
1d:c1:8e:cc:9a:da:2e:ed:c1:fe:00:2d:ee:5d:6c:8c:fd:13:
4a:a0:67:95:49:eb:14:89:78:5c:80:96:36:51:4e:98:12:18:
40:6d:bc:75:e3:4a:50:a3:b9:4e:1b:3a:f7:bf:e1:b5:48:6e:
53:69:41:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFVi7g6ChkYHPGsRpqWPD2ls8c0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYmI1MTE4NTdkZWIwZDYzOTc4OWFmM2ZkZmZhOTFkN2QwMGE2MWY3OGY1
MzU1Y2E0NDljNmRlNzMxYmZlZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0VUC19A7x6JmUviP5JthqGGAqOPYHi1STGf3nFXK//egOL3TIp/BlYqnNm
yrtVHpz94R3B1hDAv9Mr22fc+hVpcfOrao+cG8+wYI1Dl22NRhboOT23SuM46Mkd
S6KO17KFeJqNEsBDIo/EifLKgqR8WQzYr4kbF2KbOGC0qM09efSZY+ZvShy3lS8E
vXl5HQax77tBuhzTOhIt2QWAHHrfxQ2nmKiRwZ62p9elNR0DEvP8RlERLoWY35o8
5Ugfp4iJd6SChECsQN5izGuYlJxzRJk/8u5Fu7SQQwpYjBsjhnTPMOhjMuBL2tr3
38UplDGkbpHZSbg4YwztHmSLbcMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTSgMPb
AlKSZrRQy8fFVDaCHaxaljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQ0MTAxMzYtNDA5Zi00Yzg5LWJjNzAtOTBiNTVkYWE3OGJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSA
wDANBgkqhkiG9w0BAQsFAAOCAQEAmSEOIm/bq6PEI0Va8lV4gfvDMvUuGuplyvbH
OdgcazFb+dGKQB+JKR7mJ1KmNDhQSTeR22auz3Gi4ok/dNMtnP6iNvJlwbUa8Imz
tO+npIjMPI3XdrcZCLOgszVqJSiN7tuyutX/mubheN/9vXtmaxIweAKoarglU/Wr
fZ3eNlqkF4XTus2U1WiYkuo87ZVqAxB2KqX/o4EXxCqjB4dcHeFbfdGUA5w/0d+v
i+JrHSzChs+NjjdnmrUlTTQ8exi7N9RHzSePHcGOzJraLu3B/gAt7l1sjP0TSqBn
lUnrFIl4XICWNlFOmBIYQG28deNKUKO5Ths697/htUhuU2lBow==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:33 2025 by rpki-client