Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1795bad4-1696-423a-a7cd-1c56076897d9.roa
File: 1795bad4-1696-423a-a7cd-1c56076897d9.roa (raw, json)
Hash identifier: G0LmnUgazmRH9hF5MutMKEUrdYlCP5MTFzBWzAKgG9A=
Subject key identifier: 69:89:29:37:8D:B2:74:B9:0D:4D:C2:49:BB:C1:52:E6:48:92:54:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6548EAB11C412AE8C9856C27912DDE1316C6DCC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1795bad4-1696-423a-a7cd-1c56076897d9.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:48:ea:b1:1c:41:2a:e8:c9:85:6c:27:91:2d:de:13:16:c6:dc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: serialNumber=99919bbb493363df9d99220dae0b4736f0d92147797238ec1a2405bfb2d5d243, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:96:2f:95:a5:62:10:7b:95:d7:20:8f:d4:92:
1d:ce:fc:c9:c5:b6:0c:db:16:24:d8:01:5c:cb:d4:
3b:d7:aa:9e:a1:92:34:ea:51:09:c0:a7:32:09:c9:
ac:03:4f:05:eb:ad:2b:ec:8d:c8:f2:78:a6:1c:66:
f6:9b:85:0b:d3:83:94:9c:84:91:2e:bc:f1:b9:8c:
91:e2:77:1b:e6:0b:aa:d4:37:f5:81:a8:f9:3e:c3:
6a:28:af:62:09:0d:35:7f:1c:04:c3:97:e6:ab:c1:
13:a6:4d:26:5e:3a:b7:4d:77:1a:7d:88:f1:33:6f:
e7:e9:66:20:de:14:5b:28:c4:4e:05:69:35:22:32:
51:f6:7b:18:ad:69:53:a5:20:8c:6c:71:84:65:cd:
86:d1:94:2b:1e:6d:7d:1e:77:0a:e0:e7:14:51:98:
37:9b:80:c7:02:6d:35:fb:8c:83:5b:cb:ea:72:7e:
a1:27:3e:cb:b2:8f:fc:3b:b3:bd:82:8a:d6:98:78:
19:52:53:a3:23:45:df:e3:b0:b4:a9:85:ff:ee:33:
06:ae:fb:ac:78:bd:fb:ab:12:fa:aa:63:7a:ac:95:
e5:c4:ba:8c:a8:3a:db:9c:3f:48:5e:54:e5:61:c7:
87:71:62:97:92:99:a0:27:8b:51:e0:a5:ba:2f:f6:
62:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:89:29:37:8D:B2:74:B9:0D:4D:C2:49:BB:C1:52:E6:48:92:54:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1795bad4-1696-423a-a7cd-1c56076897d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
28:c5:ba:c8:c9:4f:df:da:48:f5:b8:d3:f5:39:0a:c1:31:c4:
94:ec:8a:6c:b7:21:74:b9:b2:3e:cc:15:8d:4e:70:c5:d1:df:
1c:29:39:d8:8b:a5:fa:97:ec:46:c5:1e:65:c9:27:f8:34:b7:
d9:6a:bf:01:9b:21:03:84:cb:9b:20:86:b0:66:c8:3c:c0:af:
b6:3d:34:f8:d6:0e:29:43:b2:0d:79:5b:ed:28:26:31:78:ef:
bf:dd:2d:f6:d9:d7:a7:f2:ca:cc:db:72:de:d5:12:bc:97:ff:
f8:92:3e:eb:26:b5:e5:f9:17:1e:4c:c5:92:62:2a:66:ba:8c:
48:9c:f3:af:ba:6b:be:09:e2:82:48:2d:09:58:76:25:27:44:
0f:5d:a3:c0:d0:ec:e6:5e:55:61:12:b6:43:82:a3:09:30:6e:
eb:e0:3c:bd:2b:00:ac:1b:4d:30:d6:b1:d0:0d:3d:36:12:fa:
d8:4c:c8:df:18:6d:01:0c:fd:a3:f0:41:d8:a5:ee:3e:4a:94:
d1:79:52:d6:b9:7d:5f:5a:d8:22:a3:c1:ac:ec:ad:d4:81:b9:
78:9b:f1:0a:fb:eb:72:5e:4b:ce:99:b6:a9:a0:10:e9:08:37:
a5:3a:47:b3:d7:76:f2:bc:6a:c0:0d:d0:c0:c2:df:a7:3a:cb:
87:97:15:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZUjqsRxBKujJhWwnkS3eExbG3McwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5OTE5YmJiNDkzMzYzZGY5ZDk5MjIwZGFlMGI0NzM2ZjBkOTIxNDc3OTcy
MzhlYzFhMjQwNWJmYjJkNWQyNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqWL5WlYhB7ldcgj9SSHc78ycW2DNsWJNgBXMvUO9eqnqGSNOpRCcCnMgnJ
rANPBeutK+yNyPJ4phxm9puFC9ODlJyEkS688bmMkeJ3G+YLqtQ39YGo+T7Daiiv
YgkNNX8cBMOX5qvBE6ZNJl46t013Gn2I8TNv5+lmIN4UWyjETgVpNSIyUfZ7GK1p
U6UgjGxxhGXNhtGUKx5tfR53CuDnFFGYN5uAxwJtNfuMg1vL6nJ+oSc+y7KP/Duz
vYKK1ph4GVJToyNF3+OwtKmF/+4zBq77rHi9+6sS+qpjeqyV5cS6jKg625w/SF5U
5WHHh3Fil5KZoCeLUeClui/2YgUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRpiSk3
jbJ0uQ1Nwkm7wVLmSJJUoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTc5NWJhZDQtMTY5Ni00MjNhLWE3Y2QtMWM1NjA3Njg5N2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAoxbrIyU/f2kj1uNP1OQrBMcSU7IpstyF0ubI+
zBWNTnDF0d8cKTnYi6X6l+xGxR5lySf4NLfZar8BmyEDhMubIIawZsg8wK+2PTT4
1g4pQ7INeVvtKCYxeO+/3S322den8srM23Le1RK8l//4kj7rJrXl+RceTMWSYipm
uoxInPOvumu+CeKCSC0JWHYlJ0QPXaPA0OzmXlVhErZDgqMJMG7r4Dy9KwCsG00w
1rHQDT02EvrYTMjfGG0BDP2j8EHYpe4+SpTReVLWuX1fWtgio8Gs7K3Ugbl4m/EK
++tyXkvOmbapoBDpCDelOkez13byvGrADdDAwt+nOsuHlxW9
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net