Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
File: d99eb465-9cfd-49b1-9346-6d846f862940.roa (raw, json)
Hash identifier: zTZ+K0+jRI4n5Qt5qHVjGGMyAw8aS7NXzIh/Gmmq4kw=
Subject key identifier: DC:38:1F:E9:BD:0A:34:FB:CD:1C:C4:EF:4B:A8:B1:23:DF:C0:DD:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52BB2B13E012B695BA32C68F152CA4BE3E0AF7D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:bb:2b:13:e0:12:b6:95:ba:32:c6:8f:15:2c:a4:be:3e:0a:f7:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=9a82b57c31f9b26465ce174b536ba0adef3ea3d9fa12aaec8770a74bc1649c23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ec:82:df:de:c5:5c:3f:b5:fd:2f:45:00:ba:
14:00:21:d2:38:48:44:ed:ab:3a:60:78:c0:0d:0f:
80:d1:48:0a:e1:0a:4e:f1:89:61:1e:97:79:e0:3b:
d2:92:7f:c2:48:8a:da:7f:4e:14:51:1d:03:79:0d:
6e:db:6d:2b:78:56:6b:d2:f5:04:29:be:3f:56:48:
65:d0:94:ee:70:ea:6b:85:f0:9c:82:19:42:7b:65:
0c:ed:3b:74:86:94:48:31:02:92:c2:a8:12:7c:df:
6a:1b:ec:f5:ba:2d:51:cb:d0:76:16:53:f5:17:05:
d0:27:1f:32:fa:c5:8a:e3:86:e7:6b:44:a5:87:9b:
dd:c6:5c:4b:46:75:3a:e5:45:64:0e:3a:f5:db:d1:
a3:cc:bb:1f:ec:fa:77:1b:26:8d:e7:27:b7:dd:7c:
ae:de:76:0e:dd:d0:97:db:9d:fa:97:80:0d:5a:30:
89:d4:82:22:c6:08:e3:a8:3d:bc:b4:c7:44:31:bb:
66:64:d0:07:f5:97:d9:30:78:72:ee:67:5a:32:a0:
5b:6e:15:4b:93:25:82:80:95:fc:c6:94:c7:0e:73:
20:b4:7f:37:86:91:dd:57:50:1e:38:de:1a:16:75:
21:44:af:4e:e7:49:b1:cc:15:6a:e2:0c:c2:cc:40:
a4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:38:1F:E9:BD:0A:34:FB:CD:1C:C4:EF:4B:A8:B1:23:DF:C0:DD:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:23:3b:24:a5:d5:87:4d:60:3e:63:dd:41:f1:5f:ca:33:99:
ad:81:7c:7c:7b:9c:75:4e:da:d4:d8:a1:2f:6c:fb:5e:d6:44:
e6:60:48:32:8b:5d:eb:11:0d:2c:a0:39:81:3e:d8:c1:04:14:
69:70:76:26:99:7f:b1:52:6a:35:d7:59:e7:ef:e2:af:51:92:
24:69:54:08:bd:b2:a0:7f:70:e9:80:6f:7b:54:de:43:ee:2d:
94:03:28:32:22:8b:83:66:59:db:91:20:1f:73:06:1f:7f:39:
30:90:00:1a:d2:b3:fe:d3:7c:d3:26:ea:5c:3f:0d:e2:e5:b8:
e2:ae:07:2f:76:b6:b6:a7:0b:89:b0:01:4b:55:d6:76:0d:8a:
19:cc:23:37:52:16:ef:20:05:1b:d1:08:07:fd:ec:03:af:24:
3f:11:dc:18:89:11:3e:8b:6d:b5:cc:7e:c2:f0:3b:59:5a:66:
ab:b8:6b:49:42:d1:14:0c:ce:0c:dd:71:e7:dc:f7:0e:6f:95:
c3:b8:52:d4:37:e5:d6:48:1c:6f:fc:29:df:e4:93:8a:02:c6:
08:88:d6:15:59:9a:44:c0:03:db:bf:83:99:bd:cc:c6:a7:f1:
e5:78:d4:e9:73:a1:a0:a0:cb:40:f2:d9:84:7d:14:08:83:18:
08:fe:ab:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUrsrE+AStpW6MsaPFSykvj4K99EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhODJiNTdjMzFmOWIyNjQ2NWNlMTc0YjUzNmJhMGFkZWYzZWEzZDlmYTEy
YWFlYzg3NzBhNzRiYzE2NDljMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLsgt/exVw/tf0vRQC6FAAh0jhIRO2rOmB4wA0PgNFICuEKTvGJYR6XeeA7
0pJ/wkiK2n9OFFEdA3kNbtttK3hWa9L1BCm+P1ZIZdCU7nDqa4XwnIIZQntlDO07
dIaUSDECksKoEnzfahvs9botUcvQdhZT9RcF0CcfMvrFiuOG52tEpYeb3cZcS0Z1
OuVFZA469dvRo8y7H+z6dxsmjecnt918rt52Dt3Ql9ud+peADVowidSCIsYI46g9
vLTHRDG7ZmTQB/WX2TB4cu5nWjKgW24VS5MlgoCV/MaUxw5zILR/N4aR3VdQHjje
GhZ1IUSvTudJscwVauIMwsxApNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcOB/p
vQo0+80cxO9LqLEj38DdBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDk5ZWI0NjUtOWNmZC00OWIxLTkzNDYtNmQ4NDZmODYyOTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnIzskpdWHTWA+Y91B8V/KM5mtgXx8e5x1TtrU
2KEvbPte1kTmYEgyi13rEQ0soDmBPtjBBBRpcHYmmX+xUmo111nn7+KvUZIkaVQI
vbKgf3DpgG97VN5D7i2UAygyIouDZlnbkSAfcwYffzkwkAAa0rP+03zTJupcPw3i
5bjirgcvdra2pwuJsAFLVdZ2DYoZzCM3UhbvIAUb0QgH/ewDryQ/EdwYiRE+i221
zH7C8DtZWmaruGtJQtEUDM4M3XHn3PcOb5XDuFLUN+XWSBxv/Cnf5JOKAsYIiNYV
WZpEwAPbv4OZvczGp/HleNTpc6GgoMtA8tmEfRQIgxgI/qu8
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:17 2024 by rpki-client on console.sobornost.net