Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: Ug6bJdnz9akNvv9xgu1s1km5fjxBz2qXSf4RDNuYxd0=
Subject key identifier: 02:0E:DE:2E:06:22:CE:AD:B4:B2:37:F9:8F:C7:BE:A6:1C:0B:D4:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 097BB4C5FE3B960A5A522E25DC1DE4C09E1D42AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Fri 21 Mar 2025 15:00:51 +0000
ROA not before: Fri 21 Mar 2025 15:00:51 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:7b:b4:c5:fe:3b:96:0a:5a:52:2e:25:dc:1d:e4:c0:9e:1d:42:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:51 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cf:12:09:d1:e9:6c:5a:e7:cb:3c:4d:88:41:
f1:b2:0f:72:f1:24:27:10:a5:9a:76:31:9f:51:3b:
97:dd:38:ec:8e:96:36:99:74:cd:52:37:1e:43:08:
f2:f2:b3:d0:8f:c7:3f:15:ca:79:14:c4:82:b1:d8:
9b:55:98:e9:d4:47:65:bc:58:31:3e:e7:c5:fe:9f:
cf:39:c7:e1:73:37:8e:b7:1b:cf:72:17:ea:02:30:
c1:ba:bd:d5:b4:ff:4c:00:54:1d:c7:26:1d:9f:e3:
1b:7d:b1:bf:97:31:3b:4f:49:8c:5e:bc:63:95:06:
d6:38:47:cf:d8:2f:c9:5d:3c:bd:49:4a:6c:28:e6:
6f:c6:fb:9b:6a:21:72:83:8f:75:de:07:92:30:47:
36:86:e5:9c:04:00:48:09:e7:8c:c9:35:f2:2f:76:
83:1b:4a:c8:61:b6:9e:76:83:4b:5c:44:fe:41:5e:
e5:04:4a:ee:46:67:59:2e:76:70:a6:43:1b:2e:0b:
53:9c:f6:ae:53:dd:29:c0:03:b7:92:d5:90:90:20:
cd:62:74:00:41:d8:77:42:77:bb:a6:e3:27:97:de:
d0:d5:ad:41:f6:81:4c:ef:20:3b:64:f9:a0:4a:cf:
99:b2:96:80:13:ae:b3:9b:a7:13:8f:45:78:bd:c7:
74:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0E:DE:2E:06:22:CE:AD:B4:B2:37:F9:8F:C7:BE:A6:1C:0B:D4:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
38:8e:86:a0:ed:90:3a:58:e8:61:2f:ab:1e:88:bd:24:f8:d0:
b3:f9:c4:0a:be:2e:1b:7f:bd:e7:19:f7:9c:38:e5:35:a1:78:
6a:ef:c4:56:4b:3e:71:8d:ea:df:b1:e1:15:39:88:5f:33:42:
cb:f0:3c:4d:df:8b:8c:90:68:81:ef:53:0f:dd:75:b4:aa:51:
c3:07:6b:5b:87:0b:4a:6e:05:26:b8:c1:6b:9d:c2:74:f8:ce:
4d:cb:28:2c:f1:86:c3:15:53:05:d2:5d:1c:50:8b:5d:93:2d:
86:07:be:de:e2:22:f5:03:1a:ca:d9:8f:2b:0f:0c:34:dc:eb:
2d:5f:ef:3d:02:41:97:97:0f:3d:87:7d:f2:15:b6:73:cc:d8:
7c:3f:71:31:03:99:3e:2b:e1:5d:80:02:30:0f:05:09:f4:0e:
9b:04:02:df:76:db:79:c1:f0:e3:f5:f6:3d:54:39:e4:76:8a:
70:5d:25:86:74:df:a1:71:fa:81:25:a7:51:cf:b8:4d:b8:9b:
f4:c2:38:af:bb:70:75:13:84:c8:37:45:75:80:b6:8c:25:54:
e0:d6:60:e3:00:31:6f:1b:c7:71:a0:53:25:80:00:3f:3c:51:
f6:79:ff:e8:3d:c7:a8:fb:16:9e:21:f0:e4:67:08:a6:a7:26:
10:d9:05:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCXu0xf47lgpaUi4l3B3kwJ4dQq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwNTFaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MWUwMTUxM2FhZDgwNjNkMGY0MDQ0NDFlYzU3MzU5ZWNjZDQwMTUzYTM4
NGY4YTkwMTBjODJkMDRmMDVjMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLPEgnR6Wxa58s8TYhB8bIPcvEkJxClmnYxn1E7l9047I6WNpl0zVI3HkMI
8vKz0I/HPxXKeRTEgrHYm1WY6dRHZbxYMT7nxf6fzznH4XM3jrcbz3IX6gIwwbq9
1bT/TABUHccmHZ/jG32xv5cxO09JjF68Y5UG1jhHz9gvyV08vUlKbCjmb8b7m2oh
coOPdd4HkjBHNoblnAQASAnnjMk18i92gxtKyGG2nnaDS1xE/kFe5QRK7kZnWS52
cKZDGy4LU5z2rlPdKcADt5LVkJAgzWJ0AEHYd0J3u6bjJ5fe0NWtQfaBTO8gO2T5
oErPmbKWgBOus5unE49FeL3HdP0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQCDt4u
BiLOrbSyN/mPx76mHAvUbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEAOI6GoO2QOljoYS+rHoi9JPjQs/nECr4uG3+95xn3
nDjlNaF4au/EVks+cY3q37HhFTmIXzNCy/A8Td+LjJBoge9TD911tKpRwwdrW4cL
Sm4FJrjBa53CdPjOTcsoLPGGwxVTBdJdHFCLXZMthge+3uIi9QMaytmPKw8MNNzr
LV/vPQJBl5cPPYd98hW2c8zYfD9xMQOZPivhXYACMA8FCfQOmwQC33bbecHw4/X2
PVQ55HaKcF0lhnTfoXH6gSWnUc+4Tbib9MI4r7twdROEyDdFdYC2jCVU4NZg4wAx
bxvHcaBTJYAAPzxR9nn/6D3HqPsWniHw5GcIpqcmENkFDw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:57 2025 by rpki-client