Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: o+PYKf67DDy2IaFT0kunuIXeuC9deZFV2UewZTYOjlE=
Subject key identifier: 2F:A9:CF:98:D0:0B:4D:5E:C6:AF:36:BF:F5:04:3F:32:D0:9E:91:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0AC7BFC16FC74A25BDA89EAB6E90C2187BC3CDEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Fri 21 Mar 2025 15:01:29 +0000
ROA not before: Fri 21 Mar 2025 15:01:29 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:c7:bf:c1:6f:c7:4a:25:bd:a8:9e:ab:6e:90:c2:18:7b:c3:cd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:01:29 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:5a:71:f6:5d:51:aa:9b:11:fd:b8:9e:45:
56:cd:a9:38:04:c4:d5:a9:bd:a6:b7:d3:a0:4f:d3:
d5:69:3e:9f:27:7f:2b:6a:9c:9f:f2:bd:8d:8c:c2:
54:d0:17:7b:34:fc:f4:48:69:85:8a:08:fa:c3:19:
ee:e8:f1:b3:91:ad:46:21:c3:56:a7:eb:04:3f:e2:
23:86:b1:5a:07:19:e9:c7:8a:ed:b0:c9:16:4a:34:
bc:7f:05:c0:fc:4d:78:32:dd:f9:ec:41:ad:6c:78:
c3:70:16:76:c5:21:0a:97:0a:3d:c5:6d:2e:54:04:
e3:fa:ec:ff:db:e3:e5:0b:54:bd:08:af:56:c4:18:
0e:9b:d1:11:04:09:55:96:44:64:68:23:1e:14:73:
a1:57:12:10:93:9b:53:95:69:6f:3a:eb:94:4c:be:
4b:3a:da:66:b5:47:c3:22:c0:18:4a:2e:e6:56:02:
ff:79:99:e1:12:9b:d7:e9:7b:85:7e:85:4d:db:47:
84:5c:0e:76:ca:6d:1b:67:93:1a:37:a1:b5:0b:0d:
3c:85:98:3b:74:e6:60:da:9f:da:3c:97:52:41:93:
9b:6c:65:62:36:70:bf:a6:7c:3d:5b:7e:1e:c5:62:
de:6d:ae:ba:03:65:63:e9:ac:9e:a7:32:44:7c:ca:
66:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A9:CF:98:D0:0B:4D:5E:C6:AF:36:BF:F5:04:3F:32:D0:9E:91:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:37:bf:03:a8:ad:2e:60:79:79:ae:56:73:26:2c:95:ff:15:
21:f7:1e:1c:51:86:e6:34:d2:ad:dd:7d:7d:8e:3e:80:35:e0:
98:a0:63:89:b7:2e:15:6f:8e:fc:52:83:31:d6:52:f0:99:b6:
5b:36:65:a6:b1:7a:bd:dd:bc:a7:e4:49:2e:af:d5:10:44:ee:
d2:2c:32:65:29:e7:d1:e8:b4:47:89:10:34:71:d3:a9:6a:a8:
9c:63:20:03:10:68:48:ca:e0:84:af:81:c5:99:3b:6b:f9:7c:
ab:a7:84:37:93:2d:3a:ed:a5:12:48:3d:2d:96:fb:d1:2d:1b:
4c:98:96:0b:8f:8b:4d:5a:77:41:0d:2f:c5:ee:23:06:db:31:
a4:47:0b:21:34:99:e6:79:71:bb:73:79:42:19:4e:50:3b:ae:
5f:c2:8c:eb:c5:04:8e:a6:73:1d:77:bb:c0:cc:1b:1f:00:59:
c2:ed:d1:33:0b:9e:2f:7f:e1:b9:69:d0:66:99:ec:8e:87:99:
fe:27:42:63:a9:3b:d4:c9:3e:93:17:6a:3d:d3:ac:39:aa:35:
9a:ec:0b:28:3e:92:39:55:3c:4d:b7:b9:bd:c4:19:a1:c6:f4:
84:2c:74:c0:1d:8f:d7:10:fd:3a:2f:d3:49:89:de:48:4e:c6:
41:eb:c9:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCse/wW/HSiW9qJ6rbpDCGHvDze4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAxMjlaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MjQ4M2IzYzAwZWMwYmNkYjBiMjNkNDFmOWQ5NzJjMjBjYTMxOGZkYTI1
NjQxMjlkNmZiYjUwNzEwNjI5YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKo3WnH2XVGqmxH9uJ5FVs2pOATE1am9prfToE/T1Wk+nyd/K2qcn/K9jYzC
VNAXezT89EhphYoI+sMZ7ujxs5GtRiHDVqfrBD/iI4axWgcZ6ceK7bDJFko0vH8F
wPxNeDLd+exBrWx4w3AWdsUhCpcKPcVtLlQE4/rs/9vj5QtUvQivVsQYDpvREQQJ
VZZEZGgjHhRzoVcSEJObU5VpbzrrlEy+SzraZrVHwyLAGEou5lYC/3mZ4RKb1+l7
hX6FTdtHhFwOdsptG2eTGjehtQsNPIWYO3TmYNqf2jyXUkGTm2xlYjZwv6Z8PVt+
HsVi3m2uugNlY+msnqcyRHzKZpsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQvqc+Y
0AtNXsavNr/1BD8y0J6RSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEALDe/A6itLmB5ea5WcyYslf8VIfceHFGG5jTSrd19
fY4+gDXgmKBjibcuFW+O/FKDMdZS8Jm2WzZlprF6vd28p+RJLq/VEETu0iwyZSnn
0ei0R4kQNHHTqWqonGMgAxBoSMrghK+BxZk7a/l8q6eEN5MtOu2lEkg9LZb70S0b
TJiWC4+LTVp3QQ0vxe4jBtsxpEcLITSZ5nlxu3N5QhlOUDuuX8KM68UEjqZzHXe7
wMwbHwBZwu3RMwueL3/huWnQZpnsjoeZ/idCY6k71Mk+kxdqPdOsOao1muwLKD6S
OVU8Tbe5vcQZocb0hCx0wB2P1xD9Oi/TSYneSE7GQevJ1g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:16 2025 by rpki-client