Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: tgdNVAulGDSm4spAu7hSbpzwyjydmQeqKlwW42DzRxY=
Subject key identifier: DB:E5:A5:90:35:8D:8E:6B:32:E8:51:6F:6A:57:F2:8B:C2:E0:8C:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 255BD5C503083DFF77DF7C25D0B77579E5E1D186
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Fri 07 Mar 2025 15:10:13 +0000
ROA not before: Fri 07 Mar 2025 15:10:13 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5b:d5:c5:03:08:3d:ff:77:df:7c:25:d0:b7:75:79:e5:e1:d1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 7 15:10:13 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:40:d4:cb:75:39:1d:ea:5c:20:dc:da:e1:
82:f3:8d:9b:aa:d3:bf:35:00:7e:a1:c3:be:af:98:
2d:8f:8d:ee:41:3a:5f:86:d8:8f:e8:b7:09:f1:c4:
bf:d5:3e:05:0c:66:45:ea:77:ed:d3:e4:ce:eb:07:
9b:08:e4:84:52:e7:46:1e:85:3b:86:77:a9:57:50:
3d:e2:72:ff:f7:83:2b:58:6a:b0:4c:04:05:f5:1a:
c5:79:69:ce:ed:ab:50:5c:ba:25:9b:43:06:ec:64:
34:ac:10:f3:76:bc:a1:23:dd:6c:86:c8:72:ad:3a:
79:c9:b0:0f:a4:5a:00:f7:bb:67:d5:07:57:4a:88:
7a:24:d0:5f:28:e1:54:72:a8:86:a0:02:a7:73:b9:
0c:f2:ed:2c:bb:47:48:1a:9f:93:af:a8:2d:43:d3:
f6:e5:88:26:ac:6d:05:bd:65:ab:c5:f3:6d:78:05:
b7:24:38:a3:98:54:6c:3b:b0:d1:73:92:78:2a:c5:
d4:ed:ae:3e:aa:18:11:98:a1:36:8d:19:92:a9:ac:
77:e9:ee:2f:59:af:ba:c9:d7:8b:45:70:a0:29:58:
d5:ff:17:68:86:bb:23:93:a8:b7:eb:5f:37:04:cc:
0e:f7:55:3e:53:54:c1:49:ed:1e:f9:91:fb:63:9b:
f1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E5:A5:90:35:8D:8E:6B:32:E8:51:6F:6A:57:F2:8B:C2:E0:8C:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:84:30:4c:97:84:b9:5e:ba:06:f8:07:79:09:73:fa:35:45:
99:e9:c8:8c:ab:f2:e6:3b:d5:77:45:bc:cc:30:1a:fc:b0:0b:
ff:13:f5:1b:c2:7f:d5:c0:8d:46:82:6d:c8:ac:f0:c6:99:93:
21:16:7c:63:4f:84:71:2f:17:1c:7a:0b:c5:3c:93:d1:ec:df:
2a:32:ea:6d:a7:22:ea:e9:e6:d9:29:59:94:f4:13:fe:48:48:
e2:8a:43:a4:33:47:1e:2c:c0:b0:18:f7:54:a1:1c:84:85:bf:
88:8c:88:8b:2d:ca:65:04:52:b0:60:20:a1:ac:8a:31:b0:43:
d3:11:76:82:84:8e:5a:a9:be:81:9e:fe:f8:a6:72:52:cd:db:
17:fa:4e:25:9a:8f:a8:4e:a1:cd:01:e2:c6:75:00:59:95:1f:
b5:21:2c:2a:d3:3a:02:7e:0d:8a:85:93:bd:94:b3:51:c8:78:
d2:4b:57:14:89:7e:85:45:ee:72:a5:75:3a:7b:41:9d:9f:c7:
6f:33:e5:cf:b6:da:17:ab:f5:99:c1:83:22:90:cc:9e:e5:42:
eb:38:c2:f7:c7:82:82:01:1c:ca:90:53:09:77:c8:93:ec:2b:
c9:ca:da:86:09:d4:3b:ad:1d:92:78:7e:93:82:74:b4:74:4b:
5f:bb:04:91
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJVvVxQMIPf9333wl0Ld1eeXh0YYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDcxNTEwMTNaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMTQyODRlMDhkOWMxNzUyZTQ1MjVhOWQzYTM0OTI1NmRmNDI3MmM1NzE3
NjQ1Y2U0MjY4MDc0MTg2MjI1MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK32QNTLdTkd6lwg3NrhgvONm6rTvzUAfqHDvq+YLY+N7kE6X4bYj+i3CfHE
v9U+BQxmRep37dPkzusHmwjkhFLnRh6FO4Z3qVdQPeJy//eDK1hqsEwEBfUaxXlp
zu2rUFy6JZtDBuxkNKwQ83a8oSPdbIbIcq06ecmwD6RaAPe7Z9UHV0qIeiTQXyjh
VHKohqACp3O5DPLtLLtHSBqfk6+oLUPT9uWIJqxtBb1lq8XzbXgFtyQ4o5hUbDuw
0XOSeCrF1O2uPqoYEZihNo0Zkqmsd+nuL1mvusnXi0VwoClY1f8XaIa7I5Oot+tf
NwTMDvdVPlNUwUntHvmR+2Ob8VcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTb5aWQ
NY2OazLoUW9qV/KLwuCMizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAuYQwTJeEuV66BvgHeQlz+jVFmenIjKvy5jvVd0W8
zDAa/LAL/xP1G8J/1cCNRoJtyKzwxpmTIRZ8Y0+EcS8XHHoLxTyT0ezfKjLqbaci
6unm2SlZlPQT/khI4opDpDNHHizAsBj3VKEchIW/iIyIiy3KZQRSsGAgoayKMbBD
0xF2goSOWqm+gZ7++KZyUs3bF/pOJZqPqE6hzQHixnUAWZUftSEsKtM6An4NioWT
vZSzUch40ktXFIl+hUXucqV1OntBnZ/HbzPlz7baF6v1mcGDIpDMnuVC6zjC98eC
ggEcypBTCXfIk+wrycrahgnUO60dknh+k4J0tHRLX7sEkQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:18 2025 by rpki-client