Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
File: 4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa (raw, json)
Hash identifier: MifTE5FdNVhxAWeuVM3On3obDwxqpsUiB+8Jfjes0ok=
Subject key identifier: 89:D7:1F:8F:EC:18:E8:F2:E1:2F:43:89:5B:AB:13:09:70:60:FC:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47950D20E7D788C29B7DFAEFBB7261A8EB66968C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
Signing time: Fri 21 Mar 2025 15:01:19 +0000
ROA not before: Fri 21 Mar 2025 15:01:19 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:95:0d:20:e7:d7:88:c2:9b:7d:fa:ef:bb:72:61:a8:eb:66:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:01:19 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c1:f7:cc:af:11:bd:af:43:65:f3:13:6c:d7:
be:3b:a9:bd:c1:2a:89:7c:cc:93:97:9f:15:b8:50:
48:0f:b0:0c:73:03:d4:2f:ad:e5:aa:b6:96:fb:5e:
94:7c:1b:81:c1:3c:42:cd:2e:10:15:9c:ac:6e:6d:
97:fd:4f:fe:ae:69:e7:9f:c8:d6:0d:ed:8f:e5:2e:
74:63:b1:b9:81:3b:93:4b:e1:c2:98:76:f4:a2:50:
fe:d9:0e:64:93:77:7e:e5:15:c7:ad:e4:f1:1e:de:
55:ff:6c:6f:31:e5:8f:35:72:11:29:47:0b:9b:4d:
5b:79:be:9f:20:85:d4:53:cc:e1:f2:b8:c8:21:6c:
d8:92:fc:fd:8b:df:a0:fd:ca:1f:84:07:91:7c:b9:
01:7f:d7:b8:20:17:bf:ae:00:7c:af:47:8a:36:cb:
68:52:db:d2:86:e9:67:08:4c:e8:cc:42:3b:27:04:
66:fe:ee:1a:7d:64:4b:ba:cb:dd:6f:28:98:55:19:
c6:55:2c:d1:cc:1d:7e:19:7a:b1:7c:a3:56:15:74:
90:b3:89:1a:b1:fd:2a:59:27:61:a3:8d:00:6c:33:
4c:55:e8:fe:3d:14:cb:c3:80:90:27:ee:39:89:71:
a5:3d:6d:f7:c8:c7:76:8d:3a:9b:a1:55:39:3e:07:
6c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D7:1F:8F:EC:18:E8:F2:E1:2F:43:89:5B:AB:13:09:70:60:FC:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4df3a9b8-4cdc-4366-a38e-16d2eab129b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/19
Signature Algorithm: sha256WithRSAEncryption
66:22:b8:4c:da:bc:19:f3:b2:44:5e:27:b1:13:4b:62:7f:d9:
0a:5a:92:82:1f:90:fd:3b:73:bc:b9:9c:05:86:d7:04:85:d5:
34:fb:44:7f:fc:c5:3a:48:b5:0e:36:35:05:71:f4:7a:1b:5d:
1c:10:97:11:f5:83:9b:fb:77:76:c9:60:0b:8c:69:78:43:ae:
b2:7f:58:54:02:b0:ab:11:6b:2a:db:4b:4b:c3:ac:ea:05:50:
3a:46:6c:18:05:18:9d:da:be:cd:e4:b3:73:03:0c:0a:4f:de:
ed:b7:90:f0:4b:63:72:5a:f9:3d:cc:5b:6d:20:aa:11:20:37:
ce:38:dd:c2:fa:9e:08:c2:e1:b5:19:c3:7a:78:a3:8a:ee:fc:
72:d5:8f:8a:f9:ac:5c:25:ba:d6:00:80:80:a5:b0:68:17:06:
a6:18:d6:6c:7e:ec:f1:7b:7f:75:65:86:26:f3:1c:a1:1e:c0:
9d:b8:a7:5a:e9:47:e6:01:54:9c:14:2f:32:e9:42:dd:ac:7f:
e9:30:3d:68:bb:af:45:c2:63:fd:fb:1e:22:f5:b2:44:8c:e0:
c5:e6:b3:59:a3:f9:78:d2:3f:49:3b:f8:37:cf:92:e9:c3:29:
5f:c9:1a:a9:06:e1:4a:79:37:f3:1a:57:bf:fb:d3:d9:e3:87:
fe:73:c0:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR5UNIOfXiMKbffrvu3JhqOtmlowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAxMTlaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZjNkOTA3NzAxOGJmYzlkMWNjNmYzM2Y0NTBkNjVmNWM1NmVkM2U4NjVk
ZTdiYTRjMjkyODJjYjllZDE1MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7B98yvEb2vQ2XzE2zXvjupvcEqiXzMk5efFbhQSA+wDHMD1C+t5aq2lvte
lHwbgcE8Qs0uEBWcrG5tl/1P/q5p55/I1g3tj+UudGOxuYE7k0vhwph29KJQ/tkO
ZJN3fuUVx63k8R7eVf9sbzHljzVyESlHC5tNW3m+nyCF1FPM4fK4yCFs2JL8/Yvf
oP3KH4QHkXy5AX/XuCAXv64AfK9HijbLaFLb0obpZwhM6MxCOycEZv7uGn1kS7rL
3W8omFUZxlUs0cwdfhl6sXyjVhV0kLOJGrH9KlknYaONAGwzTFXo/j0Uy8OAkCfu
OYlxpT1t98jHdo06m6FVOT4HbEECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSJ1x+P
7Bjo8uEvQ4lbqxMJcGD8yjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRmM2E5YjgtNGNkYy00MzY2LWEzOGUtMTZkMmVhYjEyOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAZiK4TNq8GfOyRF4nsRNLYn/ZClqSgh+Q/TtzvLmc
BYbXBIXVNPtEf/zFOki1DjY1BXH0ehtdHBCXEfWDm/t3dslgC4xpeEOusn9YVAKw
qxFrKttLS8Os6gVQOkZsGAUYndq+zeSzcwMMCk/e7beQ8Etjclr5PcxbbSCqESA3
zjjdwvqeCMLhtRnDenijiu78ctWPivmsXCW61gCAgKWwaBcGphjWbH7s8Xt/dWWG
JvMcoR7AnbinWulH5gFUnBQvMulC3ax/6TA9aLuvRcJj/fseIvWyRIzgxeazWaP5
eNI/STv4N8+S6cMpX8kaqQbhSnk38xpXv/vT2eOH/nPAQw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:52 2025 by rpki-client