Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
File: 53380a08-b071-4729-9c41-f9a83d36f4c0.roa (raw, json)
Hash identifier: GCtB2jNkq37P4fK1X6/Sdb82n9wJtuYi4XmP4tSe/aQ=
Subject key identifier: 19:47:EF:B4:4E:61:6F:4A:D4:80:86:B8:C1:5E:90:F2:1F:C6:E0:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69292EC4BF21B4E0439A9C66479714042A8568C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
Signing time: Fri 21 Mar 2025 15:00:52 +0000
ROA not before: Fri 21 Mar 2025 15:00:52 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:29:2e:c4:bf:21:b4:e0:43:9a:9c:66:47:97:14:04:2a:85:68:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:52 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e6:e2:59:4b:5b:56:03:95:df:67:d9:c4:ab:
c2:89:d6:50:0b:78:2b:d3:4f:08:b1:73:60:79:7f:
76:86:39:e4:81:c5:75:33:47:4c:71:44:62:4f:3d:
13:62:30:9a:84:e6:ee:11:4a:d0:52:ec:ff:60:fc:
89:40:16:ae:ea:5c:53:cd:ee:b6:9c:35:0a:f8:da:
a9:5c:82:8c:1f:85:63:8b:c9:6d:55:74:5f:e0:9a:
00:da:a6:6d:44:1d:a6:7f:c8:9c:5e:18:b6:23:e8:
53:ff:c9:bd:ae:b2:ae:c8:66:cc:db:1e:03:bd:6f:
d7:ec:88:c5:05:17:e4:29:0c:b2:5a:05:a7:d5:46:
6e:88:de:ff:0d:e0:1d:1f:b7:5c:1c:5a:75:d0:17:
78:d9:59:61:e5:c7:8d:6c:05:d1:38:12:5d:e9:74:
47:21:6a:7e:ac:e4:29:f2:b8:51:72:45:83:6b:11:
3d:5e:78:4c:f6:42:33:6b:07:83:9e:b6:a3:45:af:
6d:51:ab:0f:dc:3d:31:26:37:40:56:65:72:1f:8a:
49:64:5f:9c:f1:77:32:1f:80:79:79:b4:61:1e:19:
d8:ef:ba:9e:80:f5:b8:cc:c4:d1:49:37:56:f7:63:
ec:85:e9:95:85:9a:c9:cc:1f:f8:ed:e7:11:b8:0e:
9d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:47:EF:B4:4E:61:6F:4A:D4:80:86:B8:C1:5E:90:F2:1F:C6:E0:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.80.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:a9:f1:81:4b:6b:6c:78:54:8b:16:68:ec:c4:e9:48:d4:c2:
4f:58:51:4d:34:8b:97:33:e7:c9:e5:79:7b:ba:4a:ed:5b:0a:
a6:a5:95:65:79:90:15:18:cf:b6:fd:7e:c6:09:46:74:c6:a2:
ac:f2:83:25:cc:8a:75:7e:69:12:b6:10:dd:d1:d2:9f:b6:a5:
e8:a4:47:1f:53:49:5b:c5:0a:79:5a:fa:9a:b1:f5:09:e4:23:
b1:3a:74:30:6c:a8:ba:13:a5:69:05:dc:76:4a:88:65:58:55:
44:8c:8e:e1:b7:2a:79:4c:8c:8d:81:6c:a0:09:21:f8:bf:0c:
ad:49:b7:d7:1d:79:20:05:19:5b:bb:0f:5b:19:d8:35:03:9d:
5e:b3:e2:62:9d:f3:f0:cf:ca:09:69:85:22:aa:69:11:15:8d:
55:1d:11:07:20:5e:7d:fe:ec:4d:b4:61:4b:0d:19:7c:27:19:
4f:dc:bc:82:0f:9d:e0:29:a1:00:50:1d:11:6e:7c:87:2c:f0:
d6:32:9a:00:ab:a3:68:56:9b:7e:78:7a:21:7c:48:fa:01:b2:
9c:b1:6b:1e:2b:1b:c7:7d:ad:df:84:62:bb:9c:c3:4e:26:e5:
0f:76:7d:fb:ee:ba:fe:95:01:65:0c:be:54:54:90:f8:1e:8d:
3e:5e:c5:dd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaSkuxL8htOBDmpxmR5cUBCqFaMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwNTJaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YzRkMzJjZWRlNzQ1YjcyYzhiMThhODAyNTFiMDFmODQ0NDFlOTBlNzI2
MDFkNjg2ZjhmNDZiOGYyNDRjZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbm4llLW1YDld9n2cSrwonWUAt4K9NPCLFzYHl/doY55IHFdTNHTHFEYk89
E2IwmoTm7hFK0FLs/2D8iUAWrupcU83utpw1CvjaqVyCjB+FY4vJbVV0X+CaANqm
bUQdpn/InF4YtiPoU//Jva6yrshmzNseA71v1+yIxQUX5CkMsloFp9VGboje/w3g
HR+3XBxaddAXeNlZYeXHjWwF0TgSXel0RyFqfqzkKfK4UXJFg2sRPV54TPZCM2sH
g562o0WvbVGrD9w9MSY3QFZlch+KSWRfnPF3Mh+AeXm0YR4Z2O+6noD1uMzE0Uk3
Vvdj7IXplYWaycwf+O3nEbgOnRECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZR++0
TmFvStSAhrjBXpDyH8bgXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzODBhMDgtYjA3MS00NzI5LTljNDEtZjlhODNkMzZmNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgUDAN
BgkqhkiG9w0BAQsFAAOCAQEAbKnxgUtrbHhUixZo7MTpSNTCT1hRTTSLlzPnyeV5
e7pK7VsKpqWVZXmQFRjPtv1+xglGdMairPKDJcyKdX5pErYQ3dHSn7al6KRHH1NJ
W8UKeVr6mrH1CeQjsTp0MGyouhOlaQXcdkqIZVhVRIyO4bcqeUyMjYFsoAkh+L8M
rUm31x15IAUZW7sPWxnYNQOdXrPiYp3z8M/KCWmFIqppERWNVR0RByBeff7sTbRh
Sw0ZfCcZT9y8gg+d4CmhAFAdEW58hyzw1jKaAKujaFabfnh6IXxI+gGynLFrHisb
x32t34Riu5zDTiblD3Z9++66/pUBZQy+VFSQ+B6NPl7F3Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:18 2025 by rpki-client