Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: YwmqXJ7uZItRIbdWc4AU0O9ntEEv7mKYnIAIjbdPaVM=
Subject key identifier: AB:45:48:A7:A6:40:D2:C3:9C:4D:47:49:FC:C4:67:3E:1A:88:55:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72A780E9539C2DB073A49D4A10ABB8EFB6E5CC70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Fri 21 Mar 2025 15:00:55 +0000
ROA not before: Fri 21 Mar 2025 15:00:55 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:a7:80:e9:53:9c:2d:b0:73:a4:9d:4a:10:ab:b8:ef:b6:e5:cc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:55 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:74:4c:86:9c:4e:6e:1c:b0:c9:a5:73:2a:c4:
a0:db:dd:ff:a9:9f:da:db:66:f5:fe:ed:a0:7a:ee:
1c:d7:d6:fa:c3:5e:cf:e9:1e:b4:13:f9:fb:2f:f5:
46:94:32:60:3c:c1:b0:ca:7b:a1:50:e9:32:55:41:
75:cb:0b:81:d6:c3:02:18:5e:21:8c:5e:77:d9:62:
af:fa:02:c7:79:cc:c7:7f:b3:6c:aa:3b:d0:54:da:
0a:a7:43:f6:0d:78:bc:58:cb:cc:b5:6a:22:fa:08:
74:9f:08:72:b0:bd:cb:44:ba:b2:52:77:48:43:73:
a1:13:f7:d4:7f:73:de:99:40:4f:f0:0d:ad:23:cf:
50:4a:a5:ae:69:ec:63:cf:69:0a:2e:a4:c2:d2:1c:
bb:dd:40:9c:a8:eb:7b:3f:a7:77:78:f0:53:2a:09:
d2:76:ea:ae:16:0e:26:05:ca:d8:db:8e:8a:74:89:
e0:0d:3a:ba:0f:ec:da:49:ab:cc:62:bc:b1:24:a1:
b0:b9:7e:47:33:49:18:d3:f4:7a:15:00:2f:a1:a0:
9f:d0:c1:f1:d1:b9:c6:7f:d1:65:7c:10:85:7f:9e:
2c:40:e9:97:c1:d8:f4:27:1a:67:57:38:df:6b:20:
b3:a5:74:b5:ec:dc:7c:98:a8:79:70:c5:8d:13:be:
4e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:45:48:A7:A6:40:D2:C3:9C:4D:47:49:FC:C4:67:3E:1A:88:55:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:f9:da:82:3b:12:89:1d:7c:48:8c:67:33:74:2a:12:0c:e8:
55:9d:67:d0:68:da:a0:f5:35:53:b2:9f:8f:c6:b2:6c:c3:dc:
a9:e7:44:79:a3:54:4d:dd:e8:ec:84:e4:55:48:00:e5:13:52:
b1:34:00:ee:d8:7c:53:5e:4d:47:b8:33:49:e7:f5:8f:d1:83:
bb:f1:56:bc:e2:fb:f0:e0:91:86:88:b3:b5:32:ff:a8:99:55:
33:1e:fb:4e:34:8a:3d:46:49:14:88:09:19:e6:bf:44:4b:ba:
0e:14:b2:2b:77:1c:54:7b:3d:39:ad:e3:05:d7:e8:82:fc:4a:
3e:2c:66:3c:9a:2e:1f:d5:b1:2f:55:58:aa:8a:10:0f:39:33:
2e:4e:e5:41:40:00:2e:3a:55:39:cd:3e:70:cf:c8:e1:d6:88:
69:d7:17:78:b3:16:ce:f8:93:de:35:49:5c:a0:69:54:18:f1:
43:14:73:c2:cf:15:c3:9f:8e:5c:ff:3e:24:9e:13:7b:f5:4a:
4d:4f:a2:be:dd:6d:19:9f:45:1b:4d:60:7f:80:21:96:10:9b:
58:e3:79:f6:c6:77:7b:8b:e1:b6:27:99:c9:f9:46:a7:c3:1b:
1b:89:bc:c5:39:32:e7:77:c6:55:46:e3:2c:b6:63:18:dd:c2:
76:c8:04:29
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcqeA6VOcLbBzpJ1KEKu477blzHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwNTVaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMGExODZlMzdkYmVmMTdmNTQ1ODgxNDg4NmQ0MzU0OTczNWIyOWVlZDFl
ZDhjNGVjMjYyNzIwZmRjZjY0NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMV0TIacTm4csMmlcyrEoNvd/6mf2ttm9f7toHruHNfW+sNez+ketBP5+y/1
RpQyYDzBsMp7oVDpMlVBdcsLgdbDAhheIYxed9lir/oCx3nMx3+zbKo70FTaCqdD
9g14vFjLzLVqIvoIdJ8IcrC9y0S6slJ3SENzoRP31H9z3plAT/ANrSPPUEqlrmns
Y89pCi6kwtIcu91AnKjrez+nd3jwUyoJ0nbqrhYOJgXK2NuOinSJ4A06ug/s2kmr
zGK8sSShsLl+RzNJGNP0ehUAL6Ggn9DB8dG5xn/RZXwQhX+eLEDpl8HY9CcaZ1c4
32sgs6V0tezcfJioeXDFjRO+Tm0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSrRUin
pkDSw5xNR0n8xGc+GohVgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEACvnagjsSiR18SIxnM3QqEgzoVZ1n0GjaoPU1U7Kf
j8aybMPcqedEeaNUTd3o7ITkVUgA5RNSsTQA7th8U15NR7gzSef1j9GDu/FWvOL7
8OCRhoiztTL/qJlVMx77TjSKPUZJFIgJGea/REu6DhSyK3ccVHs9Oa3jBdfogvxK
PixmPJouH9WxL1VYqooQDzkzLk7lQUAALjpVOc0+cM/I4daIadcXeLMWzviT3jVJ
XKBpVBjxQxRzws8Vw5+OXP8+JJ4Te/VKTU+ivt1tGZ9FG01gf4AhlhCbWON59sZ3
e4vhtieZyflGp8MbG4m8xTky53fGVUbjLLZjGN3CdsgEKQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:21 2025 by rpki-client