Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: +7h8+qRaB62oacjdcT9b2hFXaO1gp0w32oWb9BK4uiw=
Subject key identifier: 41:92:44:2B:73:8F:2A:60:69:32:15:57:78:8C:81:63:35:7C:9E:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20660B4C2388EB62BEE2BB6D1B20C09388A9D936
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Fri 21 Mar 2025 15:01:04 +0000
ROA not before: Fri 21 Mar 2025 15:01:04 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:66:0b:4c:23:88:eb:62:be:e2:bb:6d:1b:20:c0:93:88:a9:d9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:01:04 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:aa:97:f7:9b:76:d1:21:a8:fd:5a:13:36:dd:
78:0a:c2:2c:2d:19:3a:5b:e4:af:4d:fb:12:a5:f6:
e9:a9:27:01:34:ef:f5:5a:21:be:73:96:25:a1:a7:
13:8e:df:0b:35:ac:bf:df:d6:17:27:29:e6:6a:bf:
2b:78:0b:7c:ac:44:a5:9c:3a:a3:a6:48:71:1e:1f:
32:19:9a:b6:ba:38:e9:0b:a7:b8:65:01:dc:06:62:
c7:f5:0e:68:98:86:05:63:7e:88:c1:28:5a:2f:64:
53:05:43:85:6c:cc:ea:61:5d:00:bb:d3:4f:53:4a:
b2:d9:5c:94:8a:20:0d:e5:cf:ff:06:ae:66:93:cd:
fa:9f:0b:b5:49:ed:97:09:72:36:22:3a:c5:51:28:
6c:06:31:b6:b9:61:71:60:fb:e1:98:79:13:f2:0e:
18:82:c8:3d:23:38:aa:f7:75:98:d7:45:04:53:23:
ea:41:8f:e2:53:ab:dc:69:2c:91:fa:c7:a3:fe:fd:
19:98:f3:25:9f:2a:36:22:bf:1d:28:a8:6c:5d:cf:
4f:60:7c:13:8b:c3:b6:50:70:55:b8:bc:09:dd:1b:
53:fd:4c:fd:6e:b7:12:b7:ee:e7:bd:73:9d:1f:f9:
70:de:a2:32:cf:1d:78:39:4b:61:1f:8b:9e:5a:4c:
c4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:92:44:2B:73:8F:2A:60:69:32:15:57:78:8C:81:63:35:7C:9E:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:5c:d8:39:0e:42:75:4d:1e:7c:6b:24:30:26:8f:18:c0:0a:
d4:5d:49:91:7c:0c:98:b2:61:2c:55:3e:bc:a2:67:ab:58:bd:
70:3e:d0:e9:f2:e2:a9:e4:ca:71:b3:76:c8:8c:83:60:ef:e6:
6f:13:f8:bb:36:94:1a:af:b5:2c:50:99:fc:d4:f0:e9:b5:49:
f8:ec:88:23:ef:e3:0b:6c:71:e4:0e:62:db:b1:36:e9:f4:8f:
f8:6d:81:95:6b:50:cc:f9:fa:b9:86:0f:31:64:3c:7e:71:dd:
0c:43:ad:78:68:54:f5:30:64:7c:78:06:3b:c3:dc:77:60:0c:
57:d0:c6:36:50:4d:2a:c4:bc:72:24:4a:77:20:72:6a:f7:da:
d2:9e:f4:d1:f9:11:13:49:bc:6c:ce:1a:90:4c:94:5a:7c:fa:
97:3c:7a:f7:79:b5:46:51:d6:4a:04:da:79:cb:09:b8:4c:7e:
2e:72:66:93:5a:79:c7:f6:d0:74:e6:8f:a0:a4:17:91:a9:f7:
94:a0:3f:14:d2:1e:dc:9d:18:fe:5a:c9:73:ed:76:7f:df:be:
af:9b:85:0e:18:8e:0e:b0:06:36:8e:c4:2f:ee:51:1e:9e:9b:
e2:08:dc:f6:35:48:42:fa:1d:24:cd:1e:bb:fe:a1:0d:a4:1f:
9f:f7:94:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIGYLTCOI62K+4rttGyDAk4ip2TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAxMDRaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZjAyM2ZjZjE4YjkzMzU3NDI4ZDNlYjFkN2ZlZDM2NDM1Y2MxMWNmNmFl
YzRhYTIzYjk0YjljZDgwNGM3ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyql/ebdtEhqP1aEzbdeArCLC0ZOlvkr037EqX26aknATTv9VohvnOWJaGn
E47fCzWsv9/WFycp5mq/K3gLfKxEpZw6o6ZIcR4fMhmatro46QunuGUB3AZix/UO
aJiGBWN+iMEoWi9kUwVDhWzM6mFdALvTT1NKstlclIogDeXP/wauZpPN+p8LtUnt
lwlyNiI6xVEobAYxtrlhcWD74Zh5E/IOGILIPSM4qvd1mNdFBFMj6kGP4lOr3Gks
kfrHo/79GZjzJZ8qNiK/HSiobF3PT2B8E4vDtlBwVbi8Cd0bU/1M/W63Erfu571z
nR/5cN6iMs8deDlLYR+LnlpMxE0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRBkkQr
c48qYGkyFVd4jIFjNXyeSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAXVzYOQ5CdU0efGskMCaPGMAK1F1JkXwMmLJhLFU+
vKJnq1i9cD7Q6fLiqeTKcbN2yIyDYO/mbxP4uzaUGq+1LFCZ/NTw6bVJ+OyII+/j
C2xx5A5i27E26fSP+G2BlWtQzPn6uYYPMWQ8fnHdDEOteGhU9TBkfHgGO8Pcd2AM
V9DGNlBNKsS8ciRKdyByavfa0p700fkRE0m8bM4akEyUWnz6lzx693m1RlHWSgTa
ecsJuEx+LnJmk1p5x/bQdOaPoKQXkan3lKA/FNIe3J0Y/lrJc+12f9++r5uFDhiO
DrAGNo7EL+5RHp6b4gjc9jVIQvodJM0eu/6hDaQfn/eUOw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:28 2025 by rpki-client