Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: vKLCiYObBZw5xLXZIHlB4ec3g5/Nu9nBPyvWI+86nTA=
Subject key identifier: D0:CF:ED:D8:BA:2A:B7:92:AF:A1:E4:93:25:C9:DE:0A:FF:77:69:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C271DE7D5B8461F86FC8B6944EBD938D36B54CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Fri 21 Mar 2025 15:01:01 +0000
ROA not before: Fri 21 Mar 2025 15:01:01 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:27:1d:e7:d5:b8:46:1f:86:fc:8b:69:44:eb:d9:38:d3:6b:54:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:01:01 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:e2:14:ff:a9:c7:54:9c:d0:82:a8:4d:61:
44:90:76:56:6e:c1:34:ad:d2:f8:ba:43:e1:25:c7:
f6:f8:65:17:3a:17:2f:a3:c0:e9:0a:44:61:0c:70:
db:45:de:2e:ee:19:a2:3f:f7:f9:a1:b5:c4:a8:21:
5c:24:48:bd:d9:cb:50:5e:c7:86:9d:42:9c:c0:24:
a8:6e:fd:57:25:14:9f:b7:87:a3:57:ee:f1:a1:07:
65:26:67:48:99:18:c5:b5:79:5d:2b:cf:c7:d2:7e:
78:f2:0d:b7:e1:67:c9:33:f8:b1:f2:40:41:c8:25:
d0:8b:2a:fa:84:a6:d3:c2:fb:d8:01:e0:42:5d:5f:
f5:19:e3:15:c3:90:9b:04:62:b6:52:ef:8e:60:b1:
ce:a5:10:15:58:f2:a1:ff:8d:39:f2:5c:af:91:97:
f5:0a:50:0f:10:1b:aa:15:f8:60:b5:e5:54:75:73:
c7:d8:be:1b:f7:99:57:07:87:8b:01:5f:58:eb:0c:
55:b0:ce:b7:95:1c:e5:bf:23:00:73:e9:59:e4:54:
73:b6:e8:8c:8a:9f:11:5d:17:0a:1d:43:31:37:95:
48:71:cd:df:61:46:95:65:4d:01:1b:3b:5a:66:6a:
90:8d:f8:2d:8f:00:65:ba:0b:43:ed:85:36:91:2b:
74:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CF:ED:D8:BA:2A:B7:92:AF:A1:E4:93:25:C9:DE:0A:FF:77:69:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
32:95:31:2b:72:e4:f9:e6:04:76:4a:f9:88:09:97:cc:be:dd:
55:05:e2:b5:27:0c:7e:f4:97:9b:e4:c6:67:e5:fd:50:b3:ce:
2b:1a:94:e2:7c:5e:50:92:1f:03:92:9e:d2:50:aa:08:78:0f:
cf:84:45:14:8d:26:11:d2:31:e0:96:2d:1e:da:08:3a:33:d2:
e2:00:41:3a:2b:15:0a:f6:a3:2f:4a:22:1e:7c:97:67:b0:0c:
72:a4:a6:5e:44:81:8e:f7:f7:b0:33:82:ed:9a:1c:2d:62:eb:
78:9c:1a:74:27:b1:ec:e8:35:12:02:75:e4:39:4d:e1:b2:45:
54:54:10:0b:f9:bc:bf:b2:5f:a7:5d:58:bb:97:1d:98:d9:6d:
9b:4e:78:00:99:f1:7c:13:ec:d8:77:1e:21:72:2a:09:f9:d0:
59:7d:cc:5d:db:a8:8b:35:b7:54:df:a2:88:84:33:53:d2:ab:
12:82:45:84:49:79:15:b2:39:a1:14:14:f7:80:bf:7b:70:c8:
92:97:f6:c3:da:ea:0b:65:36:5e:28:e2:e8:fb:27:d1:34:b6:
e4:f7:4a:0f:16:7d:9f:53:26:f4:69:fa:49:b1:e6:9a:6d:fc:
d2:f6:ec:32:3e:94:af:92:72:72:f7:e9:f7:82:c2:12:12:67:
7f:73:5b:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXCcd59W4Rh+G/ItpROvZONNrVM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAxMDFaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4ZGJhODk1MWIyZjQ1YzMzZTE0ZTJjYTBhZDE4MTIwMTYzMzcxZDMwZWNm
ODNiMjFmN2IwYjgxOThhZDIwNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5r4hT/qcdUnNCCqE1hRJB2Vm7BNK3S+LpD4SXH9vhlFzoXL6PA6QpEYQxw
20XeLu4Zoj/3+aG1xKghXCRIvdnLUF7Hhp1CnMAkqG79VyUUn7eHo1fu8aEHZSZn
SJkYxbV5XSvPx9J+ePINt+FnyTP4sfJAQcgl0Isq+oSm08L72AHgQl1f9RnjFcOQ
mwRitlLvjmCxzqUQFVjyof+NOfJcr5GX9QpQDxAbqhX4YLXlVHVzx9i+G/eZVweH
iwFfWOsMVbDOt5Uc5b8jAHPpWeRUc7bojIqfEV0XCh1DMTeVSHHN32FGlWVNARs7
WmZqkI34LY8AZboLQ+2FNpErdP0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTQz+3Y
uiq3kq+h5JMlyd4K/3dpIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEAMpUxK3Lk+eYEdkr5iAmXzL7dVQXitScMfvSXm+TG
Z+X9ULPOKxqU4nxeUJIfA5Ke0lCqCHgPz4RFFI0mEdIx4JYtHtoIOjPS4gBBOisV
CvajL0oiHnyXZ7AMcqSmXkSBjvf3sDOC7ZocLWLreJwadCex7Og1EgJ15DlN4bJF
VFQQC/m8v7Jfp11Yu5cdmNltm054AJnxfBPs2HceIXIqCfnQWX3MXduoizW3VN+i
iIQzU9KrEoJFhEl5FbI5oRQU94C/e3DIkpf2w9rqC2U2Xiji6Psn0TS25PdKDxZ9
n1Mm9Gn6SbHmmm380vbsMj6Ur5Jycvfp94LCEhJnf3NbFw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:17 2025 by rpki-client