Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: N9LIayRDpmrsE2I1QkegDNG3N6TO5ywRZPYTnUfhsUQ=
Subject key identifier: E3:54:54:5C:57:6D:22:F2:BF:B9:39:FC:3B:EC:FF:2E:17:B8:57:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22850A0C628C1325EA77933DD0B18542FFCA053C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Fri 21 Mar 2025 15:00:53 +0000
ROA not before: Fri 21 Mar 2025 15:00:53 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:85:0a:0c:62:8c:13:25:ea:77:93:3d:d0:b1:85:42:ff:ca:05:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:53 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8f:ff:1f:e3:6c:de:56:1d:e3:9b:00:38:5b:
61:bb:5b:99:ae:0c:b8:d3:16:ec:82:07:ca:d0:32:
8f:7e:e0:80:d0:be:ff:5c:d2:d7:25:d0:d0:f3:6b:
57:d2:83:61:5a:cf:cf:84:c9:d5:5b:79:7c:b7:98:
5f:82:a9:34:1b:8c:5c:9e:3d:28:d7:8d:84:0b:db:
94:1b:0b:5d:f0:b5:31:9a:f0:f5:01:ec:5e:68:66:
a5:3b:0e:7a:f1:28:cc:53:cc:b9:5f:14:9c:10:4d:
a9:91:be:c8:7e:31:ec:41:8a:48:ac:01:a4:be:82:
40:d1:bc:63:09:7d:82:69:3a:fd:c4:7f:e4:2e:be:
1d:0e:9a:df:f3:44:37:93:f2:da:e0:3c:49:96:bb:
c9:3e:ea:e2:b3:5b:ba:ed:7c:ef:00:e8:4d:53:21:
a0:50:2a:b4:57:89:73:ef:38:80:ed:99:4f:46:60:
ba:f1:2e:6a:df:a3:ab:b1:a5:c1:fc:ef:18:b9:cf:
89:b8:c5:92:5d:c5:3e:68:eb:97:36:89:87:0c:26:
56:7d:7b:a1:38:1e:fe:e2:89:ff:17:64:b6:d3:43:
cf:2a:58:be:92:47:87:42:12:97:63:a1:0b:c1:0e:
e8:78:43:68:41:06:30:ee:1d:68:4d:ca:92:f8:53:
f5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:54:54:5C:57:6D:22:F2:BF:B9:39:FC:3B:EC:FF:2E:17:B8:57:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
38:a8:4d:aa:e8:50:fb:ee:3e:7d:35:05:5e:b1:43:8a:26:e1:
f4:fd:42:15:f8:46:7f:6b:63:0c:05:a1:69:ee:a8:a2:09:cc:
09:d3:7c:03:49:13:84:b3:94:1b:3a:81:b5:35:70:fb:58:c4:
65:be:d7:5f:5c:0c:ae:2c:8b:85:f2:cc:7f:a0:8d:b9:84:e4:
c9:57:8c:c8:e9:e8:05:df:e4:f7:66:49:df:e4:75:9d:97:c9:
7f:b3:60:98:28:d5:b0:34:dd:50:6d:65:1a:77:fe:7d:13:4b:
18:3e:2d:a9:4d:53:87:11:09:46:2a:8f:4a:2a:e4:20:e1:a0:
15:b3:75:98:bd:42:74:29:ee:14:e4:9f:0a:92:57:f7:9f:bd:
79:60:bb:df:bb:49:c7:62:34:54:1f:ff:c0:3c:32:f7:5a:ed:
3f:cc:e5:47:89:ea:5d:f9:d7:4b:80:ea:7f:50:b2:15:67:7d:
28:8d:6a:91:e3:3b:72:5d:40:ec:82:04:75:f3:c6:f4:a0:4c:
bf:fb:39:a4:ee:31:72:ab:c0:39:cd:12:6a:93:e0:6a:6c:8c:
1e:4b:5a:2a:eb:2d:46:62:b3:49:ee:32:30:15:64:0d:63:cb:
3d:7d:7e:31:79:26:fa:bd:72:4c:f1:11:ea:47:0a:a9:74:16:
86:6a:a7:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIoUKDGKMEyXqd5M90LGFQv/KBTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwNTNaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwZDYyYzhhNzY4OGU3Yzg3NDM1MTVjYTgzOGMwMzRlNWNiZjJkNDBmMTNk
NTU4MjRmYzAyODczZjM5ZTY4ZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmP/x/jbN5WHeObADhbYbtbma4MuNMW7IIHytAyj37ggNC+/1zS1yXQ0PNr
V9KDYVrPz4TJ1Vt5fLeYX4KpNBuMXJ49KNeNhAvblBsLXfC1MZrw9QHsXmhmpTsO
evEozFPMuV8UnBBNqZG+yH4x7EGKSKwBpL6CQNG8Ywl9gmk6/cR/5C6+HQ6a3/NE
N5Py2uA8SZa7yT7q4rNbuu187wDoTVMhoFAqtFeJc+84gO2ZT0ZguvEuat+jq7Gl
wfzvGLnPibjFkl3FPmjrlzaJhwwmVn17oTge/uKJ/xdkttNDzypYvpJHh0ISl2Oh
C8EO6HhDaEEGMO4daE3KkvhT9QcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjVFRc
V20i8r+5Ofw77P8uF7hXSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAOKhNquhQ++4+fTUFXrFDiibh9P1CFfhGf2tjDAWh
ae6oognMCdN8A0kThLOUGzqBtTVw+1jEZb7XX1wMriyLhfLMf6CNuYTkyVeMyOno
Bd/k92ZJ3+R1nZfJf7NgmCjVsDTdUG1lGnf+fRNLGD4tqU1ThxEJRiqPSirkIOGg
FbN1mL1CdCnuFOSfCpJX95+9eWC737tJx2I0VB//wDwy91rtP8zlR4nqXfnXS4Dq
f1CyFWd9KI1qkeM7cl1A7IIEdfPG9KBMv/s5pO4xcqvAOc0SapPgamyMHktaKust
RmKzSe4yMBVkDWPLPX1+MXkm+r1yTPER6kcKqXQWhmqnlQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:39 2025 by rpki-client