Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json)
Hash identifier: cZ1NnP7D1nX0NvoIytYuOO0esSXLoLSApgqJz/6aq8k=
Subject key identifier: 6C:22:31:4F:ED:29:8B:3A:6F:02:B6:FD:B0:D9:61:C0:FC:34:81:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 378FF233AB773EE5A467CABBDB23F264C885D25C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
Signing time: Fri 21 Mar 2025 15:00:52 +0000
ROA not before: Fri 21 Mar 2025 15:00:52 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:8f:f2:33:ab:77:3e:e5:a4:67:ca:bb:db:23:f2:64:c8:85:d2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:52 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:71:da:a9:a2:f9:bc:f8:09:c6:c4:7c:6f:50:
53:f0:21:f9:8b:41:e2:b3:57:c3:ee:58:bc:29:5a:
d4:83:7c:a6:f3:1e:d1:a9:49:3f:3a:4d:92:04:40:
39:2f:df:96:1f:2a:d0:41:72:ae:af:7d:59:a9:a3:
8f:cd:e7:aa:7f:16:80:39:c8:ba:07:70:10:e9:7e:
ef:9c:3f:c2:59:16:55:92:66:52:51:6b:79:1d:1a:
2d:1a:01:d5:8f:d3:bc:aa:d5:4c:52:f6:c5:a2:de:
d9:02:9c:6a:ec:bd:fe:43:67:f0:5e:32:64:b5:c2:
f6:91:09:e8:38:8c:e9:85:59:36:57:d0:4d:85:c3:
c8:6d:51:8e:7a:a3:94:85:9c:cc:2d:cc:64:62:43:
92:74:90:4b:b3:80:73:85:1a:c0:ef:16:4e:52:94:
fb:66:98:67:8f:b5:ba:00:24:74:c8:92:cb:1b:b2:
63:ac:a1:de:77:7a:1d:aa:56:b9:57:be:e5:f5:9b:
bc:3b:06:29:1d:ac:fa:0a:d2:33:b5:ab:37:f3:36:
21:f8:56:d7:f4:f9:49:e7:83:4d:93:1a:32:96:f6:
9a:81:4a:76:47:8d:fa:a7:1f:8d:94:7a:e0:c0:07:
51:de:9b:28:24:b3:f2:14:db:f4:82:eb:02:f4:f1:
36:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:22:31:4F:ED:29:8B:3A:6F:02:B6:FD:B0:D9:61:C0:FC:34:81:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
33:91:64:33:1c:b6:f7:cb:c9:17:34:2d:57:91:15:b5:40:dd:
08:e7:ba:d9:0b:15:48:ed:b4:98:b8:fe:41:f4:35:d2:b1:b9:
b3:6d:9b:ef:9d:3a:66:22:07:fb:5d:39:52:19:74:34:4d:0b:
6d:5e:ce:65:53:85:54:7e:bc:13:93:06:6f:31:b3:32:b8:4f:
62:35:d9:36:59:ee:94:e3:96:8d:40:d0:6e:23:ea:bb:24:5d:
0d:0b:95:9a:d9:df:69:79:d3:45:9b:f8:79:8c:21:20:69:93:
b9:00:a4:cb:4c:e4:ca:8b:4b:4b:d4:d0:4e:ef:bc:6c:c2:e2:
86:cd:c3:5a:97:ce:9f:08:6f:47:e4:df:2c:7e:58:a1:f9:aa:
91:1f:9f:e2:de:a5:4b:5d:b0:5a:1c:60:92:07:64:26:73:ff:
09:52:bb:e7:82:a7:4a:9e:10:1e:a6:82:02:37:9c:54:75:8d:
4e:5f:9c:78:aa:92:d5:30:8e:00:89:8c:e9:f4:e8:91:51:a1:
db:78:ed:99:b5:13:66:f9:18:55:58:3e:7b:3c:65:c6:4b:76:
3e:8b:86:af:a9:2e:95:e5:a1:d8:31:ac:e3:db:58:07:90:df:
d3:e4:fa:58:c3:9e:92:95:b1:16:34:a3:96:3d:4b:03:df:a8:
bd:6c:8d:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN4/yM6t3PuWkZ8q72yPyZMiF0lwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwNTJaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2NzE0OTE2MmMwMmYzZGYzZDkwZDc5YjdiZGNiMDM0OWU5YWRmMmYzZDQ2
YTRhOGVlZWM2YTk3MmU4OTAwMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOtx2qmi+bz4CcbEfG9QU/Ah+YtB4rNXw+5YvCla1IN8pvMe0alJPzpNkgRA
OS/flh8q0EFyrq99Wamjj83nqn8WgDnIugdwEOl+75w/wlkWVZJmUlFreR0aLRoB
1Y/TvKrVTFL2xaLe2QKcauy9/kNn8F4yZLXC9pEJ6DiM6YVZNlfQTYXDyG1Rjnqj
lIWczC3MZGJDknSQS7OAc4UawO8WTlKU+2aYZ4+1ugAkdMiSyxuyY6yh3nd6HapW
uVe+5fWbvDsGKR2s+grSM7WrN/M2IfhW1/T5SeeDTZMaMpb2moFKdkeN+qcfjZR6
4MAHUd6bKCSz8hTb9ILrAvTxNjECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRsIjFP
7SmLOm8Ctv2w2WHA/DSBazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAM5FkMxy298vJFzQtV5EVtUDdCOe62QsVSO20mLj+
QfQ10rG5s22b7506ZiIH+105Uhl0NE0LbV7OZVOFVH68E5MGbzGzMrhPYjXZNlnu
lOOWjUDQbiPquyRdDQuVmtnfaXnTRZv4eYwhIGmTuQCky0zkyotLS9TQTu+8bMLi
hs3DWpfOnwhvR+TfLH5YofmqkR+f4t6lS12wWhxgkgdkJnP/CVK754KnSp4QHqaC
AjecVHWNTl+ceKqS1TCOAImM6fTokVGh23jtmbUTZvkYVVg+ezxlxkt2PouGr6ku
leWh2DGs49tYB5Df0+T6WMOekpWxFjSjlj1LA9+ovWyNsw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:38 2025 by rpki-client