Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: SsAZjLVv55xp6D7mi4/t0yKioayH3MHz/zGcYhLDPik=
Subject key identifier: FB:FC:13:B6:6C:1E:8B:17:0C:DE:23:E6:68:5E:B5:14:D2:2F:A9:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23E4CBA901ED81A71BA55FF36510078295198350
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e4:cb:a9:01:ed:81:a7:1b:a5:5f:f3:65:10:07:82:95:19:83:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=7ce48f5186aaec0cd6209e283f0ec717dd15e4038abfa5dff469c9ade817a189, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:05:9d:9b:30:87:45:38:b2:f0:f9:33:63:85:
62:d8:88:10:30:f9:d4:19:0a:9d:e4:e9:bc:bd:78:
82:c2:18:e7:a8:08:db:9f:d2:a0:fa:bc:6b:42:7c:
e9:be:e6:49:70:c1:3b:31:8a:2f:5d:4b:1e:28:2b:
46:dd:a7:54:d0:55:3d:0e:e4:6a:f7:22:b8:e1:34:
f9:0e:30:bc:b2:6a:74:a4:25:6b:38:22:6c:42:d8:
68:47:75:b8:12:9c:d4:c1:3a:bb:ac:9b:79:a7:ac:
82:da:a9:b4:3f:ce:a6:e5:a9:e6:35:ef:c2:55:62:
df:a7:6d:e9:ae:b5:34:0d:43:6a:1c:b3:10:12:a1:
43:ff:b6:7d:88:da:63:6f:52:20:ce:c5:eb:b2:12:
65:85:4a:54:47:b7:82:5d:01:bd:73:09:75:5a:f2:
97:00:9c:66:a1:4d:ca:a9:9b:d1:2c:d5:99:35:a7:
e9:d3:cf:c7:55:07:58:02:2e:57:6f:5b:b9:72:f5:
fc:6f:49:37:37:0a:c3:42:4f:aa:0c:53:42:36:f5:
bb:bf:61:48:c3:d6:1d:6d:d2:e4:97:05:57:69:8d:
74:ab:e2:97:5d:a7:b4:1f:56:02:52:a1:3b:0d:fc:
23:53:eb:f0:df:35:9b:cd:c9:1a:f8:ff:ff:b5:ea:
1d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FC:13:B6:6C:1E:8B:17:0C:DE:23:E6:68:5E:B5:14:D2:2F:A9:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
90:d3:3e:ca:42:c2:5f:52:8c:c4:ee:60:85:4d:d6:5f:a9:70:
09:8d:18:d5:cf:50:34:44:7d:cd:17:4f:67:53:41:a4:c4:58:
9e:66:f2:ee:d8:ff:c6:2d:8a:c6:1b:b2:3b:15:81:16:35:d7:
75:e8:3b:17:47:aa:c1:a8:12:24:ef:e8:03:35:9a:13:30:90:
44:07:a7:e4:32:0f:48:82:e2:1b:2b:f6:44:61:40:92:a4:8e:
44:cb:26:33:fd:42:97:2f:f9:a5:61:bd:09:20:e3:ec:02:5e:
a1:21:99:87:16:33:be:64:6c:00:6c:5a:fc:cd:80:cb:38:a9:
d1:de:0f:04:5c:5d:63:9b:be:52:4f:58:2c:38:e0:db:fb:9f:
36:8e:14:00:30:fa:64:71:2e:90:ec:ea:10:26:4f:09:e0:89:
2e:f5:05:7e:ff:10:68:2c:c8:9f:55:8b:25:10:a5:8d:3a:0f:
23:9e:c4:81:df:c6:80:f5:e1:d3:05:09:0b:f6:80:5a:20:ce:
c9:dd:81:06:2f:07:f0:01:2e:82:93:39:00:e8:33:fb:ed:4d:
90:f7:6f:c4:0d:e8:5d:24:c1:f3:1a:5a:af:ca:e8:92:4d:e7:
aa:5c:ed:d6:0c:52:6a:bb:53:bf:a0:9f:ec:01:cc:c2:d9:59:
47:5c:83:da
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI+TLqQHtgacbpV/zZRAHgpUZg1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjZTQ4ZjUxODZhYWVjMGNkNjIwOWUyODNmMGVjNzE3ZGQxNWU0MDM4YWJm
YTVkZmY0NjljOWFkZTgxN2ExODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoFnZswh0U4svD5M2OFYtiIEDD51BkKneTpvL14gsIY56gI25/SoPq8a0J8
6b7mSXDBOzGKL11LHigrRt2nVNBVPQ7kavciuOE0+Q4wvLJqdKQlazgibELYaEd1
uBKc1ME6u6ybeaesgtqptD/OpuWp5jXvwlVi36dt6a61NA1DahyzEBKhQ/+2fYja
Y29SIM7F67ISZYVKVEe3gl0BvXMJdVrylwCcZqFNyqmb0SzVmTWn6dPPx1UHWAIu
V29buXL1/G9JNzcKw0JPqgxTQjb1u79hSMPWHW3S5JcFV2mNdKvil12ntB9WAlKh
Ow38I1Pr8N81m83JGvj//7XqHekCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT7/BO2
bB6LFwzeI+ZoXrUU0i+phTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEAkNM+ykLCX1KMxO5ghU3WX6lwCY0Y1c9QNER9zRdP
Z1NBpMRYnmby7tj/xi2KxhuyOxWBFjXXdeg7F0eqwagSJO/oAzWaEzCQRAen5DIP
SILiGyv2RGFAkqSORMsmM/1Cly/5pWG9CSDj7AJeoSGZhxYzvmRsAGxa/M2Ayzip
0d4PBFxdY5u+Uk9YLDjg2/ufNo4UADD6ZHEukOzqECZPCeCJLvUFfv8QaCzIn1WL
JRCljToPI57Egd/GgPXh0wUJC/aAWiDOyd2BBi8H8AEugpM5AOgz++1NkPdvxA3o
XSTB8xpar8rokk3nqlzt1gxSartTv6Cf7AHMwtlZR1yD2g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:21 2025 by rpki-client