Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: OMboPNKOtgZmNvF+jTT2XD24aCXB8zegtvJbMetWhi4=
Subject key identifier: 2C:F7:64:DA:30:33:E2:F6:58:A1:AF:0F:9B:1B:02:FA:AF:43:10:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 174163EDB1E163B69D42CDE7EBCC6612221C7A4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:41:63:ed:b1:e1:63:b6:9d:42:cd:e7:eb:cc:66:12:22:1c:7a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=9243b8871dbe53cc842d0ccafa5f003a758cd42ae006f7ef3cb52e08d2bd12d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:af:7c:28:b5:f5:c0:3f:69:13:06:b5:70:c8:
5e:a1:97:c5:51:2e:db:dc:fd:dc:36:e7:8c:67:2c:
8a:ec:8d:22:ed:d2:c7:e7:15:2e:84:9c:c1:f6:2c:
a7:26:09:a7:ac:f5:d3:b3:fc:6d:36:67:8d:53:ed:
ca:a2:6a:75:d1:89:18:4b:11:b1:b0:bb:4a:e0:36:
8e:f8:b0:29:1f:06:9d:28:3c:07:91:05:2f:f4:20:
52:3b:bb:d9:72:1e:63:83:1d:ff:90:fe:f8:59:bd:
1d:75:8e:e3:0e:80:e1:59:3a:fc:b2:e9:35:27:02:
4c:73:32:44:60:5e:91:f9:f1:9f:3e:b5:5f:9d:a9:
86:04:90:0b:73:d2:f8:e1:5e:f3:ef:89:9f:1c:e5:
05:46:7a:45:ce:8d:20:3d:d4:90:01:4c:af:f9:3c:
40:b8:98:ed:3a:53:82:87:d0:16:0e:bd:38:10:84:
c9:28:bc:a4:26:ce:67:57:f2:b0:c4:77:49:46:49:
98:1e:2f:cc:59:6a:a3:bb:43:e9:f0:55:ec:9f:ae:
4c:85:d3:6b:55:46:c0:6d:8b:fb:30:f8:14:ca:e2:
10:29:26:df:9f:34:2d:2e:31:23:70:b7:ec:a4:98:
47:d4:dd:8a:f7:31:22:2c:f9:2b:17:c0:00:85:62:
d7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F7:64:DA:30:33:E2:F6:58:A1:AF:0F:9B:1B:02:FA:AF:43:10:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:2d:f0:16:f0:1f:99:bd:3c:1b:36:1c:d4:41:1f:6f:d6:b5:
26:68:a2:dc:1d:a3:64:f8:4c:44:4e:a3:81:8e:0b:83:1e:e6:
ee:ea:d8:06:50:43:b6:e4:91:85:c3:73:68:42:a5:61:c1:6f:
98:14:e5:8a:72:56:3e:94:b7:c7:1e:68:13:35:89:77:99:ac:
c7:2e:34:31:97:2d:0a:e7:14:5b:90:91:b8:87:73:df:9f:8c:
03:da:67:0b:cd:4d:ff:9a:b7:78:a0:a0:c9:2d:72:4d:3a:0a:
3e:20:1b:e9:06:b7:12:a6:00:fc:0b:f3:75:e7:99:9b:b2:23:
9a:17:3d:5e:a4:a7:ee:9a:68:e0:93:3d:4d:3b:47:44:b1:e9:
ef:ed:14:d0:b2:e3:ea:31:91:90:bb:93:f6:94:92:26:e7:c0:
33:30:74:6f:c7:c5:83:7c:3d:3c:8c:f0:11:c6:09:3a:40:0e:
e1:08:cb:f8:f7:6e:fc:67:5b:03:2b:7d:6a:e8:94:f2:9c:47:
ac:21:18:c2:0c:c2:85:0b:8f:18:21:5a:b9:cf:a8:45:14:99:
99:de:f0:c4:73:d3:a2:e1:5f:be:cc:b6:1b:0e:ed:07:9d:8f:
6c:ad:d8:3b:51:7c:fd:bd:f9:89:f1:cb:5a:ed:33:9e:57:3c:
66:a0:98:20
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUF0Fj7bHhY7adQs3n68xmEiIcek0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyNDNiODg3MWRiZTUzY2M4NDJkMGNjYWZhNWYwMDNhNzU4Y2Q0MmFlMDA2
ZjdlZjNjYjUyZTA4ZDJiZDEyZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOqvfCi19cA/aRMGtXDIXqGXxVEu29z93DbnjGcsiuyNIu3Sx+cVLoScwfYs
pyYJp6z107P8bTZnjVPtyqJqddGJGEsRsbC7SuA2jviwKR8GnSg8B5EFL/QgUju7
2XIeY4Md/5D++Fm9HXWO4w6A4Vk6/LLpNScCTHMyRGBekfnxnz61X52phgSQC3PS
+OFe8++JnxzlBUZ6Rc6NID3UkAFMr/k8QLiY7TpTgofQFg69OBCEySi8pCbOZ1fy
sMR3SUZJmB4vzFlqo7tD6fBV7J+uTIXTa1VGwG2L+zD4FMriECkm3580LS4xI3C3
7KSYR9TdivcxIiz5KxfAAIVi17ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQs92Ta
MDPi9lihrw+bGwL6r0MQ7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEAty3wFvAfmb08GzYc1EEfb9a1Jmii3B2jZPhMRE6j
gY4Lgx7m7urYBlBDtuSRhcNzaEKlYcFvmBTlinJWPpS3xx5oEzWJd5msxy40MZct
CucUW5CRuIdz35+MA9pnC81N/5q3eKCgyS1yTToKPiAb6Qa3EqYA/AvzdeeZm7Ij
mhc9XqSn7ppo4JM9TTtHRLHp7+0U0LLj6jGRkLuT9pSSJufAMzB0b8fFg3w9PIzw
EcYJOkAO4QjL+Pdu/GdbAyt9auiU8pxHrCEYwgzChQuPGCFauc+oRRSZmd7wxHPT
ouFfvsy2Gw7tB52PbK3YO1F8/b35ifHLWu0znlc8ZqCYIA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:05 2025 by rpki-client