Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: jJB7+d0BSe8mKZG6gMj+DiJoBezJX2C0XkvKYNPhxJY=
Subject key identifier: 66:50:76:39:D6:EB:B3:29:B6:C2:F9:FC:CE:4F:65:5E:D7:84:AC:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 189B1EAA211D77F9A4EBFB6C90E9B4F60FB2DBE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:9b:1e:aa:21:1d:77:f9:a4:eb:fb:6c:90:e9:b4:f6:0f:b2:db:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=8e5a36c6cb43dc6fdfe29c818ff3cde6709dead336c221a60881b8a72c476b65, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:09:6a:72:40:3e:19:fd:d6:51:6b:8e:e2:ae:
53:65:cf:63:ec:2c:df:d5:18:f5:23:15:38:f2:53:
c5:f1:80:c1:b1:d8:4c:9c:c1:f5:17:ff:25:e2:e3:
ce:93:5a:62:0f:05:26:ed:d5:9b:bb:28:61:b3:68:
a8:8b:99:a8:03:d8:7a:8a:43:33:e2:6f:69:3e:03:
59:6f:b1:64:7c:b2:bb:43:cf:64:61:67:8e:9f:91:
24:dc:f7:f3:80:78:8a:89:88:f6:03:7c:0c:03:47:
67:ae:60:01:20:96:c4:63:10:7f:37:e0:ef:db:2e:
95:0f:ea:21:0f:6d:a6:69:9d:56:bb:9e:59:a0:58:
a0:76:bb:3a:5d:7d:1b:ac:0a:99:27:15:e8:2a:4f:
bb:f2:dc:4f:66:f3:5a:67:21:49:43:48:ef:a8:96:
6c:17:16:14:86:d6:49:d5:90:b9:85:17:c9:70:ef:
08:de:ca:85:63:f2:9c:e0:04:14:38:ac:66:47:3b:
74:46:6b:39:00:e9:e1:26:df:e4:71:f8:fb:8e:59:
5e:fc:49:e6:89:8f:f1:66:1f:bc:6f:3c:53:fc:61:
33:ad:fa:ae:45:3c:90:4b:2f:4f:e6:be:eb:e4:5b:
4b:f3:01:aa:cd:ac:f7:84:42:ad:6f:44:2f:d2:05:
74:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:50:76:39:D6:EB:B3:29:B6:C2:F9:FC:CE:4F:65:5E:D7:84:AC:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:58:e9:ce:c8:eb:dd:4b:f6:49:f0:ed:6c:da:27:08:ee:71:
c6:8b:06:d5:d9:9c:55:84:5f:18:9b:90:5c:ed:22:37:53:56:
8d:2d:1b:63:0c:e9:83:e9:85:78:4a:ac:db:c9:3b:dc:d6:61:
1a:b7:80:7d:63:8f:c5:3f:82:5e:34:fe:84:4c:a8:8d:d9:95:
2c:14:78:e3:26:85:7c:34:56:2c:16:eb:0f:30:a0:76:a7:68:
80:be:1f:38:46:12:48:97:50:92:39:02:02:14:4a:e8:0c:67:
e0:95:94:45:a1:19:51:dd:d9:6d:f4:54:6d:ca:f2:8c:86:65:
64:4a:c7:b0:3c:18:68:69:91:e7:e6:0c:19:58:5e:67:72:bd:
59:7b:3e:85:f2:23:70:6b:e0:78:79:37:42:0a:27:44:5d:b2:
03:86:21:00:16:a8:dc:78:fd:da:47:09:35:a9:f8:4f:37:1b:
69:a6:40:73:a0:d2:7a:7f:8b:31:58:60:c1:73:87:53:49:d1:
e5:85:be:27:ca:41:c7:cb:19:35:9f:52:0b:b9:a6:12:e0:50:
2e:b3:9d:2b:ce:9e:70:e7:a8:85:6a:15:4d:4b:66:03:0e:af:
1a:21:48:3a:92:b0:7d:09:dd:ae:01:c1:7a:28:c2:08:3f:42:
21:be:90:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGJseqiEdd/mk6/tskOm09g+y2+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNWEzNmM2Y2I0M2RjNmZkZmUyOWM4MThmZjNjZGU2NzA5ZGVhZDMzNmMy
MjFhNjA4ODFiOGE3MmM0NzZiNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsJanJAPhn91lFrjuKuU2XPY+ws39UY9SMVOPJTxfGAwbHYTJzB9Rf/JeLj
zpNaYg8FJu3Vm7soYbNoqIuZqAPYeopDM+JvaT4DWW+xZHyyu0PPZGFnjp+RJNz3
84B4iomI9gN8DANHZ65gASCWxGMQfzfg79sulQ/qIQ9tpmmdVrueWaBYoHa7Ol19
G6wKmScV6CpPu/LcT2bzWmchSUNI76iWbBcWFIbWSdWQuYUXyXDvCN7KhWPynOAE
FDisZkc7dEZrOQDp4Sbf5HH4+45ZXvxJ5omP8WYfvG88U/xhM636rkU8kEsvT+a+
6+RbS/MBqs2s94RCrW9EL9IFdBcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmUHY5
1uuzKbbC+fzOT2Ve14SsDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAt1jpzsjr3Uv2SfDtbNonCO5xxosG1dmcVYRfGJuQ
XO0iN1NWjS0bYwzpg+mFeEqs28k73NZhGreAfWOPxT+CXjT+hEyojdmVLBR44yaF
fDRWLBbrDzCgdqdogL4fOEYSSJdQkjkCAhRK6Axn4JWURaEZUd3ZbfRUbcryjIZl
ZErHsDwYaGmR5+YMGVheZ3K9WXs+hfIjcGvgeHk3QgonRF2yA4YhABao3Hj92kcJ
Nan4TzcbaaZAc6DSen+LMVhgwXOHU0nR5YW+J8pBx8sZNZ9SC7mmEuBQLrOdK86e
cOeohWoVTUtmAw6vGiFIOpKwfQndrgHBeijCCD9CIb6QRg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:14 2025 by rpki-client