Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
File: 2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa (raw, json)
Hash identifier: XJEKruAI9FG5Ux5uLSz/FQjIDA/4o0USurachz94N8w=
Subject key identifier: E9:4F:59:A2:C6:C3:39:26:16:A6:29:4A:DC:A8:A8:86:8E:2E:E7:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49FDBDC2566330B454ADC7A908666DF1F88763
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.96.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:fd:bd:c2:56:63:30:b4:54:ad:c7:a9:08:66:6d:f1:f8:87:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=8a2948087494a9b14a7f597fa04bcf9e290f412e16183f3951f3157f5cf84de4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3f:be:c7:02:cc:1d:c1:b9:42:3b:0c:b2:a8:
e0:62:7c:1b:d0:02:2d:aa:03:3b:0b:44:58:1e:44:
f8:52:ef:ef:4d:a1:e0:a5:71:d4:dc:68:35:d2:e8:
43:e7:75:ca:33:6c:1a:57:45:40:7b:ac:65:7b:7e:
0d:8e:b8:be:81:b9:11:5d:17:6a:d0:8d:7b:18:10:
57:6b:da:4c:21:d3:ca:38:4a:81:0c:14:32:b6:42:
4f:77:e4:9e:8a:6c:9c:e5:c2:2a:2c:50:03:a7:fd:
d4:b8:00:1f:8f:04:21:e9:af:c6:ae:df:02:6e:3b:
eb:8b:69:f3:fe:4b:20:60:5c:3c:61:c8:76:8c:8b:
43:b0:17:a7:99:e5:05:28:00:6a:5d:c2:81:ce:4c:
55:d0:bd:0b:14:77:94:fc:21:d9:3c:5a:68:1a:8d:
ab:8f:2a:c6:7f:88:e0:ee:d7:10:0f:ed:a4:fd:87:
33:2f:1a:6a:2b:30:3d:4a:ae:1a:d8:e0:cb:a5:3b:
db:06:ba:ee:fd:06:d6:c5:43:c1:de:92:5d:ae:cf:
fd:26:e7:fb:4a:0b:a1:7c:e6:e6:3e:cb:d6:08:d0:
2f:99:1a:e5:88:69:f6:ac:58:f8:03:e8:c5:f6:54:
13:ac:6d:b1:96:26:46:27:40:84:44:47:dd:6a:72:
64:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:4F:59:A2:C6:C3:39:26:16:A6:29:4A:DC:A8:A8:86:8E:2E:E7:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.96.0/19
Signature Algorithm: sha256WithRSAEncryption
79:0a:b2:3d:1a:50:31:b9:d5:a0:d4:0f:e7:9c:88:32:b3:f4:
3a:7a:27:9c:db:6a:95:a1:bb:40:50:2c:0c:c7:60:31:3e:29:
ee:99:50:65:f0:87:6a:71:0a:0a:e2:54:7d:72:fa:28:33:19:
d7:b2:df:82:4e:7f:04:ce:57:30:4e:67:2d:fa:eb:58:16:32:
10:69:76:83:1a:4e:a6:34:03:14:c3:3a:14:a9:b1:cb:88:df:
ee:de:8c:6f:eb:8e:79:50:ca:98:23:9b:80:50:ac:1c:a8:53:
3b:c3:5f:81:56:89:63:53:d8:b1:5f:f4:0a:bd:13:9c:04:2d:
3d:76:52:c4:b5:48:53:d5:02:90:51:4c:46:24:e1:0a:db:a8:
ea:b4:8a:e4:86:9b:d1:35:ff:51:fb:6e:8d:8a:4b:2e:b1:fc:
9e:32:5a:90:65:67:d3:a0:dd:1f:ac:eb:a9:c2:a4:d9:b9:99:
6c:a6:ec:ff:8c:68:e5:f8:c9:b3:05:66:c4:42:a8:48:74:a9:
09:a8:45:90:fe:fc:79:7a:e6:32:34:2b:9c:b3:68:94:dd:c6:
fe:2d:f0:5d:26:1a:6e:3a:f7:80:82:0e:30:9e:38:91:a9:57:
e7:32:31:f9:02:e3:ef:4c:73:11:6f:1a:13:50:88:df:cf:4b:
82:59:ce:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgITSf29wlZjMLRUrcepCGZt8fiHYzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDEyODAwMDAwMFoXDTI1MDMwNDIzNTk1OVowejFJMEcGA1UE
BRNAOGEyOTQ4MDg3NDk0YTliMTRhN2Y1OTdmYTA0YmNmOWUyOTBmNDEyZTE2MTgz
ZjM5NTFmMzE1N2Y1Y2Y4NGRlNDEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5T++xwLMHcG5QjsMsqjgYnwb0AItqgM7C0RYHkT4Uu/vTaHgpXHU3Gg10uhD
53XKM2waV0VAe6xle34Njri+gbkRXRdq0I17GBBXa9pMIdPKOEqBDBQytkJPd+Se
imyc5cIqLFADp/3UuAAfjwQh6a/Grt8Cbjvri2nz/ksgYFw8Ych2jItDsBenmeUF
KABqXcKBzkxV0L0LFHeU/CHZPFpoGo2rjyrGf4jg7tcQD+2k/YczLxpqKzA9Sq4a
2ODLpTvbBrru/QbWxUPB3pJdrs/9Juf7SguhfObmPsvWCNAvmRrliGn2rFj4A+jF
9lQTrG2xliZGJ0CEREfdanJk/wIDAQABo4ICITCCAh0wHQYDVR0OBBYEFOlPWaLG
wzkmFqYpStyoqIaOLucNMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8y
ZmQ4MDM3ZC0wNTM2LTQyYmMtYWY1Yy00ZDBlZDRmOGRlNzgucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsCJgMA0G
CSqGSIb3DQEBCwUAA4IBAQB5CrI9GlAxudWg1A/nnIgys/Q6eiec22qVobtAUCwM
x2AxPinumVBl8IdqcQoK4lR9cvooMxnXst+CTn8EzlcwTmct+utYFjIQaXaDGk6m
NAMUwzoUqbHLiN/u3oxv6455UMqYI5uAUKwcqFM7w1+BVoljU9ixX/QKvROcBC09
dlLEtUhT1QKQUUxGJOEK26jqtIrkhpvRNf9R+26NiksusfyeMlqQZWfToN0frOup
wqTZuZlspuz/jGjl+MmzBWbEQqhIdKkJqEWQ/vx5euYyNCucs2iU3cb+LfBdJhpu
OveAgg4wnjiRqVfnMjH5AuPvTHMRbxoTUIjfz0uCWc4c
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:09 2025 by rpki-client