Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
File: 3c89eb14-e34b-4729-9b6f-b536e1e06692.roa (raw, json)
Hash identifier: eATFDjeDBC3ZEN2yj1a+jZhgkUXtn9gShhfP1o0RqW0=
Subject key identifier: A9:35:36:1A:22:7D:47:EF:63:74:34:2F:4C:A8:47:A6:74:98:17:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50D7D088A3DCFC9D59F59EC284136CED812D6F82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:d7:d0:88:a3:dc:fc:9d:59:f5:9e:c2:84:13:6c:ed:81:2d:6f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=8b25f3f2e932cdca5ffe120f9f7759e2ca48c4d3e16068cdf09a273001e3fa58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:01:01:ba:23:f5:4a:47:e1:df:e6:9a:96:af:
5a:bf:ea:7d:ce:74:dd:6a:e0:7b:50:0a:c6:3a:85:
95:5c:3f:3e:c3:29:c8:6e:86:85:eb:58:35:08:43:
1b:94:d7:d7:a7:3a:ca:8e:3e:3e:e2:18:42:24:f0:
ad:89:d3:c3:96:7e:9e:ef:61:79:24:99:4e:3a:12:
5d:02:17:f0:29:c8:75:56:41:68:71:0d:d4:ac:19:
10:e1:b1:35:6f:55:48:a7:e2:89:2f:9c:69:f9:9f:
80:79:cd:ac:fa:da:2c:cc:41:10:60:66:7f:0e:17:
b9:ac:1f:9b:b0:3b:ab:07:fa:86:51:0b:d3:a0:10:
74:e1:30:88:27:5f:fa:27:6b:e4:4e:31:c5:12:25:
6f:a0:7d:16:6a:79:db:16:fc:62:ff:dc:58:23:84:
b1:f4:1d:ab:56:0f:10:ec:5d:0b:94:c3:9e:7b:47:
74:e2:cb:c5:7d:49:ec:38:58:6e:1a:04:8a:30:eb:
d6:59:ba:bb:e2:f1:ae:49:d7:b4:2e:03:63:04:77:
e7:81:35:2a:f4:7a:7d:60:12:c9:a1:da:e1:58:5b:
b9:a5:08:eb:0e:d2:f5:70:69:3a:4a:ea:f4:28:39:
c0:24:b5:60:97:2b:a5:7e:ba:96:c3:86:6a:ff:05:
53:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:35:36:1A:22:7D:47:EF:63:74:34:2F:4C:A8:47:A6:74:98:17:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:8c:ac:56:95:1a:1a:fa:04:3b:33:c6:cf:a5:ac:01:2e:2b:
b8:cd:1f:97:7d:63:ab:3e:be:cb:7b:bc:28:68:ba:32:74:0b:
fb:f1:47:44:36:14:4d:03:a3:ee:db:fd:33:bd:d5:42:d5:cb:
ab:88:22:41:0d:f4:0d:aa:bc:5d:fb:46:b7:b7:e5:df:4a:92:
6d:74:ea:1b:c7:17:07:7d:7f:f4:91:1c:22:94:ce:aa:19:fd:
1c:08:4c:40:a7:5e:f9:06:b1:c4:b8:c6:8a:94:97:3a:fa:77:
f0:2b:e7:e1:93:68:cd:c7:76:6b:db:55:ff:80:93:43:af:68:
b5:06:46:82:0a:8e:b7:80:59:ce:6e:61:0a:fb:4c:5a:8e:cd:
a5:18:9b:89:d7:c1:85:65:9b:de:7b:85:da:5f:3c:02:3a:b4:
0b:55:f0:96:bb:a3:98:fe:54:73:74:f4:b8:db:a8:53:a6:00:
5e:20:02:3d:b0:4a:17:f5:de:4b:31:79:54:88:ad:5f:9b:cc:
74:a5:9d:74:b3:5e:87:73:74:28:02:34:f3:1e:43:04:81:8c:
b6:4c:04:27:bd:a7:f3:88:ee:f3:bb:4b:6d:ab:3b:ab:be:66:
47:e4:22:02:d2:50:c7:09:e9:46:e8:56:92:09:50:1b:2e:2c:
8a:35:c1:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUNfQiKPc/J1Z9Z7ChBNs7YEtb4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiMjVmM2YyZTkzMmNkY2E1ZmZlMTIwZjlmNzc1OWUyY2E0OGM0ZDNlMTYw
NjhjZGYwOWEyNzMwMDFlM2ZhNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcBAboj9UpH4d/mmpavWr/qfc503Wrge1AKxjqFlVw/PsMpyG6GhetYNQhD
G5TX16c6yo4+PuIYQiTwrYnTw5Z+nu9heSSZTjoSXQIX8CnIdVZBaHEN1KwZEOGx
NW9VSKfiiS+cafmfgHnNrPraLMxBEGBmfw4Xuawfm7A7qwf6hlEL06AQdOEwiCdf
+idr5E4xxRIlb6B9Fmp52xb8Yv/cWCOEsfQdq1YPEOxdC5TDnntHdOLLxX1J7DhY
bhoEijDr1lm6u+LxrknXtC4DYwR354E1KvR6fWASyaHa4VhbuaUI6w7S9XBpOkrq
9Cg5wCS1YJcrpX66lsOGav8FU48CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSpNTYa
In1H72N0NC9MqEemdJgX/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M4OWViMTQtZTM0Yi00NzI5LTliNmYtYjUzNmUxZTA2NjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAt4ysVpUaGvoEOzPGz6WsAS4ruM0fl31jqz6+y3u8
KGi6MnQL+/FHRDYUTQOj7tv9M73VQtXLq4giQQ30Daq8XftGt7fl30qSbXTqG8cX
B31/9JEcIpTOqhn9HAhMQKde+QaxxLjGipSXOvp38Cvn4ZNozcd2a9tV/4CTQ69o
tQZGggqOt4BZzm5hCvtMWo7NpRibidfBhWWb3nuF2l88Ajq0C1XwlrujmP5Uc3T0
uNuoU6YAXiACPbBKF/XeSzF5VIitX5vMdKWddLNeh3N0KAI08x5DBIGMtkwEJ72n
84ju87tLbas7q75mR+QiAtJQxwnpRuhWkglQGy4sijXBVA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:12 2025 by rpki-client