Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: aisObEakjy+wNSPRg2/9L+ZCxOxhMsyCmtXkIVN2CGs=
Subject key identifier: 6D:0E:1E:4D:4F:22:4B:D6:3E:78:02:14:24:84:0B:FA:41:4F:4E:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59F9CC2BAB329BC2B0C9E335BC185FF7BA6216A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f9:cc:2b:ab:32:9b:c2:b0:c9:e3:35:bc:18:5f:f7:ba:62:16:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=ee2f6e1e49c39739c9aa261e8295fe6cc4e889602c51da025a447b5ddaaaddd0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:c3:56:fc:71:39:19:a0:96:64:f6:0c:3f:b4:
a1:44:49:ce:95:44:2e:04:95:34:80:c7:61:11:12:
3c:91:53:e9:12:e1:2e:46:ea:06:ba:01:61:b8:0f:
2a:21:af:6c:36:c4:97:4b:9c:14:69:57:c6:b6:eb:
ae:b1:ec:c5:42:0f:04:bc:1c:2d:49:01:69:b7:87:
3c:04:da:45:e1:75:4c:25:d5:d1:19:3b:eb:7c:f9:
1b:56:5b:ac:38:e1:84:91:71:dd:e5:49:30:98:c8:
22:51:2b:ac:95:97:5a:66:bc:02:be:04:60:d4:84:
c1:58:5b:4e:01:f5:db:1f:02:ec:77:2f:d3:56:4b:
d1:7a:27:4c:59:0d:2b:49:76:ec:31:68:50:cc:b7:
2d:4a:fd:e4:93:55:99:da:14:40:6e:19:ac:25:10:
cd:c5:7c:8a:c0:42:6d:06:97:05:ab:30:b2:7e:68:
4d:6e:3a:82:b5:00:83:df:38:3c:91:f1:fa:75:25:
89:15:ac:37:af:89:99:1f:79:96:53:1b:f6:02:13:
97:0a:8e:77:0c:3e:82:8a:ce:84:6d:96:5a:a2:5d:
a1:87:10:a4:35:32:8c:8d:82:dc:0c:59:f3:57:aa:
16:9b:60:89:55:8a:be:14:46:ee:15:6b:1f:cd:18:
ee:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0E:1E:4D:4F:22:4B:D6:3E:78:02:14:24:84:0B:FA:41:4F:4E:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:30:b6:e5:f4:26:fd:a1:de:ba:18:56:47:72:75:e5:f4:33:
ae:ed:90:e3:28:c1:1f:d7:16:9c:28:67:73:dc:db:0e:08:e7:
15:20:49:dc:be:76:92:b5:21:4c:74:17:ac:81:0a:ab:b6:cf:
44:1b:99:45:85:b4:2e:73:ea:08:2c:4f:de:55:eb:78:b1:2c:
8d:6f:f3:d7:73:39:a2:ed:fe:de:ae:69:ba:34:de:a7:a7:6f:
62:97:19:57:b0:eb:b5:8e:53:37:c6:36:43:3e:ea:f5:a2:c1:
ed:4e:fd:64:33:54:b1:6e:05:d5:50:81:d7:c2:f7:55:b8:0e:
6b:4f:7d:8c:f6:5e:e9:11:6c:c0:87:ff:4c:46:5d:4f:60:39:
d0:32:c5:30:dc:dc:87:54:37:e3:d2:c3:a6:f1:98:9c:6f:a2:
ee:16:80:60:7f:1c:87:28:6a:22:ab:72:28:72:27:1f:a4:ca:
0b:2c:0f:cb:cc:59:64:ad:46:43:06:a4:bd:a3:b6:41:60:35:
be:7a:13:f2:e8:02:13:2c:e2:b3:73:f8:7e:1d:62:43:d7:ac:
db:a8:72:b4:70:2a:2b:29:dd:1b:4e:c8:8c:54:84:b3:5a:17:
35:57:1a:64:ed:3d:83:3d:70:b8:e9:7c:75:99:9d:6c:bf:52:
bf:f7:64:aa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWfnMK6sym8KwyeM1vBhf97piFqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMmY2ZTFlNDljMzk3MzljOWFhMjYxZTgyOTVmZTZjYzRlODg5NjAyYzUx
ZGEwMjVhNDQ3YjVkZGFhYWRkZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPTDVvxxORmglmT2DD+0oURJzpVELgSVNIDHYRESPJFT6RLhLkbqBroBYbgP
KiGvbDbEl0ucFGlXxrbrrrHsxUIPBLwcLUkBabeHPATaReF1TCXV0Rk763z5G1Zb
rDjhhJFx3eVJMJjIIlErrJWXWma8Ar4EYNSEwVhbTgH12x8C7Hcv01ZL0XonTFkN
K0l27DFoUMy3LUr95JNVmdoUQG4ZrCUQzcV8isBCbQaXBaswsn5oTW46grUAg984
PJHx+nUliRWsN6+JmR95llMb9gITlwqOdww+gorOhG2WWqJdoYcQpDUyjI2C3AxZ
81eqFptgiVWKvhRG7hVrH80Y7nkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtDh5N
TyJL1j54AhQkhAv6QU9OoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAfjC25fQm/aHeuhhWR3J15fQzru2Q4yjBH9cWnChn
c9zbDgjnFSBJ3L52krUhTHQXrIEKq7bPRBuZRYW0LnPqCCxP3lXreLEsjW/z13M5
ou3+3q5pujTep6dvYpcZV7DrtY5TN8Y2Qz7q9aLB7U79ZDNUsW4F1VCB18L3VbgO
a099jPZe6RFswIf/TEZdT2A50DLFMNzch1Q349LDpvGYnG+i7haAYH8chyhqIqty
KHInH6TKCywPy8xZZK1GQwakvaO2QWA1vnoT8ugCEyzis3P4fh1iQ9es26hytHAq
KyndG07IjFSEs1oXNVcaZO09gz1wuOl8dZmdbL9Sv/dkqg==
-----END CERTIFICATE-----
Generated at Sat May 3 07:46:08 2025 by rpki-client