Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
File: 54957543-b22c-43fb-b523-8f40c64fe15d.roa (raw, json)
Hash identifier: RshI60Jabz4/BdfgrdQTgkp73+HxlazxO8N/BQd8yDI=
Subject key identifier: 28:2D:D8:1A:AE:07:D2:FC:DB:CE:49:B1:9B:EB:CD:2D:50:35:0C:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 628C3481811C8562B2EFE71B09192E2B94486073
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:8c:34:81:81:1c:85:62:b2:ef:e7:1b:09:19:2e:2b:94:48:60:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=af24e5ee777925a0a0dc8daa6264419a2305517ceee82a376a9654c7ea637809, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:45:f1:72:bf:99:49:e9:98:0c:1d:92:74:8b:
49:60:6d:b6:1f:e4:59:aa:f8:57:65:e5:8e:ca:48:
a5:2f:94:2d:97:e5:c1:e7:3b:95:04:d2:d9:1d:27:
11:47:d0:07:9e:28:94:66:48:2f:3a:16:c0:69:37:
68:c5:69:1a:e2:d7:a8:45:06:e6:a2:51:cb:85:54:
d8:1b:2d:5b:db:c2:7d:7d:f7:1d:ba:ab:7a:57:89:
9f:79:cc:69:bc:ac:21:a4:37:61:c9:ab:0d:4b:8c:
52:a0:d0:2b:d7:49:08:ee:e7:6e:bc:23:bd:4a:8f:
1d:bb:bf:71:a8:b4:d5:c4:37:46:ad:8d:e3:62:ef:
dd:db:7d:02:47:00:55:17:3f:39:71:82:b4:52:81:
0e:d9:bb:6c:ff:47:ce:7d:5f:a0:56:0a:90:ad:5e:
6a:b1:a1:56:67:ae:2a:38:bb:20:f2:1e:05:ae:28:
e1:b4:04:9f:b2:67:1d:65:68:9a:50:12:5c:1b:67:
ed:06:a8:ba:80:fd:d5:82:00:fe:2a:cf:6d:6e:c7:
3e:b2:a9:89:10:18:92:a9:ff:01:59:a8:2b:fd:9f:
b9:26:f7:12:98:0c:c0:06:5b:07:c3:60:20:84:8c:
5d:1c:68:e3:81:16:66:5b:8f:f0:c9:29:09:d0:27:
8d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2D:D8:1A:AE:07:D2:FC:DB:CE:49:B1:9B:EB:CD:2D:50:35:0C:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/19
Signature Algorithm: sha256WithRSAEncryption
c4:eb:1c:34:1c:05:b7:96:bd:63:71:41:29:1f:b3:1c:2d:e2:
f9:a0:dd:3d:75:a9:6b:fc:6a:17:32:32:04:65:52:2f:15:a7:
f7:3b:75:40:62:1b:f2:f9:93:48:a8:50:39:52:9d:71:ec:4e:
81:aa:15:7e:ce:22:f5:2a:3f:f6:53:8b:12:2c:f4:5c:7e:f2:
d8:5f:e2:d0:80:84:44:58:2b:d5:68:4b:3e:e8:50:4b:32:fa:
8b:67:de:ea:4b:3f:88:19:db:2e:96:dc:a1:f7:f6:2b:af:62:
3a:75:ea:7e:c4:fe:3b:e2:32:58:1f:ce:c7:a9:b7:f9:7b:d0:
98:d6:e6:d9:17:4d:6d:e1:73:8f:bb:d4:07:e6:0a:67:82:88:
a7:20:58:51:af:f7:f4:77:fa:e9:a4:f0:b2:f8:2a:d1:e2:12:
60:22:c3:97:52:b3:2b:73:43:cd:e9:08:3c:de:44:47:af:3f:
70:d0:b5:e2:4f:0f:38:e9:9b:2f:2d:86:d0:86:a4:c3:63:aa:
7f:98:31:53:f5:e3:4a:b5:84:2e:af:fa:33:7f:ad:6e:0b:0a:
83:14:7e:05:95:0c:d5:59:8f:1e:45:8e:e2:73:3f:3a:d3:cd:
89:00:1b:25:e3:0f:b9:15:84:0f:95:72:ec:f9:fa:47:e0:b3:
cd:12:1e:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYow0gYEchWKy7+cbCRkuK5RIYHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMjRlNWVlNzc3OTI1YTBhMGRjOGRhYTYyNjQ0MTlhMjMwNTUxN2NlZWU4
MmEzNzZhOTY1NGM3ZWE2Mzc4MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORF8XK/mUnpmAwdknSLSWBtth/kWar4V2XljspIpS+ULZflwec7lQTS2R0n
EUfQB54olGZILzoWwGk3aMVpGuLXqEUG5qJRy4VU2BstW9vCfX33HbqreleJn3nM
abysIaQ3YcmrDUuMUqDQK9dJCO7nbrwjvUqPHbu/cai01cQ3Rq2N42Lv3dt9AkcA
VRc/OXGCtFKBDtm7bP9Hzn1foFYKkK1earGhVmeuKji7IPIeBa4o4bQEn7JnHWVo
mlASXBtn7QaouoD91YIA/irPbW7HPrKpiRAYkqn/AVmoK/2fuSb3EpgMwAZbB8Ng
IISMXRxo44EWZluP8MkpCdAnjfUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQoLdga
rgfS/NvOSbGb680tUDUMajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ5NTc1NDMtYjIyYy00M2ZiLWI1MjMtOGY0MGM2NGZlMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxOscNBwFt5a9Y3FBKR+zHC3i+aDdPXWpa/xqFzIy
BGVSLxWn9zt1QGIb8vmTSKhQOVKdcexOgaoVfs4i9So/9lOLEiz0XH7y2F/i0ICE
RFgr1WhLPuhQSzL6i2fe6ks/iBnbLpbcoff2K69iOnXqfsT+O+IyWB/Ox6m3+XvQ
mNbm2RdNbeFzj7vUB+YKZ4KIpyBYUa/39Hf66aTwsvgq0eISYCLDl1KzK3NDzekI
PN5ER68/cNC14k8POOmbLy2G0Iakw2Oqf5gxU/XjSrWELq/6M3+tbgsKgxR+BZUM
1VmPHkWO4nM/OtPNiQAbJeMPuRWED5Vy7Pn6R+CzzRIesw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:00 2025 by rpki-client