Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
File: 8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa (raw, json)
Hash identifier: 0RyLOKTz+FqG2RiECbjP82yhcR3OPnV5DaMuvDI/HrU=
Subject key identifier: 6C:AF:26:EC:4A:46:FE:43:81:4C:11:23:2D:76:2C:3A:54:83:CB:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 314EFB765261571C117A7AE9BE69DE4F934FEC64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:4e:fb:76:52:61:57:1c:11:7a:7a:e9:be:69:de:4f:93:4f:ec:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=703d319c8cac7556a69c8635b08bacba4c23e752007768ca0deb8fd540f25552, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5d:3f:d8:7e:24:25:d5:3d:cb:3d:c9:80:d9:
4d:5d:f9:2b:3c:cc:7c:bc:2a:f3:cd:da:4d:35:44:
53:1c:ff:60:2c:38:7c:8d:5c:ec:0a:4c:fb:5b:0d:
19:14:f4:0a:4a:d5:ee:01:d8:cd:d9:fd:b4:98:58:
3f:af:76:af:e5:9a:1c:0e:e7:d2:c7:41:75:0c:8a:
a7:99:8c:76:f0:d6:cd:11:45:06:92:16:b1:8b:0c:
2a:a6:cd:21:aa:ce:17:9b:cb:be:bf:82:95:cd:b5:
b1:36:26:02:6d:49:eb:23:64:28:a9:d1:ec:dd:ed:
ae:e6:a6:67:77:4b:6e:8a:1e:d7:98:da:84:5f:59:
36:ca:db:29:44:ed:d4:b7:65:d5:cc:1e:d7:94:6c:
8b:30:a6:36:2b:38:97:19:f6:51:29:f4:9f:fc:bf:
74:b7:81:2d:96:e6:6b:f7:a6:be:29:3d:75:91:1f:
a0:e0:bf:73:3c:05:f5:3c:27:19:0c:fc:4c:40:a4:
54:d8:9d:92:67:57:23:62:f0:4d:2c:30:c0:95:a1:
ef:13:0f:c7:62:6d:03:e1:a2:6b:35:20:cd:93:ff:
15:bb:f1:e4:e3:75:a9:24:07:1c:4d:9b:5e:b1:fc:
08:47:7f:46:4c:d7:40:ee:63:b6:30:ed:7b:9b:69:
58:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AF:26:EC:4A:46:FE:43:81:4C:11:23:2D:76:2C:3A:54:83:CB:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
39:f6:0b:1b:75:67:52:88:dc:3c:a3:68:80:cd:cb:f6:3a:55:
38:f4:3d:db:e2:e8:24:c8:e3:6e:61:71:4b:ee:9c:5c:be:3d:
bd:99:dc:ad:cf:28:90:6b:ea:04:ec:80:6f:2e:84:a5:93:62:
cc:12:de:69:d8:97:83:f3:1c:e8:fd:e3:05:ad:12:97:01:27:
3a:6e:b2:64:a3:dc:b0:ac:c0:f6:2a:ae:22:23:ff:69:55:8e:
59:62:f5:c7:9a:65:f4:a8:38:f6:01:d3:6e:27:53:5e:cc:e2:
77:3a:7d:d6:1f:ed:f9:e2:e5:d8:ad:eb:7d:5a:03:19:4c:5f:
0b:cf:7c:d6:cf:c5:56:58:c1:6d:58:b3:88:88:f3:49:bc:88:
c3:c5:5c:21:8c:2b:a5:44:41:f2:01:e5:1c:48:21:5d:db:b6:
f3:18:f6:d7:ba:26:47:37:62:93:97:d7:3a:88:32:2e:78:b7:
6c:89:0d:50:7c:57:fc:0d:e7:0b:4d:42:a3:83:9c:22:95:f8:
6a:53:6d:c7:d4:ec:b0:1f:b3:f1:f5:f2:f4:6e:8c:14:65:05:
3e:16:82:2c:6a:32:df:a8:c5:bb:da:73:93:44:80:0b:69:e3:
fc:bb:c3:73:fa:ea:e7:d3:06:0b:2b:6a:6d:74:06:8f:a9:f0:
b9:5c:56:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMU77dlJhVxwRenrpvmneT5NP7GQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwM2QzMTljOGNhYzc1NTZhNjljODYzNWIwOGJhY2JhNGMyM2U3NTIwMDc3
NjhjYTBkZWI4ZmQ1NDBmMjU1NTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtdP9h+JCXVPcs9yYDZTV35KzzMfLwq883aTTVEUxz/YCw4fI1c7ApM+1sN
GRT0CkrV7gHYzdn9tJhYP692r+WaHA7n0sdBdQyKp5mMdvDWzRFFBpIWsYsMKqbN
IarOF5vLvr+Clc21sTYmAm1J6yNkKKnR7N3truamZ3dLbooe15jahF9ZNsrbKUTt
1Ldl1cwe15RsizCmNis4lxn2USn0n/y/dLeBLZbma/emvik9dZEfoOC/czwF9Twn
GQz8TECkVNidkmdXI2LwTSwwwJWh7xMPx2JtA+GiazUgzZP/Fbvx5ON1qSQHHE2b
XrH8CEd/RkzXQO5jtjDte5tpWGUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRsrybs
Skb+Q4FMESMtdiw6VIPL3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVlNmE0M2ItYjRlNC00ODlhLTljZDItMjFhNzJmMWNmNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAOfYLG3VnUojcPKNogM3L9jpVOPQ92+LoJMjjbmFx
S+6cXL49vZncrc8okGvqBOyAby6EpZNizBLeadiXg/Mc6P3jBa0SlwEnOm6yZKPc
sKzA9iquIiP/aVWOWWL1x5pl9Kg49gHTbidTXszidzp91h/t+eLl2K3rfVoDGUxf
C8981s/FVljBbViziIjzSbyIw8VcIYwrpURB8gHlHEghXdu28xj217omRzdik5fX
OogyLni3bIkNUHxX/A3nC01Co4OcIpX4alNtx9TssB+z8fXy9G6MFGUFPhaCLGoy
36jFu9pzk0SAC2nj/LvDc/rq59MGCytqbXQGj6nwuVxWVQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:49 2025 by rpki-client