Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
File: 92f142f2-bd1c-4295-a008-efcde04ceb18.roa (raw, json)
Hash identifier: D2yZhVNABhOcWyOaiwzGXkyHGhBEIjnH/Wx2SiSJtCQ=
Subject key identifier: DD:51:DA:FB:F9:20:A9:86:DD:56:D9:2D:55:85:34:AC:6A:64:01:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 595EB69744A0686BF54EFBB202733146F9690BA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.16.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:5e:b6:97:44:a0:68:6b:f5:4e:fb:b2:02:73:31:46:f9:69:0b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=7f11d569a27b13d0e4ac67ce3df0d6006dca178bb8c47d8810f44bc621d5f885, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:8c:c2:88:bb:5f:0c:93:0a:57:93:22:e8:
8d:57:88:74:b1:a0:bb:b6:bb:09:9f:f1:fd:5f:6e:
4b:92:0c:42:53:34:51:44:29:b9:e2:1c:2d:fe:21:
8f:b4:d8:58:8a:37:be:3f:d3:e8:3c:ab:29:0b:f4:
bb:e4:2b:91:3d:6b:f6:c7:76:89:ab:50:86:dd:9a:
23:51:7b:9e:e2:60:bd:cc:cb:61:8e:d2:2c:ce:47:
34:90:12:a1:da:5b:33:2b:84:bf:85:23:ea:9e:0c:
55:63:02:82:90:88:1b:48:92:8c:6d:e9:c0:40:ac:
cc:c8:5e:64:c7:71:ba:a2:ef:99:73:1b:da:0c:bc:
67:cf:7c:19:f7:0b:af:ef:3d:3d:1b:6b:0e:59:87:
18:63:2d:79:db:ee:67:33:bd:66:8e:a5:d2:ce:53:
48:6f:da:03:fe:8a:bb:ea:3d:7c:4d:e0:82:10:1f:
0b:75:81:82:82:9f:3f:ec:cd:f2:38:4a:ff:5a:c7:
75:1a:37:31:4b:3e:ba:7c:e3:b4:c9:de:13:88:7b:
46:e3:19:7e:00:be:5b:a0:56:20:8e:11:96:07:9d:
3c:76:94:f4:84:a5:93:84:67:8e:9c:30:29:a6:4e:
75:de:41:6a:62:dd:cf:e1:36:8d:72:0a:b7:a2:48:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:51:DA:FB:F9:20:A9:86:DD:56:D9:2D:55:85:34:AC:6A:64:01:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.16.0/21
Signature Algorithm: sha256WithRSAEncryption
be:40:bc:05:3f:97:bb:72:3c:1c:90:0f:9c:36:6d:f2:06:80:
a6:94:6d:95:f9:12:e0:b0:a8:b8:c0:c2:ea:dc:d8:0e:8b:22:
0e:c7:2e:0f:6c:8d:b5:db:54:55:01:25:65:0e:5e:76:91:48:
b2:68:3e:91:8c:02:5d:82:86:56:d7:a2:7d:f4:5e:b6:ca:66:
65:39:cb:f0:71:8d:c4:e5:4f:10:0f:c2:86:4a:20:13:3e:f9:
8d:1e:99:fc:96:4a:ab:f2:3d:fc:99:0a:39:70:db:18:24:b7:
4b:fd:69:d6:7a:ba:78:22:3e:2a:f5:f1:ab:a7:f7:0a:b5:3c:
51:70:39:3e:77:75:ae:94:be:9a:8f:7e:35:67:7b:c5:51:ac:
e7:6f:37:65:38:a9:93:06:90:65:db:a7:5d:7b:66:7a:c6:3d:
19:61:45:b3:22:59:77:f9:7e:9f:6f:ff:ad:cb:cf:59:47:62:
1c:c5:2c:28:60:fb:55:b8:1d:9b:7c:71:94:91:06:bd:a3:a2:
a2:63:e7:b7:81:a1:43:bb:bd:a1:be:8c:1f:83:3e:57:5b:22:
dc:70:dd:34:3b:45:1c:a0:0b:1b:e6:c5:0d:94:9b:65:91:ab:
20:0e:f3:e6:da:70:0f:5f:1c:03:de:d3:74:bc:7d:26:15:8c:
dc:25:d2:38
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWV62l0SgaGv1TvuyAnMxRvlpC6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMTFkNTY5YTI3YjEzZDBlNGFjNjdjZTNkZjBkNjAwNmRjYTE3OGJiOGM0
N2Q4ODEwZjQ0YmM2MjFkNWY4ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKs9jMKIu18MkwpXkyLojVeIdLGgu7a7CZ/x/V9uS5IMQlM0UUQpueIcLf4h
j7TYWIo3vj/T6DyrKQv0u+QrkT1r9sd2iatQht2aI1F7nuJgvczLYY7SLM5HNJAS
odpbMyuEv4Uj6p4MVWMCgpCIG0iSjG3pwECszMheZMdxuqLvmXMb2gy8Z898GfcL
r+89PRtrDlmHGGMtedvuZzO9Zo6l0s5TSG/aA/6Ku+o9fE3gghAfC3WBgoKfP+zN
8jhK/1rHdRo3MUs+unzjtMneE4h7RuMZfgC+W6BWII4RlgedPHaU9ISlk4Rnjpww
KaZOdd5BamLdz+E2jXIKt6JId5ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTdUdr7
+SCpht1W2S1VhTSsamQBwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJmMTQyZjItYmQxYy00Mjk1LWEwMDgtZWZjZGUwNGNlYjE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099EDAN
BgkqhkiG9w0BAQsFAAOCAQEAvkC8BT+Xu3I8HJAPnDZt8gaAppRtlfkS4LCouMDC
6tzYDosiDscuD2yNtdtUVQElZQ5edpFIsmg+kYwCXYKGVteiffRetspmZTnL8HGN
xOVPEA/ChkogEz75jR6Z/JZKq/I9/JkKOXDbGCS3S/1p1nq6eCI+KvXxq6f3CrU8
UXA5Pnd1rpS+mo9+NWd7xVGs5283ZTipkwaQZdunXXtmesY9GWFFsyJZd/l+n2//
rcvPWUdiHMUsKGD7Vbgdm3xxlJEGvaOiomPnt4GhQ7u9ob6MH4M+V1si3HDdNDtF
HKALG+bFDZSbZZGrIA7z5tpwD18cA97TdLx9JhWM3CXSOA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:25 2025 by rpki-client