Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: CDyteszdh+To58PMU3W3CpU3kIhKTbSWSHJDCOzuXOs=
Subject key identifier: 1A:DB:9B:B7:6F:8C:A1:B9:27:4C:97:3F:81:A3:00:FA:FA:E6:64:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 123DE22B7D7F4CA47AEF5052215D65E49545FE74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:3d:e2:2b:7d:7f:4c:a4:7a:ef:50:52:21:5d:65:e4:95:45:fe:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=64bcca0325179fb58ad17dd1df593bcaccd802ee7cb5a651d838246ee3496b6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a9:58:f0:f2:8b:12:ce:5f:f4:1a:62:63:63:
ee:30:96:4e:43:a4:fa:92:ed:ee:82:5b:ed:ce:ef:
f5:8e:f7:5a:ef:ce:b5:db:a8:96:3a:73:9b:4d:10:
e5:a7:2c:13:92:48:c2:68:6d:11:75:68:0e:1b:e1:
cd:4c:a2:b5:43:e6:cc:25:99:39:11:9c:58:39:38:
b4:1b:3e:9f:7c:d1:c4:88:d8:73:65:95:27:4f:14:
98:5e:b9:28:cc:46:1b:d0:2a:33:4a:70:ae:fb:48:
7e:e1:06:b4:57:90:8c:1a:28:fc:ce:00:0b:f0:bc:
17:3b:20:87:16:d0:1d:76:5e:d1:a5:3a:02:75:d0:
f0:ed:d5:af:0b:33:38:2d:f9:d3:08:bc:4d:1d:4c:
b1:c5:f0:4b:5c:f4:c6:82:b8:3d:5b:a2:0f:ad:3a:
c6:01:15:46:a6:66:15:3e:89:de:08:5c:7b:79:88:
a5:91:a6:d9:0f:4d:6c:43:98:b8:2b:42:89:51:7d:
b1:6a:23:15:9b:29:a3:1b:c5:cd:99:fa:1a:28:47:
93:65:f6:a9:68:e0:7e:87:26:0c:0e:cd:62:c9:fb:
be:3a:20:03:28:fd:3a:26:f2:c1:91:32:83:08:5a:
42:d1:0d:e0:69:71:bd:c6:3b:b3:d6:a9:45:58:78:
b7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DB:9B:B7:6F:8C:A1:B9:27:4C:97:3F:81:A3:00:FA:FA:E6:64:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
76:40:a5:e5:68:6f:c4:ea:7d:9a:c3:b6:78:72:21:95:bd:a9:
9b:55:db:43:66:b1:a0:0a:4e:e3:8f:ce:7b:af:41:ff:8d:89:
b1:65:80:22:37:4e:9f:ae:a4:a9:81:d2:2d:1b:a0:0b:73:08:
13:e2:14:e0:b7:87:75:c3:8e:71:85:88:6f:24:39:85:35:7e:
d5:a0:8b:aa:ce:05:fc:28:cf:31:8a:0b:07:aa:90:50:ba:0e:
23:ac:0f:04:23:4d:5d:46:b5:87:e8:67:58:50:02:ae:13:8b:
04:fe:fb:37:88:a0:ed:e2:43:0e:a1:d1:e0:7d:5a:0e:c7:69:
d7:73:82:55:45:10:ac:4d:ef:b3:dc:72:a6:48:4b:55:69:06:
76:53:4c:7a:21:b0:89:c3:a0:37:19:b9:1e:a8:b5:16:1b:1f:
64:52:fc:50:b2:16:d2:90:ea:99:de:11:20:22:2c:f8:d5:72:
6f:8f:ee:4a:87:35:13:c4:81:09:e3:f7:e8:f1:32:b5:ab:aa:
a3:37:1f:2a:c8:ec:ba:9f:e6:91:74:1e:3a:74:9c:6a:76:1d:
82:0f:1a:93:1b:9d:07:ef:7a:20:e9:5a:e0:20:fd:a4:c8:e5:
36:50:be:af:48:a8:1a:f6:bf:30:8f:54:89:e4:0f:ce:24:7f:
9b:a4:f4:78
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEj3iK31/TKR671BSIV1l5JVF/nQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTAwMDAwMDBaFw0yNTAyMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0YmNjYTAzMjUxNzlmYjU4YWQxN2RkMWRmNTkzYmNhY2NkODAyZWU3Y2I1
YTY1MWQ4MzgyNDZlZTM0OTZiNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmpWPDyixLOX/QaYmNj7jCWTkOk+pLt7oJb7c7v9Y73Wu/Otduoljpzm00Q
5acsE5JIwmhtEXVoDhvhzUyitUPmzCWZORGcWDk4tBs+n3zRxIjYc2WVJ08UmF65
KMxGG9AqM0pwrvtIfuEGtFeQjBoo/M4AC/C8FzsghxbQHXZe0aU6AnXQ8O3Vrwsz
OC350wi8TR1MscXwS1z0xoK4PVuiD606xgEVRqZmFT6J3ghce3mIpZGm2Q9NbEOY
uCtCiVF9sWojFZspoxvFzZn6GihHk2X2qWjgfocmDA7NYsn7vjogAyj9OibywZEy
gwhaQtEN4GlxvcY7s9apRVh4t0UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQa25u3
b4yhuSdMlz+BowD6+uZkrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAdkCl5WhvxOp9msO2eHIhlb2pm1XbQ2axoApO44/O
e69B/42JsWWAIjdOn66kqYHSLRugC3MIE+IU4LeHdcOOcYWIbyQ5hTV+1aCLqs4F
/CjPMYoLB6qQULoOI6wPBCNNXUa1h+hnWFACrhOLBP77N4ig7eJDDqHR4H1aDsdp
13OCVUUQrE3vs9xypkhLVWkGdlNMeiGwicOgNxm5Hqi1FhsfZFL8ULIW0pDqmd4R
ICIs+NVyb4/uSoc1E8SBCeP36PEytauqozcfKsjsup/mkXQeOnScanYdgg8akxud
B+96IOla4CD9pMjlNlC+r0ioGva/MI9UieQPziR/m6T0eA==
-----END CERTIFICATE-----
Generated at Fri May 2 15:43:21 2025 by rpki-client