Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json)
Hash identifier: Xs3cigRzsj+ahF67xfNyl8lL+fda2ezLnVeVrN/Mq1I=
Subject key identifier: 3E:E5:ED:C0:C9:5F:92:42:7C:35:18:12:F6:3D:ED:DC:AB:8E:DD:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 765217BCA1351A43E7F3EE56B9FACD48BC95AC38
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.16.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:52:17:bc:a1:35:1a:43:e7:f3:ee:56:b9:fa:cd:48:bc:95:ac:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=68e58f381218e703d354279c43f3f2708423f370aefea079d92544d10da597d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:54:bf:f8:a1:d6:5b:3a:97:f0:49:31:e1:
c1:60:9a:57:a0:72:3a:20:c9:96:3b:92:ad:71:cc:
46:10:f7:8e:f9:dc:51:4e:6e:d9:0b:7b:3f:75:c8:
ff:23:61:d2:0e:26:f9:ed:26:fe:aa:b8:ec:4f:95:
07:57:8a:a2:9c:60:f5:5f:62:c8:fb:07:0c:95:3d:
05:90:ed:7b:ee:48:b7:66:bf:a8:72:49:fd:38:b6:
5f:e7:06:68:a5:6b:3f:2d:31:01:ce:88:33:1d:36:
ee:9c:da:fb:87:4a:3d:80:24:26:aa:44:22:52:61:
c7:60:ff:a6:1a:58:de:30:2c:2b:51:e0:f5:11:e3:
cf:ee:81:7e:4f:af:2c:02:bc:c5:19:dd:ca:f3:51:
1b:02:f6:64:95:ea:4d:bc:d5:b3:4f:37:b7:00:d8:
5d:41:2d:e7:5c:c9:c4:99:51:f6:77:12:cb:93:6d:
91:4c:6a:70:8c:17:c5:c6:1a:9e:73:6c:61:22:2c:
56:b3:ee:f9:f9:8a:51:b3:69:61:b2:66:ab:e3:c1:
84:3d:da:52:4b:f3:6d:2c:bd:5f:b5:07:75:97:6c:
97:99:c2:4f:0c:d9:90:cb:8e:2b:0b:ee:4d:97:cb:
12:9d:f7:aa:0a:8c:9b:db:22:79:9d:ba:4c:ed:5b:
ad:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E5:ED:C0:C9:5F:92:42:7C:35:18:12:F6:3D:ED:DC:AB:8E:DD:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.16.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:19:a7:7c:a7:5c:1a:ca:02:03:f4:fe:34:9d:26:37:4d:92:
b9:9f:e2:61:e3:e5:e1:58:75:2f:6c:f8:50:51:86:92:fc:19:
59:17:5d:b7:71:92:ca:d5:db:9b:bb:d0:22:60:5d:f0:46:81:
82:c1:59:89:85:be:91:99:fe:13:30:0e:75:7c:a0:30:b2:8d:
75:27:63:2d:31:e6:1d:26:1b:09:73:39:6e:c2:f7:de:3d:06:
9d:53:04:9a:50:cd:7c:ca:87:fd:aa:c1:9f:1e:dd:17:e1:cb:
82:ce:f5:38:04:05:ed:87:43:1a:61:7f:f6:dc:b6:f8:4f:02:
10:fe:5c:20:2c:ad:5b:82:d7:86:7f:48:6a:41:59:f3:9c:04:
18:6d:4e:a3:5f:0f:9f:9f:f0:ad:ab:a1:ff:db:7a:c5:bb:5f:
12:3e:4d:38:3a:e4:6e:dc:9d:bb:b3:73:7f:38:8d:94:af:34:
9c:6d:ff:ed:3a:6f:41:37:22:91:74:21:65:12:da:bb:69:33:
fd:92:7c:aa:20:15:1f:b6:9d:49:3c:9f:bb:48:2c:68:c5:71:
cf:62:30:0d:2c:c0:e7:c1:17:da:3e:9c:8b:c1:fd:e6:6a:92:
0d:db:9b:ed:29:a5:1a:06:28:8f:c5:d9:ad:dc:42:ec:f1:7b:
7f:3d:29:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdlIXvKE1GkPn8+5WufrNSLyVrDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4ZTU4ZjM4MTIxOGU3MDNkMzU0Mjc5YzQzZjNmMjcwODQyM2YzNzBhZWZl
YTA3OWQ5MjU0NGQxMGRhNTk3ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5FVL/4odZbOpfwSTHhwWCaV6ByOiDJljuSrXHMRhD3jvncUU5u2Qt7P3XI
/yNh0g4m+e0m/qq47E+VB1eKopxg9V9iyPsHDJU9BZDte+5It2a/qHJJ/Ti2X+cG
aKVrPy0xAc6IMx027pza+4dKPYAkJqpEIlJhx2D/phpY3jAsK1Hg9RHjz+6Bfk+v
LAK8xRndyvNRGwL2ZJXqTbzVs083twDYXUEt51zJxJlR9ncSy5NtkUxqcIwXxcYa
nnNsYSIsVrPu+fmKUbNpYbJmq+PBhD3aUkvzbSy9X7UHdZdsl5nCTwzZkMuOKwvu
TZfLEp33qgqMm9sieZ26TO1brcECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ+5e3A
yV+SQnw1GBL2Pe3cq47duTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN
BgkqhkiG9w0BAQsFAAOCAQEAjBmnfKdcGsoCA/T+NJ0mN02SuZ/iYePl4Vh1L2z4
UFGGkvwZWRddt3GSytXbm7vQImBd8EaBgsFZiYW+kZn+EzAOdXygMLKNdSdjLTHm
HSYbCXM5bsL33j0GnVMEmlDNfMqH/arBnx7dF+HLgs71OAQF7YdDGmF/9ty2+E8C
EP5cICytW4LXhn9IakFZ85wEGG1Oo18Pn5/wrauh/9t6xbtfEj5NODrkbtydu7Nz
fziNlK80nG3/7TpvQTcikXQhZRLau2kz/ZJ8qiAVH7adSTyfu0gsaMVxz2IwDSzA
58EX2j6ci8H95mqSDdub7SmlGgYoj8XZrdxC7PF7fz0p5Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:35 2025 by rpki-client