Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: qH6pszQn9AN4hgcg1tBQ+0S5UCSlj75aDoZL57xms+I=
Subject key identifier: B3:04:75:63:60:11:6B:90:59:CB:C5:76:71:11:60:85:9A:2A:D6:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 391254B77C52258D6F3C381F32B891BA403EDA73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:12:54:b7:7c:52:25:8d:6f:3c:38:1f:32:b8:91:ba:40:3e:da:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=462358dbef301da9a1e5ef0a120f8f912cc235689c1d2de0fb7bc6bcaa7f8b06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:be:93:3f:5a:9b:fd:57:c6:c4:9c:fe:15:9c:
54:80:64:c2:e8:8c:75:01:6d:63:cb:bf:8e:20:35:
e3:bc:88:be:cc:e3:17:75:cd:d1:dc:02:24:e1:f8:
16:8b:1b:ba:75:55:88:fb:6a:48:0a:f6:38:73:5c:
9a:d2:e0:e6:f7:e1:6f:27:e8:08:fa:52:00:a2:c1:
61:81:7c:fe:e9:bb:23:eb:bd:29:67:03:01:6d:29:
54:9f:d2:7b:c0:f8:b9:c2:17:96:30:4f:79:cc:7b:
f4:89:37:dc:07:46:9b:4b:39:d2:00:50:d7:d3:bf:
10:dd:4d:a3:e0:d7:04:8c:ee:dd:5b:68:9f:50:a0:
36:03:19:94:10:3d:f5:d3:3c:5e:04:13:5d:b7:e4:
70:63:48:3f:b5:b5:97:42:76:a7:7f:b8:ad:8f:29:
16:c5:fb:9b:04:f2:08:b7:63:09:84:12:4e:6d:25:
85:71:31:74:ca:c9:c0:6d:4e:74:82:95:c2:f2:eb:
b5:3f:33:0f:28:8e:4f:34:1e:e8:2c:a3:17:89:dd:
d2:92:ee:ab:60:ce:8c:3a:5b:a3:26:54:4c:d2:5d:
63:77:a6:0d:31:c7:60:0c:23:97:e7:8f:76:54:c9:
97:e8:2f:50:16:5e:72:7d:48:09:7e:38:7f:dd:d5:
66:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:04:75:63:60:11:6B:90:59:CB:C5:76:71:11:60:85:9A:2A:D6:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
27:26:37:bc:48:8a:01:c4:ee:fd:f4:c5:3c:bc:7b:44:10:4e:
85:69:5b:84:4c:7e:e5:7b:eb:b3:45:c1:50:ed:67:0d:1d:2e:
d4:93:7d:23:ee:02:ea:65:9d:37:fb:f0:64:ac:bf:ff:fc:b5:
af:91:9c:86:a2:62:fb:2e:86:d0:19:44:6a:e0:ae:b6:16:d7:
c5:c4:84:70:20:a9:2d:07:8d:0e:c1:77:ef:cf:2f:73:75:9d:
30:21:b0:f2:6e:37:9f:eb:03:d0:06:e4:5b:89:ef:25:fc:0c:
3f:8b:b8:07:3e:33:81:34:b9:78:16:15:bc:4c:c7:9f:97:40:
bf:1b:18:f9:50:49:26:7d:bc:7c:76:9e:f9:45:26:8c:a8:b8:
ea:01:b2:e4:df:91:ad:cc:a6:be:37:77:16:a7:24:88:c5:a3:
ac:ec:1c:72:b7:9f:13:5c:e8:5f:f1:9a:70:d5:80:87:c7:5a:
36:e1:7d:f1:11:63:30:35:b2:a7:44:b4:53:39:85:9f:22:98:
28:c4:1a:4f:a5:e8:55:8f:48:d5:1d:63:6c:8f:d5:77:84:23:
45:e4:87:73:6a:fb:e4:43:45:f7:09:72:16:58:2d:81:14:8b:
71:cc:8f:bc:7b:5f:67:bc:e5:f2:93:39:5e:22:a3:cc:8e:1e:
0a:3b:e8:28
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUORJUt3xSJY1vPDgfMriRukA+2nMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MjM1OGRiZWYzMDFkYTlhMWU1ZWYwYTEyMGY4ZjkxMmNjMjM1Njg5YzFk
MmRlMGZiN2JjNmJjYWE3ZjhiMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK++kz9am/1XxsSc/hWcVIBkwuiMdQFtY8u/jiA147yIvszjF3XN0dwCJOH4
FosbunVViPtqSAr2OHNcmtLg5vfhbyfoCPpSAKLBYYF8/um7I+u9KWcDAW0pVJ/S
e8D4ucIXljBPecx79Ik33AdGm0s50gBQ19O/EN1No+DXBIzu3Vton1CgNgMZlBA9
9dM8XgQTXbfkcGNIP7W1l0J2p3+4rY8pFsX7mwTyCLdjCYQSTm0lhXExdMrJwG1O
dIKVwvLrtT8zDyiOTzQe6CyjF4nd0pLuq2DOjDpboyZUTNJdY3emDTHHYAwjl+eP
dlTJl+gvUBZecn1ICX44f93VZk8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSzBHVj
YBFrkFnLxXZxEWCFmirWjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAJyY3vEiKAcTu/fTFPLx7RBBOhWlbhEx+5Xvrs0XB
UO1nDR0u1JN9I+4C6mWdN/vwZKy///y1r5GchqJi+y6G0BlEauCuthbXxcSEcCCp
LQeNDsF3788vc3WdMCGw8m43n+sD0AbkW4nvJfwMP4u4Bz4zgTS5eBYVvEzHn5dA
vxsY+VBJJn28fHae+UUmjKi46gGy5N+Rrcymvjd3FqckiMWjrOwccrefE1zoX/Ga
cNWAh8daNuF98RFjMDWyp0S0UzmFnyKYKMQaT6XoVY9I1R1jbI/Vd4QjReSHc2r7
5ENF9wlyFlgtgRSLccyPvHtfZ7zl8pM5XiKjzI4eCjvoKA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:56 2025 by rpki-client