Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: oyJfOgIQsghCf9vWXB+CgfIy8gMMkoFos0xjoTQkCh4=
Subject key identifier: A5:B8:7D:80:0E:09:FF:0A:93:44:FA:6D:E8:4B:81:EB:1B:ED:0F:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BD43842C10B90D958492823C09E7ACC2DEFBF32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d4:38:42:c1:0b:90:d9:58:49:28:23:c0:9e:7a:cc:2d:ef:bf:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=48874bc4527f455e889549738a8b30689bdf0184878775ff09fbf3249277b3f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f0:75:54:9b:c8:bd:28:9c:af:37:4b:56:ff:
ca:11:b6:b1:56:0f:76:d8:41:75:be:27:b5:80:95:
c8:5f:16:b7:f7:82:5e:1c:35:7f:60:b4:ae:e5:e8:
62:4f:cb:71:c2:9d:1a:80:ab:ba:8b:33:83:cc:cc:
cc:74:7f:6d:67:8c:96:f3:c9:e8:18:de:fc:b3:ed:
d5:bc:36:f5:c5:37:fd:8a:39:29:37:47:bc:87:f9:
8e:ae:80:fb:77:8c:ba:7d:1c:c1:19:b2:8a:f2:b3:
47:a5:a0:3e:2a:4a:71:34:a1:60:6b:74:6a:8d:ea:
63:50:56:98:ad:17:45:42:44:62:b2:ec:2f:3b:16:
47:75:85:b1:2a:49:42:82:d3:17:47:78:6e:8d:24:
52:3e:eb:98:4d:06:c2:15:5c:23:f7:36:ed:01:2e:
72:d3:59:b0:4b:ed:df:47:14:61:ef:88:e2:c7:d8:
9f:fb:26:90:16:f7:06:87:be:1c:73:1d:7c:be:2e:
e4:0b:d8:05:a8:01:17:6d:54:6e:89:c8:c0:36:41:
32:8f:0c:6d:f8:91:f8:71:19:e4:22:73:92:eb:24:
a4:f5:69:64:6a:1e:61:db:41:84:0f:22:fb:f6:a4:
86:62:b4:8e:e3:69:aa:be:45:1c:d4:9c:af:1b:33:
dc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B8:7D:80:0E:09:FF:0A:93:44:FA:6D:E8:4B:81:EB:1B:ED:0F:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
61:82:01:14:89:10:2e:61:ec:e4:dd:ba:10:b0:b8:54:ba:38:
a9:c3:eb:d3:cd:8a:86:7c:4b:37:8c:8d:5c:7b:02:d3:1f:a8:
ba:00:b3:dc:82:e2:9f:e4:71:ed:b2:7f:8a:9e:4e:ed:25:8b:
7a:98:93:31:02:d9:14:e0:d3:6b:cb:4f:4a:33:16:b0:e3:8a:
0a:4d:57:4e:57:82:e2:e0:1b:77:78:f3:2a:69:12:d8:64:99:
e0:cc:74:b6:50:d1:55:0a:99:79:c1:55:a6:f4:fc:a9:c7:c2:
00:bd:fd:dd:f4:8d:61:9e:3c:a9:12:d0:37:cf:33:15:1e:4b:
2d:bb:bf:f8:3c:6f:49:18:1d:d1:f1:1d:84:22:4c:57:b6:8a:
80:17:cb:cb:a6:e1:a8:19:06:74:70:4a:84:76:d8:ee:9b:e2:
13:d0:1f:c8:38:cd:8a:1a:70:0c:b1:0a:4e:3c:32:a7:a8:b2:
56:3d:25:8c:f9:fd:15:93:5f:ce:23:bc:0b:4f:2f:5b:e1:4b:
3b:d3:11:01:1a:ee:49:c3:f7:69:5b:49:d3:76:a5:fd:be:57:
54:dd:27:f4:1d:14:62:6f:75:3f:15:ac:3d:c8:0b:3e:ca:3c:
d6:da:46:69:dc:7b:34:e7:23:d8:25:7d:78:e6:c0:fd:39:4c:
38:34:28:56
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUS9Q4QsELkNlYSSgjwJ56zC3vvzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4ODc0YmM0NTI3ZjQ1NWU4ODk1NDk3MzhhOGIzMDY4OWJkZjAxODQ4Nzg3
NzVmZjA5ZmJmMzI0OTI3N2IzZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjwdVSbyL0onK83S1b/yhG2sVYPdthBdb4ntYCVyF8Wt/eCXhw1f2C0ruXo
Yk/LccKdGoCruoszg8zMzHR/bWeMlvPJ6Bje/LPt1bw29cU3/Yo5KTdHvIf5jq6A
+3eMun0cwRmyivKzR6WgPipKcTShYGt0ao3qY1BWmK0XRUJEYrLsLzsWR3WFsSpJ
QoLTF0d4bo0kUj7rmE0GwhVcI/c27QEuctNZsEvt30cUYe+I4sfYn/smkBb3Boe+
HHMdfL4u5AvYBagBF21UbonIwDZBMo8MbfiR+HEZ5CJzkuskpPVpZGoeYdtBhA8i
+/akhmK0juNpqr5FHNScrxsz3N8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSluH2A
Dgn/CpNE+m3oS4HrG+0P1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEAYYIBFIkQLmHs5N26ELC4VLo4qcPr082KhnxLN4yN
XHsC0x+ougCz3ILin+Rx7bJ/ip5O7SWLepiTMQLZFODTa8tPSjMWsOOKCk1XTleC
4uAbd3jzKmkS2GSZ4Mx0tlDRVQqZecFVpvT8qcfCAL393fSNYZ48qRLQN88zFR5L
Lbu/+DxvSRgd0fEdhCJMV7aKgBfLy6bhqBkGdHBKhHbY7pviE9AfyDjNihpwDLEK
Tjwyp6iyVj0ljPn9FZNfziO8C08vW+FLO9MRARruScP3aVtJ03al/b5XVN0n9B0U
Ym91PxWsPcgLPso81tpGadx7NOcj2CV9eObA/TlMODQoVg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:07 2025 by rpki-client