Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: UbA29v/RAlBB87RmKQHc4y8E0JvQAgJX7iVy3Q5XzmU=
Subject key identifier: 4C:16:B1:66:A3:3D:04:08:AD:AA:FF:FE:2B:5A:B6:F8:AB:16:58:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2ED5503E10D540ADCFA21DF6F804ACFE3D769545
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:d5:50:3e:10:d5:40:ad:cf:a2:1d:f6:f8:04:ac:fe:3d:76:95:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=c7b05f289093bc8d2831b05a7517edf19fa20c13527f7175a8c4ff76d2cf4f3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:76:dd:f4:8c:d9:83:10:32:66:51:dd:43:
ec:c0:d2:a6:bb:33:22:db:d0:07:93:e8:59:10:b2:
5a:20:12:28:2a:95:86:7b:03:d0:0f:6a:8e:11:f3:
07:e5:11:25:73:cb:a3:d4:89:74:2c:dc:bb:32:e8:
c5:7c:37:50:29:c0:ab:9a:8f:76:9b:7c:15:dc:85:
20:91:17:06:e2:d1:16:c1:d1:02:43:65:40:31:77:
9c:9c:8d:1c:34:1a:1d:cd:1e:20:d2:89:11:46:06:
56:86:3b:53:9f:94:61:cb:2b:2b:88:4b:6c:97:e3:
fe:72:23:ec:5f:dc:57:f0:8e:11:d7:b1:3f:74:3b:
f6:79:45:38:4d:0b:99:be:05:0b:51:f4:4b:91:75:
e9:3f:1b:9e:d5:00:5d:cb:bf:55:4a:1f:08:ca:22:
f4:77:dc:e2:cb:79:ca:c7:9c:6e:e0:2f:c8:e5:4e:
94:44:10:94:28:7c:06:83:ac:2b:87:a3:56:ab:b7:
af:db:f2:cf:db:5a:f9:a0:a8:79:7e:0f:4d:c9:da:
82:33:9e:61:34:c2:cb:42:c8:2d:f7:9c:64:29:31:
64:a1:fa:12:56:9a:97:3f:b3:45:f2:c4:8b:2d:2f:
64:80:4b:dd:f9:6b:ff:c7:c9:aa:a8:9a:f0:4f:b6:
9f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:16:B1:66:A3:3D:04:08:AD:AA:FF:FE:2B:5A:B6:F8:AB:16:58:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:9c:23:91:71:3c:36:43:c3:67:df:5e:25:2d:64:32:8e:bb:
f8:47:fd:5d:a0:75:3b:62:9e:0e:b5:15:85:ba:fb:53:b8:11:
46:8a:1e:a8:fc:94:03:49:d2:1b:8e:64:45:d2:3b:97:be:39:
9b:3e:60:8d:ea:a0:41:2b:b2:30:3d:f6:d6:38:0c:07:f4:43:
11:7e:7f:e9:a7:07:95:fb:8b:ac:55:68:47:df:7d:91:b0:25:
68:1e:8e:26:e1:09:8a:29:3f:c9:ca:90:5b:b4:2d:f8:e6:85:
88:ce:50:88:c0:a6:64:a9:f5:84:04:7b:89:94:82:31:3e:ee:
d5:4e:8a:c0:42:03:f4:1c:5a:86:64:c8:f1:28:c5:2e:52:e8:
3f:1b:e4:a1:bb:54:ae:f5:c3:26:7b:29:08:d9:06:e9:a1:01:
86:84:73:ac:9a:59:59:30:87:9b:0e:9d:73:e0:e8:df:6b:dd:
78:0a:65:08:b3:2a:02:37:21:b7:2e:52:2e:b9:1f:29:00:d6:
55:91:65:47:cb:ab:ce:96:c1:fa:f7:f2:ff:f4:dd:3d:db:5c:
07:f4:5c:e8:ef:48:ea:bd:93:88:a2:20:96:4f:a5:2b:16:d0:
86:9d:24:fa:b6:b0:e1:35:21:36:2e:6d:2e:61:5e:9d:ff:62:
88:76:47:97
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULtVQPhDVQK3Poh32+ASs/j12lUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3YjA1ZjI4OTA5M2JjOGQyODMxYjA1YTc1MTdlZGYxOWZhMjBjMTM1Mjdm
NzE3NWE4YzRmZjc2ZDJjZjRmM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWKdt30jNmDEDJmUd1D7MDSprszItvQB5PoWRCyWiASKCqVhnsD0A9qjhHz
B+URJXPLo9SJdCzcuzLoxXw3UCnAq5qPdpt8FdyFIJEXBuLRFsHRAkNlQDF3nJyN
HDQaHc0eINKJEUYGVoY7U5+UYcsrK4hLbJfj/nIj7F/cV/COEdexP3Q79nlFOE0L
mb4FC1H0S5F16T8bntUAXcu/VUofCMoi9Hfc4st5ysecbuAvyOVOlEQQlCh8BoOs
K4ejVqu3r9vyz9ta+aCoeX4PTcnagjOeYTTCy0LILfecZCkxZKH6Elaalz+zRfLE
iy0vZIBL3flr/8fJqqia8E+2n9MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRMFrFm
oz0ECK2q//4rWrb4qxZYBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAppwjkXE8NkPDZ99eJS1kMo67+Ef9XaB1O2KeDrUV
hbr7U7gRRooeqPyUA0nSG45kRdI7l745mz5gjeqgQSuyMD321jgMB/RDEX5/6acH
lfuLrFVoR999kbAlaB6OJuEJiik/ycqQW7Qt+OaFiM5QiMCmZKn1hAR7iZSCMT7u
1U6KwEID9BxahmTI8SjFLlLoPxvkobtUrvXDJnspCNkG6aEBhoRzrJpZWTCHmw6d
c+Do32vdeAplCLMqAjchty5SLrkfKQDWVZFlR8urzpbB+vfy//TdPdtcB/Rc6O9I
6r2TiKIglk+lKxbQhp0k+raw4TUhNi5tLmFenf9iiHZHlw==
-----END CERTIFICATE-----
Generated at Fri May 2 16:49:59 2025 by rpki-client