Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: nicLW822qA2dIHXsUmsk1MFDiVGmKG/C5PGakVnskTA=
Subject key identifier: 4C:F5:C0:D6:D2:4F:E4:4B:EE:F4:DA:95:C9:A8:3E:9D:33:27:63:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48B6CD96853657DFCD52870F9978A17C905B3967
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:b6:cd:96:85:36:57:df:cd:52:87:0f:99:78:a1:7c:90:5b:39:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=0b7c8675b45a156babde805bec3be28faad47e86dd4d63d769e53106c919a1d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:83:e0:9c:74:e4:b1:02:10:27:ea:3e:1c:07:
12:73:86:be:fe:fd:b8:75:b4:cd:4d:ab:68:8b:a4:
9b:98:3c:a4:52:f5:75:a8:e1:ae:06:6f:ba:2e:fb:
2b:c8:2f:bb:78:09:dc:3c:1f:a7:64:b8:50:36:8a:
f9:79:85:b3:70:30:bd:bc:fd:df:7f:d3:7b:47:54:
32:a5:67:73:77:60:54:4f:8d:2d:3b:e9:e0:4a:14:
68:8b:b8:d1:00:f2:bb:cc:0b:db:07:9e:5c:ea:97:
b0:ac:4c:3e:5f:88:93:fc:07:0e:db:0d:75:44:20:
64:69:71:20:b5:a4:b9:3d:68:8b:d4:7c:d3:57:28:
46:7f:dc:a9:d4:f3:ba:42:64:8c:ea:30:62:16:6f:
f0:19:f7:3f:35:10:97:5a:78:db:ce:0f:ef:0b:f0:
7a:30:80:c8:8f:6c:ce:a6:42:37:dc:db:c2:03:14:
8f:09:3e:13:bb:c9:e5:f5:1c:ec:0f:ed:c7:1f:1d:
7d:90:97:5a:b1:48:71:b6:2e:80:3e:bf:80:20:53:
9c:2a:24:8b:8f:40:10:a9:e0:5c:70:4a:b3:ae:21:
37:d3:a3:f8:cd:dd:1e:90:64:95:72:1a:90:03:53:
44:61:2c:f3:a8:a8:8f:42:0f:de:27:b3:42:76:9f:
29:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F5:C0:D6:D2:4F:E4:4B:EE:F4:DA:95:C9:A8:3E:9D:33:27:63:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:f4:35:a6:9f:bf:42:6b:67:c0:27:2a:1c:07:09:4e:d6:0f:
5c:c2:7e:77:61:e8:5a:2d:11:ad:5e:ad:6f:fd:80:49:19:6a:
80:06:79:18:30:19:f5:00:fd:ae:0f:ec:bb:ff:a4:a4:41:6e:
34:2d:b6:8e:8f:38:9c:a3:0e:c1:00:13:86:b3:63:8f:e6:4e:
f8:29:b9:62:fb:05:15:ab:87:05:52:19:7b:b2:d2:e3:6d:7b:
d0:d5:8f:f5:30:42:f1:10:e6:04:35:b8:94:41:aa:30:6d:c7:
01:06:0a:12:1d:84:7e:f9:c6:ac:1f:6f:42:e0:65:9a:3f:8d:
bd:d4:66:05:2a:a9:f7:3e:ad:4e:6a:ee:c6:83:2e:2c:d0:ac:
91:a0:73:ae:d5:7d:44:42:53:3c:59:0b:b2:79:13:0d:1c:78:
b2:7e:06:fb:6e:80:e4:45:21:d7:51:c4:cc:98:7e:ee:a8:5b:
b2:28:64:08:0d:b0:72:5f:f5:96:bf:1f:6a:a7:3d:bd:93:00:
be:07:9f:78:ad:e5:47:bb:a1:2f:84:c9:da:59:65:c8:22:ea:
70:98:04:6d:2f:c7:d9:25:cc:53:4f:9e:64:2d:f4:ee:a4:e8:
88:8c:b2:27:61:59:9e:49:11:e1:91:d4:2a:ed:e8:9c:15:19:
4f:c2:c6:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSLbNloU2V9/NUocPmXihfJBbOWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiN2M4Njc1YjQ1YTE1NmJhYmRlODA1YmVjM2JlMjhmYWFkNDdlODZkZDRk
NjNkNzY5ZTUzMTA2YzkxOWExZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeD4Jx05LECECfqPhwHEnOGvv79uHW0zU2raIukm5g8pFL1dajhrgZvui77
K8gvu3gJ3Dwfp2S4UDaK+XmFs3Awvbz933/Te0dUMqVnc3dgVE+NLTvp4EoUaIu4
0QDyu8wL2weeXOqXsKxMPl+Ik/wHDtsNdUQgZGlxILWkuT1oi9R801coRn/cqdTz
ukJkjOowYhZv8Bn3PzUQl1p4284P7wvwejCAyI9szqZCN9zbwgMUjwk+E7vJ5fUc
7A/txx8dfZCXWrFIcbYugD6/gCBTnCoki49AEKngXHBKs64hN9Oj+M3dHpBklXIa
kANTRGEs86ioj0IP3iezQnafKY8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRM9cDW
0k/kS+702pXJqD6dMydj9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAT/Q1pp+/QmtnwCcqHAcJTtYPXMJ+d2HoWi0RrV6t
b/2ASRlqgAZ5GDAZ9QD9rg/su/+kpEFuNC22jo84nKMOwQAThrNjj+ZO+Cm5YvsF
FauHBVIZe7LS42170NWP9TBC8RDmBDW4lEGqMG3HAQYKEh2EfvnGrB9vQuBlmj+N
vdRmBSqp9z6tTmruxoMuLNCskaBzrtV9REJTPFkLsnkTDRx4sn4G+26A5EUh11HE
zJh+7qhbsihkCA2wcl/1lr8faqc9vZMAvgefeK3lR7uhL4TJ2lllyCLqcJgEbS/H
2SXMU0+eZC307qToiIyyJ2FZnkkR4ZHUKu3onBUZT8LGkA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:58 2025 by rpki-client