Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
File: ca3047ed-6074-479d-9d85-26334085e41c.roa (raw, json)
Hash identifier: HxdvQfESV4AD2MwW6WMy0O2EgIMYM3SG4Ji8t63FsNY=
Subject key identifier: DE:88:D9:D3:56:A2:C7:DE:CD:68:E8:9A:B0:24:57:CC:D8:76:C0:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7ECE611D1C27518306DC636390D1207AED1563B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ce:61:1d:1c:27:51:83:06:dc:63:63:90:d1:20:7a:ed:15:63:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=1cb03ebd5592cbbc0ab43ef0f8276575458b01059e344f16390d535a6a3e536e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a6:20:bd:18:60:30:e7:f0:2d:07:54:52:17:
e8:76:47:3a:d9:d1:4d:08:5d:47:05:27:97:c1:ae:
cb:a4:98:b0:4f:86:a3:44:27:6d:be:cf:a4:ba:49:
8d:d3:ab:f5:13:74:ff:f0:2b:d2:92:12:d7:96:2f:
8a:45:18:31:27:e3:a6:ad:d6:0f:47:cb:21:10:b9:
27:aa:1c:41:a5:ef:07:f0:3e:4f:db:86:0a:01:9a:
3f:09:ae:69:26:63:a5:43:77:3e:84:4f:33:04:fb:
7e:96:7a:9b:b8:a1:84:0c:42:01:28:4e:84:10:d4:
f4:bc:18:dc:ed:1d:67:e0:ac:b0:ee:dc:c8:df:92:
24:9b:05:1d:e1:ae:c1:86:5d:cc:83:e6:90:73:d6:
84:10:9c:9c:d7:ef:69:0a:f5:c4:c3:53:66:7f:4b:
ab:f3:79:50:5a:38:25:eb:e6:b0:2f:1a:f3:cb:15:
66:d7:d2:e6:22:f8:62:a8:c3:9b:1c:77:17:c1:4d:
56:e0:fc:aa:87:5c:e7:e7:e7:06:15:51:9b:bf:62:
53:49:31:0c:fe:97:05:3a:e6:4f:8b:e5:39:69:01:
c0:f0:f4:af:d9:82:c7:3b:9f:7d:1a:29:cd:bd:d6:
b9:6e:09:47:ad:10:b1:b3:f9:a6:21:49:83:ce:7e:
36:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:88:D9:D3:56:A2:C7:DE:CD:68:E8:9A:B0:24:57:CC:D8:76:C0:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4b:9a:11:41:06:c7:06:bb:58:6d:9c:dd:36:0e:08:fc:22:55:
df:55:65:64:95:30:0b:80:86:06:19:af:24:8d:eb:a0:74:9c:
77:7e:25:51:15:47:d8:f9:ca:ad:cc:b8:c8:cf:9d:68:59:ff:
28:79:98:88:49:8d:79:90:49:2d:28:af:ab:98:4e:f8:de:68:
e7:9c:9a:3e:1e:a8:8c:ea:69:06:58:43:68:f1:05:16:0f:53:
fb:9c:42:e9:44:a7:37:5a:12:dc:04:7c:be:f0:08:6f:cf:bf:
80:22:cf:c5:1a:32:67:2a:4f:2a:ab:40:80:95:95:65:02:54:
88:e4:83:4e:24:a1:00:3b:aa:1b:17:b9:f5:a4:c4:39:1e:eb:
48:92:35:58:d9:86:88:17:00:d2:0a:11:e5:d4:a5:e9:8a:ca:
c0:b2:b9:dd:f4:da:5e:d5:2b:db:12:48:c3:9a:28:2a:51:c5:
8f:57:64:a5:3f:96:11:c0:45:9e:50:83:c1:5b:47:60:14:57:
ab:c5:a3:32:95:2c:13:b5:d2:e4:77:4f:e3:5d:cb:80:e8:52:
a0:a1:33:3c:63:68:cc:74:f0:a9:02:d4:0c:74:75:20:e6:de:
fc:a9:6f:49:3e:17:7b:cc:75:7f:2d:0a:fd:67:be:e4:70:c2:
2e:72:99:6c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfs5hHRwnUYMG3GNjkNEgeu0VY7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYjAzZWJkNTU5MmNiYmMwYWI0M2VmMGY4Mjc2NTc1NDU4YjAxMDU5ZTM0
NGYxNjM5MGQ1MzVhNmEzZTUzNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+mIL0YYDDn8C0HVFIX6HZHOtnRTQhdRwUnl8Guy6SYsE+Go0Qnbb7PpLpJ
jdOr9RN0//Ar0pIS15YvikUYMSfjpq3WD0fLIRC5J6ocQaXvB/A+T9uGCgGaPwmu
aSZjpUN3PoRPMwT7fpZ6m7ihhAxCAShOhBDU9LwY3O0dZ+CssO7cyN+SJJsFHeGu
wYZdzIPmkHPWhBCcnNfvaQr1xMNTZn9Lq/N5UFo4JevmsC8a88sVZtfS5iL4YqjD
mxx3F8FNVuD8qodc5+fnBhVRm79iU0kxDP6XBTrmT4vlOWkBwPD0r9mCxzuffRop
zb3WuW4JR60QsbP5piFJg85+NuUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTeiNnT
VqLH3s1o6JqwJFfM2HbARDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzMDQ3ZWQtNjA3NC00NzlkLTlkODUtMjYzMzQwODVlNDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAS5oRQQbHBrtYbZzdNg4I/CJV31VlZJUwC4CGBhmv
JI3roHScd34lURVH2PnKrcy4yM+daFn/KHmYiEmNeZBJLSivq5hO+N5o55yaPh6o
jOppBlhDaPEFFg9T+5xC6USnN1oS3AR8vvAIb8+/gCLPxRoyZypPKqtAgJWVZQJU
iOSDTiShADuqGxe59aTEOR7rSJI1WNmGiBcA0goR5dSl6YrKwLK53fTaXtUr2xJI
w5ooKlHFj1dkpT+WEcBFnlCDwVtHYBRXq8WjMpUsE7XS5HdP413LgOhSoKEzPGNo
zHTwqQLUDHR1IObe/KlvST4Xe8x1fy0K/We+5HDCLnKZbA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:01 2025 by rpki-client