Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json)
Hash identifier: Jb5BY53P25VA/bARDRsFnLg/bbLjIFnd50JZRxmyPyA=
Subject key identifier: 13:DE:06:99:EC:73:F6:8D:9D:4F:9B:EA:E8:B1:E1:78:93:69:D5:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E1C4FF36F765825329FC6AF51EFE5CE5C8F79CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:1c:4f:f3:6f:76:58:25:32:9f:c6:af:51:ef:e5:ce:5c:8f:79:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=78c024f0c986baf72987a33c9e5a0cd3a75a80bd0584077656a685f5f31b382f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:74:bb:6e:98:79:78:e4:3c:e1:ec:92:d6:ad:
e4:15:00:13:ea:ed:b9:58:ab:a2:57:ce:b8:1b:b0:
eb:c8:c1:e7:20:7b:45:47:b5:30:be:cf:95:c1:41:
8c:4f:40:99:14:55:5e:f2:d0:7d:68:99:f8:5d:f3:
4a:29:ce:8e:e2:aa:99:c7:2f:b3:92:ef:6a:aa:d4:
63:a4:b1:ea:12:b8:10:6d:2a:98:95:d6:0a:dd:b6:
10:9e:fa:ef:d5:25:87:07:bc:3a:6c:b4:31:48:30:
17:5b:09:e7:e6:e8:e6:29:ba:3f:9b:53:8e:b6:54:
b7:a0:b4:7c:d0:15:2c:27:b8:cf:da:b5:44:f8:6e:
49:43:0d:25:cf:f9:65:ab:44:a0:8a:03:b8:8e:15:
b8:ce:36:71:8f:da:bb:14:d5:52:c8:15:7b:4a:94:
4c:17:28:76:bc:e1:9b:03:c8:c2:70:fc:05:23:2e:
1f:24:e6:7d:e2:dd:24:8e:2e:8f:60:6c:ad:d5:2e:
53:96:ee:b6:ca:35:0d:8f:77:67:d7:e7:1a:09:2f:
12:40:71:23:96:ac:0d:67:75:fb:d2:2e:1e:96:47:
ba:9d:a9:16:a6:3f:ac:1a:9a:dc:b7:c1:b2:45:28:
4a:69:58:60:40:4a:be:8f:2b:32:bb:5e:00:ff:26:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DE:06:99:EC:73:F6:8D:9D:4F:9B:EA:E8:B1:E1:78:93:69:D5:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:73:20:2f:63:d0:72:4f:b4:8b:d2:65:e0:2d:b8:a6:43:06:
36:af:8d:84:bf:8a:2b:c3:50:7f:8f:e9:09:ad:c2:10:2d:b7:
c4:36:c3:ce:bf:71:b3:b6:f8:9c:35:49:70:c3:94:af:17:1e:
49:62:01:2e:63:cd:60:7a:d3:b5:8b:ff:0f:f6:f6:3d:09:70:
f9:09:14:34:65:a4:60:10:9b:e0:c4:81:73:b6:55:2b:18:f5:
87:4a:32:cf:5c:2a:e6:a8:fd:58:d1:1d:db:53:ef:c8:16:f8:
15:61:20:d5:21:72:8e:9e:36:23:25:e7:4f:43:e4:76:e6:12:
09:8e:87:a5:84:7b:80:57:84:a0:b5:64:69:01:99:b7:10:c5:
97:22:5a:c3:9a:a3:03:45:8e:bd:c8:3f:db:81:88:b7:5d:61:
4b:76:c5:db:ad:a2:d8:9a:f4:b5:dd:a0:eb:06:68:75:40:7a:
28:a3:d7:24:4a:cd:47:1b:c0:66:9c:9b:07:26:84:d8:92:f9:
38:0c:43:a7:ad:ad:0f:a2:ad:4a:ad:90:27:f3:16:12:9d:a3:
cd:e2:20:87:6f:ec:ea:9d:0e:cc:04:e8:38:15:81:fd:c5:04:
6c:95:bb:86:1a:b2:dc:05:5e:32:1c:00:d2:19:c9:5e:e4:a4:
0d:bf:04:5a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfhxP8292WCUyn8avUe/lzlyPec4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YzAyNGYwYzk4NmJhZjcyOTg3YTMzYzllNWEwY2QzYTc1YTgwYmQwNTg0
MDc3NjU2YTY4NWY1ZjMxYjM4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK90u26YeXjkPOHsktat5BUAE+rtuVirolfOuBuw68jB5yB7RUe1ML7PlcFB
jE9AmRRVXvLQfWiZ+F3zSinOjuKqmccvs5LvaqrUY6Sx6hK4EG0qmJXWCt22EJ76
79Ulhwe8Omy0MUgwF1sJ5+bo5im6P5tTjrZUt6C0fNAVLCe4z9q1RPhuSUMNJc/5
ZatEoIoDuI4VuM42cY/auxTVUsgVe0qUTBcodrzhmwPIwnD8BSMuHyTmfeLdJI4u
j2BsrdUuU5butso1DY93Z9fnGgkvEkBxI5asDWd1+9IuHpZHup2pFqY/rBqa3LfB
skUoSmlYYEBKvo8rMrteAP8mG2ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQT3gaZ
7HP2jZ1Pm+roseF4k2nVrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkHMgL2PQck+0i9Jl4C24pkMGNq+NhL+KK8NQf4/p
Ca3CEC23xDbDzr9xs7b4nDVJcMOUrxceSWIBLmPNYHrTtYv/D/b2PQlw+QkUNGWk
YBCb4MSBc7ZVKxj1h0oyz1wq5qj9WNEd21PvyBb4FWEg1SFyjp42IyXnT0PkduYS
CY6HpYR7gFeEoLVkaQGZtxDFlyJaw5qjA0WOvcg/24GIt11hS3bF262i2Jr0td2g
6wZodUB6KKPXJErNRxvAZpybByaE2JL5OAxDp62tD6KtSq2QJ/MWEp2jzeIgh2/s
6p0OzAToOBWB/cUEbJW7hhqy3AVeMhwA0hnJXuSkDb8EWg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:33 2025 by rpki-client