Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: 7UYwgCaSQIvwW7nYL6fOr1r0Um+yz+moN/EpBF6GJuM=
Subject key identifier: B1:9F:79:B6:7A:64:E8:51:58:5A:98:0A:E7:18:9A:6D:29:A9:C9:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CFC406E675E134C08C0FFEA456D69905C7F93C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:fc:40:6e:67:5e:13:4c:08:c0:ff:ea:45:6d:69:90:5c:7f:93:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=aa2ffad413cbc7832182a7e1c3c3558e24e5f356507a4757e9fbfb80c73bb254, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:71:2c:1c:e0:9a:e0:09:e2:5b:f5:64:c8:b6:
53:b5:e6:49:7d:21:ad:cc:5d:0f:7f:31:b5:6f:21:
47:e0:80:fb:3e:20:f7:5f:36:f0:58:a5:70:cc:90:
4c:5a:50:1f:bf:de:8d:f4:32:2d:60:cd:73:52:77:
4b:d3:08:44:7d:f3:13:ba:01:a6:12:3b:91:75:fb:
2d:c9:b0:62:3c:43:32:70:27:0d:c4:e3:96:78:01:
cb:9b:5e:a6:c0:4e:9c:56:c0:51:92:11:07:1f:c8:
53:a8:94:f3:2a:7a:31:57:74:77:6d:f1:ca:28:35:
31:3e:b2:fa:0d:cb:43:86:1b:e5:b1:34:93:4b:65:
e4:b4:cc:41:aa:90:d4:2f:a4:3f:a0:1a:e9:c5:d0:
09:d7:54:2e:0c:8f:10:f8:f1:90:14:77:6d:a1:50:
21:c7:7c:75:90:e9:75:eb:12:49:79:84:f7:46:48:
6b:34:aa:4f:90:0d:06:6c:d2:4c:53:74:dc:b2:af:
99:0d:50:b0:ea:9a:16:5a:0b:02:cc:f6:23:a8:19:
09:4e:e2:dd:a6:c6:1f:02:47:b0:4a:3a:3e:21:f7:
98:5a:70:96:43:cb:8f:c6:b3:a8:1e:44:fa:66:84:
a9:f5:f3:b0:8b:2c:4d:69:79:a1:79:d9:99:a1:c9:
a9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9F:79:B6:7A:64:E8:51:58:5A:98:0A:E7:18:9A:6D:29:A9:C9:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:b5:04:e4:17:59:8b:ed:77:9a:ff:a3:da:15:d9:59:6e:7b:
ad:9c:06:13:1d:6d:4e:67:dc:ae:fd:7d:00:a9:dc:20:1e:b5:
90:b0:cc:1b:2b:cf:6b:09:da:c1:27:a7:c6:1d:cd:53:58:4c:
15:86:bd:de:fc:c8:a5:48:cf:d3:22:a5:db:01:15:74:3d:da:
93:02:89:4b:7e:a1:38:32:9d:68:41:f6:66:04:aa:fa:ad:86:
2d:6a:3a:6b:2b:07:ad:3b:05:42:3e:2e:9c:cd:8f:9e:83:c9:
6e:c9:73:d2:ec:ea:32:1b:40:29:73:e0:5f:f8:12:fb:db:59:
69:4d:d3:00:88:0b:b0:df:1d:1f:7e:64:e8:27:51:07:c8:36:
d5:c2:f0:19:22:ba:31:cf:b0:7d:91:14:95:52:52:c3:b1:7f:
6b:f7:38:be:74:ac:23:80:8e:05:2c:39:7d:35:e1:4c:1d:7d:
4f:29:97:c1:94:72:60:14:79:98:f4:f1:d0:1e:c0:d2:e9:fe:
67:b3:92:17:8e:27:bb:34:a2:5b:9c:4a:f1:45:61:6f:2d:db:
47:fa:a9:a4:b8:cc:4f:ee:30:24:23:19:c6:7e:5e:f4:21:27:
6d:d8:37:9b:71:13:a7:5d:cf:22:4d:ab:80:0d:11:93:21:d6:
1b:0b:e2:03
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbPxAbmdeE0wIwP/qRW1pkFx/k8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjgwMDAwMDBaFw0yNTAzMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMmZmYWQ0MTNjYmM3ODMyMTgyYTdlMWMzYzM1NThlMjRlNWYzNTY1MDdh
NDc1N2U5ZmJmYjgwYzczYmIyNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdxLBzgmuAJ4lv1ZMi2U7XmSX0hrcxdD38xtW8hR+CA+z4g91828FilcMyQ
TFpQH7/ejfQyLWDNc1J3S9MIRH3zE7oBphI7kXX7LcmwYjxDMnAnDcTjlngBy5te
psBOnFbAUZIRBx/IU6iU8yp6MVd0d23xyig1MT6y+g3LQ4Yb5bE0k0tl5LTMQaqQ
1C+kP6Aa6cXQCddULgyPEPjxkBR3baFQIcd8dZDpdesSSXmE90ZIazSqT5ANBmzS
TFN03LKvmQ1QsOqaFloLAsz2I6gZCU7i3abGHwJHsEo6PiH3mFpwlkPLj8azqB5E
+maEqfXzsIssTWl5oXnZmaHJqfUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSxn3m2
emToUVhamArnGJptKanJojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEApbUE5BdZi+13mv+j2hXZWW57rZwGEx1tTmfcrv19
AKncIB61kLDMGyvPawnawSenxh3NU1hMFYa93vzIpUjP0yKl2wEVdD3akwKJS36h
ODKdaEH2ZgSq+q2GLWo6aysHrTsFQj4unM2PnoPJbslz0uzqMhtAKXPgX/gS+9tZ
aU3TAIgLsN8dH35k6CdRB8g21cLwGSK6Mc+wfZEUlVJSw7F/a/c4vnSsI4COBSw5
fTXhTB19TymXwZRyYBR5mPTx0B7A0un+Z7OSF44nuzSiW5xK8UVhby3bR/qppLjM
T+4wJCMZxn5e9CEnbdg3m3ETp13PIk2rgA0RkyHWGwviAw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:50 2025 by rpki-client