Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: bF5VTqY2Fjlt0+t5Ccj9i4XG6rT0KtCbdwKllGN9UD8=
Subject key identifier: 0D:A5:7B:3F:92:96:94:22:72:6C:E6:F9:72:C9:19:ED:36:F0:AC:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5091ADB3FB1AEC11F6329D3EB6B996ECE22E2856
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Mon 31 Mar 2025 19:01:25 +0000
ROA not before: Mon 31 Mar 2025 19:01:25 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:91:ad:b3:fb:1a:ec:11:f6:32:9d:3e:b6:b9:96:ec:e2:2e:28:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:01:25 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=1903cf293c704651503aed791a5165b0e013192b4e4d2eedd1d90e2a508cf545, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a1:7b:c9:9a:de:1a:67:81:c0:13:bf:97:d1:
d0:fc:2e:71:6e:7b:d8:77:12:3a:d9:9d:a8:92:fb:
58:10:ed:11:c0:9e:73:63:e9:61:bd:80:af:ed:94:
cc:58:61:d0:16:43:ac:87:81:2e:66:96:3a:1f:04:
29:7d:cb:68:f2:44:05:19:70:96:7f:04:a3:73:c1:
1b:84:28:40:9d:34:b9:48:0b:2d:0c:d7:7d:e2:ab:
b3:8d:a1:de:ed:53:8e:ea:8d:48:ec:c4:0c:4e:3f:
df:f7:03:04:fc:bd:e4:8a:23:91:28:17:4d:b6:5b:
2c:3a:ba:26:f0:e5:20:31:f1:ed:95:8e:41:fb:8b:
8a:44:14:58:4e:89:f3:48:53:fd:0b:26:c7:4c:80:
b2:bc:3d:7a:45:1c:a9:bb:8c:a5:43:36:9c:10:73:
cf:84:ea:f5:da:47:e1:c0:38:5a:69:8f:04:d5:00:
f4:5a:91:1d:9c:58:14:e5:31:e8:5c:f0:e4:6e:46:
cc:45:64:92:96:1c:fb:24:b2:cf:b7:9f:e9:6d:70:
fd:b6:48:76:03:e1:d0:2d:3f:b2:01:1d:41:2e:f9:
2c:0b:45:74:23:75:75:3c:6a:ec:3e:96:67:09:f2:
7c:35:a2:f1:82:39:4a:16:dd:ef:bd:a5:6b:4a:9a:
f4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A5:7B:3F:92:96:94:22:72:6C:E6:F9:72:C9:19:ED:36:F0:AC:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:cf:12:6b:42:73:8b:ac:b6:ce:d1:b8:b3:f0:73:cd:bb:7a:
fe:ca:d3:35:f2:d4:da:aa:81:ad:ae:bb:09:b9:88:6c:b2:8b:
83:1d:ae:a4:af:fd:c3:35:4f:f3:07:11:e5:9d:76:1a:f6:6e:
f8:a9:69:5b:6a:e7:cc:63:01:14:43:6d:5f:7c:f4:1b:da:f8:
57:83:4f:4c:38:79:78:6f:1b:49:2f:a8:de:d3:97:b0:62:c1:
37:88:14:c8:93:97:7e:20:34:dc:b8:94:4f:d7:54:7d:a5:34:
be:2f:f4:b9:0c:6a:b1:c2:3e:5c:bb:d8:33:07:d9:e4:c4:e6:
c0:70:15:cc:80:ec:17:d6:14:e2:90:23:5b:20:20:f1:8a:03:
ca:a5:4a:ff:8d:8c:5e:8c:ca:c3:74:0b:7f:4d:92:f3:e0:8e:
6f:ef:ac:ff:60:0c:44:08:48:0a:71:e2:12:5d:db:f2:4a:93:
b3:c6:a3:e9:48:9b:77:04:32:4f:65:89:8e:03:6e:b9:69:c7:
3a:2c:5a:20:e4:0f:7d:03:0e:65:4b:ee:0f:d2:55:fb:d7:c8:
fc:3d:07:58:9a:73:aa:6e:ad:4d:e1:89:b2:14:99:db:ed:ea:
e9:65:0a:a3:83:bf:6f:60:1e:53:88:44:cc:fa:5c:8f:56:41:
2f:38:8f:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUJGts/sa7BH2Mp0+trmW7OIuKFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAxMjVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5MDNjZjI5M2M3MDQ2NTE1MDNhZWQ3OTFhNTE2NWIwZTAxMzE5MmI0ZTRk
MmVlZGQxZDkwZTJhNTA4Y2Y1NDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+he8ma3hpngcATv5fR0PwucW572HcSOtmdqJL7WBDtEcCec2PpYb2Ar+2U
zFhh0BZDrIeBLmaWOh8EKX3LaPJEBRlwln8Eo3PBG4QoQJ00uUgLLQzXfeKrs42h
3u1TjuqNSOzEDE4/3/cDBPy95IojkSgXTbZbLDq6JvDlIDHx7ZWOQfuLikQUWE6J
80hT/Qsmx0yAsrw9ekUcqbuMpUM2nBBzz4Tq9dpH4cA4WmmPBNUA9FqRHZxYFOUx
6Fzw5G5GzEVkkpYc+ySyz7ef6W1w/bZIdgPh0C0/sgEdQS75LAtFdCN1dTxq7D6W
ZwnyfDWi8YI5Shbd772la0qa9KkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQNpXs/
kpaUInJs5vlyyRntNvCsATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAX88Sa0Jzi6y2ztG4s/Bzzbt6/srTNfLU2qqBra67
CbmIbLKLgx2upK/9wzVP8wcR5Z12GvZu+KlpW2rnzGMBFENtX3z0G9r4V4NPTDh5
eG8bSS+o3tOXsGLBN4gUyJOXfiA03LiUT9dUfaU0vi/0uQxqscI+XLvYMwfZ5MTm
wHAVzIDsF9YU4pAjWyAg8YoDyqVK/42MXozKw3QLf02S8+COb++s/2AMRAhICnHi
El3b8kqTs8aj6UibdwQyT2WJjgNuuWnHOixaIOQPfQMOZUvuD9JV+9fI/D0HWJpz
qm6tTeGJshSZ2+3q6WUKo4O/b2AeU4hEzPpcj1ZBLziP/g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net