Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: pdjQQcUxdEG+/btQeuibp5XCsCemskYEBBxTuXaHGu4=
Subject key identifier: A7:08:94:51:B8:8A:0D:7B:8F:25:F9:9D:59:E8:D1:80:C6:2D:06:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05EC464DD13A70F150EEFC3CA5EDDAEF2EC8F9E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Mon 31 Mar 2025 19:01:24 +0000
ROA not before: Mon 31 Mar 2025 19:01:24 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:ec:46:4d:d1:3a:70:f1:50:ee:fc:3c:a5:ed:da:ef:2e:c8:f9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:01:24 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=7d2c78d57f29ad6efc5d77520fb86929a96fec903b91b08f7688fccc3781d5d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:91:17:9b:fb:fa:c6:fe:56:62:1e:1a:20:
c7:54:89:ea:a4:71:07:41:4c:f3:5f:45:9f:ae:1d:
c8:22:c0:5a:8b:c8:fd:cd:86:44:cc:90:23:94:83:
63:7f:d1:64:57:2d:8a:47:16:42:08:d4:a0:3a:72:
7b:84:21:10:81:1f:90:8a:95:a1:8e:d7:d9:d5:8d:
b6:75:11:b5:60:1a:85:69:05:99:ed:a1:35:10:59:
72:aa:c4:74:31:34:e9:96:11:c5:94:6f:38:bd:a9:
59:a9:f6:86:e6:56:ee:fb:b5:00:c2:99:c0:de:f5:
0c:0d:17:94:cb:61:bd:ac:48:05:d8:e5:1c:91:d9:
25:23:7b:fc:91:d0:94:f9:bc:bb:ba:eb:d0:90:c9:
09:e8:b7:aa:47:cc:70:d2:f0:7e:39:f6:c9:e2:dc:
11:ee:0a:77:f0:e7:5b:df:a0:9a:fc:2b:0d:78:7d:
e5:64:49:6e:62:6c:81:dc:09:c6:2c:f9:95:36:ef:
8a:4c:95:3c:16:a1:9b:04:bc:ca:af:c9:2b:7a:94:
e4:8a:22:14:c6:2d:7e:60:2d:7f:6f:38:89:4e:d3:
8e:0e:c2:e7:87:13:8b:af:48:d5:bb:72:19:e8:f9:
11:7f:1e:3c:ec:be:c3:a5:3d:24:e8:f9:77:d6:9e:
8d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:08:94:51:B8:8A:0D:7B:8F:25:F9:9D:59:E8:D1:80:C6:2D:06:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
19:50:16:99:30:93:2d:98:19:47:13:a0:02:51:08:b3:bf:e5:
ec:18:54:62:a0:8f:af:e7:df:83:4c:35:e6:2a:d5:7b:9a:6e:
dc:e5:fb:3e:43:86:c1:83:d9:63:92:da:a8:fd:b8:77:90:0a:
e9:d4:35:6f:6e:77:bc:c6:98:81:81:3e:14:11:2e:bf:40:de:
f3:3f:0a:79:7d:96:65:5e:62:e1:95:b4:e5:e3:d5:99:30:28:
33:97:6c:a4:9b:e9:18:8e:2c:07:3a:17:ab:7d:f2:9b:15:c0:
47:56:0c:a7:44:27:40:a3:72:0b:80:6b:10:a3:c4:16:9c:4e:
85:1c:27:51:49:00:c1:f3:45:a8:fc:27:e2:50:fd:9c:47:d7:
a1:dc:71:18:5b:96:86:bb:25:59:76:ac:95:e2:67:e5:b2:e5:
2b:9b:7e:fb:c0:cd:21:55:88:cd:7b:96:6c:b0:5a:a3:26:9b:
4a:5e:bd:33:0f:2d:2f:02:32:88:bd:0e:4c:b1:d7:88:bf:cc:
e2:ac:51:82:7d:b8:39:2b:11:a4:f6:f7:e7:58:d9:e2:2e:d2:
ef:be:81:60:22:57:b2:91:33:ec:fe:d7:cb:25:1e:29:2d:1d:
f2:a1:fa:9c:e2:97:5c:00:43:7b:5e:6d:b4:a7:9a:57:e6:64:
eb:d7:0c:67
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBexGTdE6cPFQ7vw8pe3a7y7I+eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAxMjRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkMmM3OGQ1N2YyOWFkNmVmYzVkNzc1MjBmYjg2OTI5YTk2ZmVjOTAzYjkx
YjA4Zjc2ODhmY2NjMzc4MWQ1ZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhikReb+/rG/lZiHhogx1SJ6qRxB0FM819Fn64dyCLAWovI/c2GRMyQI5SD
Y3/RZFctikcWQgjUoDpye4QhEIEfkIqVoY7X2dWNtnURtWAahWkFme2hNRBZcqrE
dDE06ZYRxZRvOL2pWan2huZW7vu1AMKZwN71DA0XlMthvaxIBdjlHJHZJSN7/JHQ
lPm8u7rr0JDJCei3qkfMcNLwfjn2yeLcEe4Kd/DnW9+gmvwrDXh95WRJbmJsgdwJ
xiz5lTbvikyVPBahmwS8yq/JK3qU5IoiFMYtfmAtf284iU7Tjg7C54cTi69I1bty
Gej5EX8ePOy+w6U9JOj5d9aejRMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSnCJRR
uIoNe48l+Z1Z6NGAxi0GjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAGVAWmTCTLZgZRxOgAlEIs7/l7BhUYqCPr+ffg0w1
5irVe5pu3OX7PkOGwYPZY5LaqP24d5AK6dQ1b253vMaYgYE+FBEuv0De8z8KeX2W
ZV5i4ZW05ePVmTAoM5dspJvpGI4sBzoXq33ymxXAR1YMp0QnQKNyC4BrEKPEFpxO
hRwnUUkAwfNFqPwn4lD9nEfXodxxGFuWhrslWXasleJn5bLlK5t++8DNIVWIzXuW
bLBaoyabSl69Mw8tLwIyiL0OTLHXiL/M4qxRgn24OSsRpPb351jZ4i7S776BYCJX
spEz7P7XyyUeKS0d8qH6nOKXXABDe15ttKeaV+Zk69cMZw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:13 2025 by rpki-client on console.sobornost.net