Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: CNwAiN222rPTCXoAJG/m52aOyk7G15v7WWvDMQfqdmA=
Subject key identifier: 35:FD:73:59:95:17:5A:53:55:9A:5D:E5:7E:25:0E:58:D1:C2:87:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 736229D05D0D5583B47D54004EB74E30E370B0E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:62:29:d0:5d:0d:55:83:b4:7d:54:00:4e:b7:4e:30:e3:70:b0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=88963a681e5738c1c43202c5fb2c3696cbcb52e05885f111e79ad462c78fb48c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7c:66:55:f3:03:45:3f:f1:a0:7d:39:8d:d8:
53:e3:14:d3:6e:9a:18:67:a9:36:c3:39:5f:9e:e3:
57:7d:ac:2c:22:51:65:4b:09:ff:17:d4:f9:cf:6d:
6c:06:dc:75:f0:2f:d7:b9:c7:c2:a1:b7:70:35:45:
2a:70:95:c6:ce:c4:15:be:cd:e2:2d:11:42:ef:b6:
b4:af:c0:aa:aa:29:0d:71:a2:02:08:50:6f:8f:36:
b0:5c:52:ea:eb:2f:db:b7:1a:83:de:d8:20:e2:8f:
bd:bd:79:8a:2c:78:86:ee:f6:11:a0:e7:97:fe:83:
92:fd:36:e4:38:5b:77:ca:fc:4f:40:e8:dd:bf:4e:
06:47:8b:d7:f1:de:ae:6f:13:a8:fa:fe:87:06:92:
8e:10:fd:40:92:0e:8c:a7:39:1c:39:cb:0b:83:b1:
35:06:92:56:23:72:95:87:ae:93:67:01:36:41:2b:
58:a9:8f:38:42:7d:2b:4d:69:53:15:8a:25:ba:34:
6d:86:c0:14:51:34:fc:c5:75:e8:71:3f:03:b7:f7:
33:21:85:10:1b:80:83:2b:3a:85:cd:27:7e:0f:68:
2a:e3:0a:bd:a3:6a:f5:d1:cb:53:a1:ac:17:18:cb:
65:3b:55:fe:2f:93:d8:85:01:fb:fd:74:25:f5:b7:
a2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FD:73:59:95:17:5A:53:55:9A:5D:E5:7E:25:0E:58:D1:C2:87:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
15:05:5f:21:c7:24:91:fd:d0:99:a3:48:c1:70:47:1c:f5:40:
e7:c0:a4:47:e2:f7:7e:63:0c:ed:a9:9a:54:1e:a5:32:6e:01:
81:eb:c5:29:76:1b:d4:6b:92:f9:aa:dc:fb:2e:a1:73:6a:de:
05:90:80:57:cc:6c:e7:9f:7b:6c:78:68:ce:94:89:e8:61:39:
e2:32:84:37:6b:d9:34:a4:e0:06:c3:06:f4:d8:b9:e5:e1:b0:
86:81:93:77:38:ad:5f:72:f8:0a:1c:52:72:b9:ee:bb:7c:66:
a4:ea:64:a6:5b:fb:cc:d9:bc:6d:7b:34:74:8b:88:7a:4a:26:
50:40:07:59:d4:e8:26:ff:33:f6:39:1e:72:8c:65:22:a0:6f:
52:fb:e3:2f:3d:f7:a6:0c:af:40:90:54:cb:67:78:7a:45:8d:
ce:fb:a7:32:77:b5:c0:0f:0d:59:b5:19:d0:9d:a2:86:cd:c9:
fa:36:56:49:80:e0:67:7a:a1:d2:d8:de:a2:cc:b8:32:98:e9:
5e:a0:b3:83:71:9d:d4:02:89:03:b1:78:d4:e4:9c:57:de:9a:
b8:4d:06:56:e8:03:32:cd:c6:79:40:0b:96:30:e9:f2:fa:88:
0b:19:48:4e:77:cc:1b:60:8e:fa:b7:99:c6:f5:37:2e:5e:a3:
e9:73:f8:b9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUc2Ip0F0NVYO0fVQATrdOMONwsOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4OTYzYTY4MWU1NzM4YzFjNDMyMDJjNWZiMmMzNjk2Y2JjYjUyZTA1ODg1
ZjExMWU3OWFkNDYyYzc4ZmI0OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB8ZlXzA0U/8aB9OY3YU+MU026aGGepNsM5X57jV32sLCJRZUsJ/xfU+c9t
bAbcdfAv17nHwqG3cDVFKnCVxs7EFb7N4i0RQu+2tK/AqqopDXGiAghQb482sFxS
6usv27cag97YIOKPvb15iix4hu72EaDnl/6Dkv025Dhbd8r8T0Do3b9OBkeL1/He
rm8TqPr+hwaSjhD9QJIOjKc5HDnLC4OxNQaSViNylYeuk2cBNkErWKmPOEJ9K01p
UxWKJbo0bYbAFFE0/MV16HE/A7f3MyGFEBuAgys6hc0nfg9oKuMKvaNq9dHLU6Gs
FxjLZTtV/i+T2IUB+/10JfW3oqsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1/XNZ
lRdaU1WaXeV+JQ5Y0cKHVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAFQVfIcckkf3QmaNIwXBHHPVA58CkR+L3fmMM7ama
VB6lMm4BgevFKXYb1GuS+arc+y6hc2reBZCAV8xs5597bHhozpSJ6GE54jKEN2vZ
NKTgBsMG9Ni55eGwhoGTdzitX3L4ChxScrnuu3xmpOpkplv7zNm8bXs0dIuIekom
UEAHWdToJv8z9jkecoxlIqBvUvvjLz33pgyvQJBUy2d4ekWNzvunMne1wA8NWbUZ
0J2ihs3J+jZWSYDgZ3qh0tjeosy4MpjpXqCzg3Gd1AKJA7F41OScV96auE0GVugD
Ms3GeUALljDp8vqICxlITnfMG2CO+reZxvU3Ll6j6XP4uQ==
-----END CERTIFICATE-----
Generated at Fri May 2 15:54:08 2025 by rpki-client