Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
File: 216f72e9-3c9a-414e-a688-ee99e3f2e840.roa (raw, json)
Hash identifier: /ur2qxnI0tLyLvWpWrFWFlPLcSCn6EOcuI3C+hdneM4=
Subject key identifier: 1D:C4:E3:0B:7B:A6:69:9F:F9:3B:05:E6:AC:1A:93:24:D5:DE:0B:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0211688A4E25CB9754C36918790D5EEC870E33A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.220.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:11:68:8a:4e:25:cb:97:54:c3:69:18:79:0d:5e:ec:87:0e:33:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=0c9a2e5ce918be61c4248f2a2987bbb2bd594812eaa67f67dcda300ef69d2aff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:16:a4:7c:ac:83:cb:8a:6c:4b:3b:53:12:2f:
b9:64:2d:05:ac:5f:8f:b2:d4:a5:1e:ae:b7:24:42:
18:fe:a7:ac:9a:2a:6b:51:11:37:ee:ac:da:6b:bd:
fb:9a:5b:fe:7c:7a:d8:c1:42:fe:59:2b:31:61:72:
6f:dd:34:a4:65:9c:ec:f7:bd:73:de:93:1b:ee:44:
90:90:fd:ee:a5:54:ba:d4:af:63:ea:ce:44:e6:0d:
c4:c4:28:e0:c1:6c:d8:91:9f:72:e1:91:cd:f0:0c:
b0:dd:4d:42:ee:48:46:fa:5a:cd:07:a0:05:30:06:
01:ff:96:10:2e:b2:48:f2:95:cf:27:db:ca:52:65:
f3:40:14:02:8e:22:be:d4:63:14:59:b5:27:6f:79:
0a:4c:46:8a:31:a9:0c:22:32:7d:c3:51:18:a5:c4:
65:d6:00:c1:76:89:a1:d8:91:43:c4:18:ab:53:06:
db:bc:7f:3f:7f:58:b1:86:fd:d4:84:9d:7a:b9:1c:
27:d2:41:69:5f:aa:e2:7a:e7:25:35:fb:6d:ca:79:
99:0f:71:00:b8:bc:43:ff:48:39:e1:80:52:c6:3c:
d2:1a:2a:94:a2:4c:98:e2:81:5d:e6:44:93:5a:32:
88:3c:21:7c:1f:e9:95:a0:89:95:c6:4e:4a:6c:d8:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C4:E3:0B:7B:A6:69:9F:F9:3B:05:E6:AC:1A:93:24:D5:DE:0B:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.220.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:8f:ee:b7:bb:d8:a0:df:93:45:ed:ad:42:18:75:a3:8b:96:
ef:76:55:fb:f8:8c:c0:fb:dc:71:67:37:cf:72:55:df:67:fd:
fa:67:f5:5c:33:2f:74:c0:3c:ea:d2:26:93:b2:86:d5:9f:65:
8b:6f:e7:34:c7:e8:4d:a7:d7:a0:99:b5:57:a3:03:33:16:2d:
3a:bc:55:19:ed:b6:65:e8:8c:9b:9f:c4:93:3e:69:32:c1:d4:
54:fb:50:da:d0:bf:7e:61:c9:a3:d6:16:19:30:6e:11:93:f3:
6f:92:8b:cd:9c:9b:4d:19:54:bc:39:fb:e7:f7:91:33:01:04:
62:fe:c9:89:63:8e:5c:8a:1d:06:77:10:bc:d1:e7:ad:a0:74:
75:7f:11:14:d8:ac:b8:6d:e8:e5:98:d2:7a:00:be:f0:4b:c0:
83:3d:43:92:a4:9d:b2:24:20:d5:93:c5:a4:1e:fa:42:5b:eb:
bd:f9:2c:a6:16:85:4c:19:02:2d:c9:bd:b5:08:f3:33:ed:52:
20:67:07:cf:1a:e1:3e:ef:f8:34:7e:a2:42:a5:26:3e:cf:6b:
a7:e8:b6:7f:ab:be:96:7a:25:9e:5d:27:f0:70:4b:00:cf:d0:
84:04:6f:cc:9e:7a:d1:29:36:6e:44:fc:c6:65:3c:b2:5a:9d:
e0:93:5b:51
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAhFoik4ly5dUw2kYeQ1e7IcOM6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjOWEyZTVjZTkxOGJlNjFjNDI0OGYyYTI5ODdiYmIyYmQ1OTQ4MTJlYWE2
N2Y2N2RjZGEzMDBlZjY5ZDJhZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMWpHysg8uKbEs7UxIvuWQtBaxfj7LUpR6utyRCGP6nrJoqa1ERN+6s2mu9
+5pb/nx62MFC/lkrMWFyb900pGWc7Pe9c96TG+5EkJD97qVUutSvY+rOROYNxMQo
4MFs2JGfcuGRzfAMsN1NQu5IRvpazQegBTAGAf+WEC6ySPKVzyfbylJl80AUAo4i
vtRjFFm1J295CkxGijGpDCIyfcNRGKXEZdYAwXaJodiRQ8QYq1MG27x/P39YsYb9
1ISderkcJ9JBaV+q4nrnJTX7bcp5mQ9xALi8Q/9IOeGAUsY80hoqlKJMmOKBXeZE
k1oyiDwhfB/plaCJlcZOSmzYAX8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQdxOML
e6Zpn/k7BeasGpMk1d4LqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZjcyZTktM2M5YS00MTRlLWE2ODgtZWU5OWUzZjJlODQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6J3DAN
BgkqhkiG9w0BAQsFAAOCAQEAxI/ut7vYoN+TRe2tQhh1o4uW73ZV+/iMwPvccWc3
z3JV32f9+mf1XDMvdMA86tImk7KG1Z9li2/nNMfoTafXoJm1V6MDMxYtOrxVGe22
ZeiMm5/Ekz5pMsHUVPtQ2tC/fmHJo9YWGTBuEZPzb5KLzZybTRlUvDn75/eRMwEE
Yv7JiWOOXIodBncQvNHnraB0dX8RFNisuG3o5ZjSegC+8EvAgz1DkqSdsiQg1ZPF
pB76QlvrvfksphaFTBkCLcm9tQjzM+1SIGcHzxrhPu/4NH6iQqUmPs9rp+i2f6u+
lnolnl0n8HBLAM/QhARvzJ560Sk2bkT8xmU8slqd4JNbUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:24 2025 by rpki-client