Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
File: 4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa (raw, json)
Hash identifier: 5jlCI1FYX2OXya09PMcLMwzV38a/66nlhwIZbzNjMnA=
Subject key identifier: A8:33:06:B4:48:A7:E2:4C:0C:95:8F:FF:80:F0:C4:92:AD:33:4A:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 795F3D8C8637174A238D41BCEFB77C9D0307A8E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:5f:3d:8c:86:37:17:4a:23:8d:41:bc:ef:b7:7c:9d:03:07:a8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=9bf8ad3c6418e0accb2c6065c7c7fb15f5e5c0817d6c0d288cdfe83aea694db3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c3:48:e4:62:9e:b1:90:eb:40:0a:a3:ef:42:
9d:6e:6f:07:50:c0:1c:2a:d1:c3:1b:13:24:23:78:
63:c2:8c:b9:52:4c:65:98:f8:1f:3e:03:27:8d:fa:
d8:a8:ce:74:99:51:47:25:0c:fc:2c:85:81:a2:c3:
fb:65:3c:2a:23:12:c9:6f:bf:a4:74:fb:a8:18:66:
03:ff:fc:2b:ac:61:a8:41:46:a5:de:14:5e:30:fe:
7c:9b:58:91:54:cb:85:53:54:7d:7a:c6:6f:6b:f1:
8b:de:6f:91:c3:89:5c:19:bd:b8:d5:02:9c:0f:a7:
39:2f:6e:96:9b:9f:73:a7:d4:9c:26:a2:33:52:f0:
c7:e1:8e:fc:3c:1c:fc:31:79:dd:b0:14:c1:16:6c:
67:01:89:d8:34:34:b1:11:66:ad:6a:0b:09:10:a5:
4f:8f:a7:a5:b9:c3:ff:bc:09:47:0e:81:fe:bd:2d:
2c:d9:f4:40:07:f2:b9:c8:5a:fd:e0:b4:be:47:d4:
81:18:e8:22:af:7c:49:d4:85:2d:3c:c0:0d:8b:23:
fe:24:20:55:c4:33:b7:d5:66:f7:a6:b6:b7:60:7c:
fd:a2:e7:4a:31:52:6d:48:9c:5b:98:cc:e4:37:30:
0f:a1:57:64:10:bd:44:1c:7c:af:0d:38:e1:a4:93:
77:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:33:06:B4:48:A7:E2:4C:0C:95:8F:FF:80:F0:C4:92:AD:33:4A:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.240.0/20
Signature Algorithm: sha256WithRSAEncryption
16:33:bd:1d:fd:7d:a1:fa:84:3b:af:6f:76:cf:8d:5c:86:86:
47:a6:ba:bb:0e:3e:92:bc:a3:cb:4c:58:07:9b:9a:b6:ef:8c:
42:fe:67:8c:de:15:2b:dd:76:b2:e3:50:4a:7a:0c:67:a9:79:
75:66:10:ff:33:e3:d0:d6:42:fb:5f:e3:d6:87:bd:42:62:71:
ef:7f:3d:2e:66:f5:d5:28:08:35:5a:b2:8e:2c:4e:5e:0e:57:
17:d3:e2:f4:1b:e4:13:ec:0b:c0:b9:ef:9e:37:3a:a3:2a:9c:
aa:cd:31:6d:c5:ef:06:56:5d:20:53:ab:6c:51:42:e9:f8:37:
bc:14:6e:59:3b:27:72:a7:7c:85:60:55:07:b7:2a:a8:c8:28:
7e:61:8c:70:d5:0a:8e:a4:2b:0e:df:fb:2a:22:61:d4:f5:4b:
2c:7d:fe:d6:8d:85:cc:d4:bd:e6:00:3b:15:62:69:3e:bc:07:
58:0b:5b:39:f5:a4:57:4f:b1:d7:7e:f9:b5:df:0e:a1:5d:f3:
bc:df:73:40:cc:da:68:22:2a:1f:be:e4:36:15:49:4d:b1:dc:
af:82:42:2d:36:55:68:c0:87:4f:0a:2f:52:3f:7a:a9:ed:cf:
4e:04:d3:ee:38:e0:2f:7f:55:32:d3:c2:27:ff:d2:b7:6e:3e:
ee:4d:91:a7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeV89jIY3F0ojjUG877d8nQMHqOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZjhhZDNjNjQxOGUwYWNjYjJjNjA2NWM3YzdmYjE1ZjVlNWMwODE3ZDZj
MGQyODhjZGZlODNhZWE2OTRkYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXDSORinrGQ60AKo+9CnW5vB1DAHCrRwxsTJCN4Y8KMuVJMZZj4Hz4DJ436
2KjOdJlRRyUM/CyFgaLD+2U8KiMSyW+/pHT7qBhmA//8K6xhqEFGpd4UXjD+fJtY
kVTLhVNUfXrGb2vxi95vkcOJXBm9uNUCnA+nOS9ulpufc6fUnCaiM1Lwx+GO/Dwc
/DF53bAUwRZsZwGJ2DQ0sRFmrWoLCRClT4+npbnD/7wJRw6B/r0tLNn0QAfyucha
/eC0vkfUgRjoIq98SdSFLTzADYsj/iQgVcQzt9Vm96a2t2B8/aLnSjFSbUicW5jM
5DcwD6FXZBC9RBx8rw044aSTd5UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoMwa0
SKfiTAyVj/+A8MSSrTNKiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMzExNjMtMmFkNy00OWY1LWEyNGQtMmVhNDE3MGJiMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J8DAN
BgkqhkiG9w0BAQsFAAOCAQEAFjO9Hf19ofqEO69vds+NXIaGR6a6uw4+kryjy0xY
B5uatu+MQv5njN4VK912suNQSnoMZ6l5dWYQ/zPj0NZC+1/j1oe9QmJx7389Lmb1
1SgINVqyjixOXg5XF9Pi9BvkE+wLwLnvnjc6oyqcqs0xbcXvBlZdIFOrbFFC6fg3
vBRuWTsncqd8hWBVB7cqqMgofmGMcNUKjqQrDt/7KiJh1PVLLH3+1o2FzNS95gA7
FWJpPrwHWAtbOfWkV0+x1375td8OoV3zvN9zQMzaaCIqH77kNhVJTbHcr4JCLTZV
aMCHTwovUj96qe3PTgTT7jjgL39VMtPCJ//St24+7k2Rpw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:17:39 2025 by rpki-client