Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: Sf2ZpRXbTTVs22RQaxL0XPfJOwU7KM0EjiajG8YVWTI=
Subject key identifier: 23:18:AC:02:D5:09:E2:D9:05:99:7C:55:EF:A5:C8:F1:FC:A1:95:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 046B0B14A919FE52D6CAD4A38F0AC7C0FC72BD61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:6b:0b:14:a9:19:fe:52:d6:ca:d4:a3:8f:0a:c7:c0:fc:72:bd:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=e7f6eeb27f10c4feee8a5d9a257391cc6d8b62205ca636ab17453799a1617916, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ba:da:ac:26:9c:ea:9e:5b:5c:5a:d9:09:c5:
98:bc:35:8d:e6:10:e6:4d:9c:b9:26:19:15:37:94:
bc:ab:67:02:37:26:ba:74:31:ad:b6:69:cd:64:04:
62:7a:9d:73:aa:a7:89:c0:73:e8:ce:67:a9:25:36:
db:05:b1:c8:be:b5:c7:82:6a:a6:69:4b:2e:4c:c8:
15:f1:92:df:da:ee:70:1f:f5:dc:be:3b:69:0f:cb:
55:82:72:bf:e5:c1:6f:17:b4:35:e6:d7:9d:4d:23:
e9:e9:80:cb:28:01:c8:de:e9:e1:12:e2:54:3d:1d:
29:80:c0:7a:4a:9d:27:62:49:10:90:fa:85:34:bf:
18:53:6c:f4:87:82:4f:10:d7:7f:38:28:d8:ad:f0:
2f:b7:96:99:18:86:a8:ae:f1:d0:1c:18:e1:5b:94:
9d:94:19:51:b1:18:0a:45:88:ed:a7:98:cc:59:05:
85:2b:f8:2c:46:8b:71:1b:dd:2a:b0:85:f5:c5:57:
e0:48:28:07:d0:5d:5b:a4:37:a9:b1:fc:07:8e:cd:
f3:f9:3b:63:84:40:c7:92:88:20:10:69:11:53:6e:
24:c5:3e:8c:0e:1f:c5:d6:66:9d:0b:8a:ca:39:be:
c3:ce:f5:89:0d:b2:ca:c2:48:8f:64:64:37:e0:dc:
66:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:18:AC:02:D5:09:E2:D9:05:99:7C:55:EF:A5:C8:F1:FC:A1:95:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:00:c1:f6:06:5d:82:a2:c7:5f:10:df:51:7e:50:dc:c1:f2:
5c:bd:51:07:50:6a:99:7b:86:8b:f4:32:c7:b1:11:b7:fa:4c:
4b:f9:c8:fe:c2:30:e6:f1:b9:b7:4b:a4:9a:c9:38:f2:a9:0c:
5d:6c:8e:2c:9f:68:5a:b9:fb:6a:e9:ed:50:76:3a:27:e3:37:
fb:fb:3f:c6:6b:78:64:30:99:78:ba:f7:d6:61:ac:05:a1:bb:
25:a0:84:00:2c:b2:b0:76:ad:d7:f4:79:17:c4:87:64:a6:1c:
25:51:1d:dd:6f:21:8e:d3:0c:72:b7:cb:bb:6c:b4:f5:11:c6:
24:97:1c:29:d8:31:9b:0b:d9:c5:52:31:f4:10:d9:df:1a:3d:
49:4b:18:6a:6c:52:cb:85:92:1b:a5:5f:0d:e2:fe:02:af:2a:
72:fc:32:ff:2e:8c:bf:dc:4e:68:15:a9:45:33:73:11:d8:d1:
79:54:36:85:95:00:66:9b:4b:a0:36:a0:f0:3c:88:17:9b:de:
a4:28:0e:32:95:c5:ca:38:92:8a:1e:2e:fd:86:db:1f:1c:04:
ec:c9:39:f9:c4:e8:6d:21:23:5f:25:b1:40:b6:5a:0c:22:b6:
6c:37:77:0f:f3:e2:83:29:65:45:fa:52:9d:76:76:6f:19:c2:
d5:ca:52:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBGsLFKkZ/lLWytSjjwrHwPxyvWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZjZlZWIyN2YxMGM0ZmVlZThhNWQ5YTI1NzM5MWNjNmQ4YjYyMjA1Y2E2
MzZhYjE3NDUzNzk5YTE2MTc5MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe62qwmnOqeW1xa2QnFmLw1jeYQ5k2cuSYZFTeUvKtnAjcmunQxrbZpzWQE
Ynqdc6qnicBz6M5nqSU22wWxyL61x4JqpmlLLkzIFfGS39rucB/13L47aQ/LVYJy
v+XBbxe0NebXnU0j6emAyygByN7p4RLiVD0dKYDAekqdJ2JJEJD6hTS/GFNs9IeC
TxDXfzgo2K3wL7eWmRiGqK7x0BwY4VuUnZQZUbEYCkWI7aeYzFkFhSv4LEaLcRvd
KrCF9cVX4EgoB9BdW6Q3qbH8B47N8/k7Y4RAx5KIIBBpEVNuJMU+jA4fxdZmnQuK
yjm+w871iQ2yysJIj2RkN+DcZt8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQjGKwC
1Qni2QWZfFXvpcjx/KGVijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEALQDB9gZdgqLHXxDfUX5Q3MHyXL1RB1BqmXuGi/Qy
x7ERt/pMS/nI/sIw5vG5t0ukmsk48qkMXWyOLJ9oWrn7auntUHY6J+M3+/s/xmt4
ZDCZeLr31mGsBaG7JaCEACyysHat1/R5F8SHZKYcJVEd3W8hjtMMcrfLu2y09RHG
JJccKdgxmwvZxVIx9BDZ3xo9SUsYamxSy4WSG6VfDeL+Aq8qcvwy/y6Mv9xOaBWp
RTNzEdjReVQ2hZUAZptLoDag8DyIF5vepCgOMpXFyjiSih4u/YbbHxwE7Mk5+cTo
bSEjXyWxQLZaDCK2bDd3D/PigyllRfpSnXZ2bxnC1cpSkA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:46 2025 by rpki-client