Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: kIS3nmP4BJHYOtxibSmOkk7Fgs7EAPVHzkL7A3djghs=
Subject key identifier: 0D:AB:CC:79:D3:B2:28:5E:36:DF:12:B7:F5:60:9F:CC:D4:5A:13:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20FAE3B4B9F16F4DC4F8212EB5503C0E10A4246D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:fa:e3:b4:b9:f1:6f:4d:c4:f8:21:2e:b5:50:3c:0e:10:a4:24:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=e1be8956dd1a574d781e506bed55217c1a2c3589d6ea88d92ab47522760b2296, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:30:30:8a:a5:6a:3d:8f:69:fd:a5:91:46:68:
3b:1b:5e:a2:6e:d4:fb:e2:c9:2e:f2:22:fe:f9:43:
fd:b6:8e:e6:9d:83:a9:9a:07:d8:32:9f:81:fd:fb:
c2:b8:43:d2:05:03:a5:44:ca:ba:e8:af:60:4c:75:
b7:20:25:68:c5:ea:b5:1a:52:58:5a:f8:f7:19:4a:
a0:df:cf:45:a8:86:e3:20:73:bc:5f:74:ac:7e:46:
da:b7:6e:ea:92:8f:4c:80:e9:16:37:9b:7a:47:bd:
0f:6e:08:c6:89:0c:d7:30:95:12:54:8f:a5:1c:e8:
62:65:9b:16:aa:26:ca:89:7e:86:7b:8e:c3:7f:6e:
32:5a:f7:20:12:72:24:2e:48:eb:66:db:a5:d4:89:
79:d7:cf:7b:4e:4d:13:81:0f:ca:b1:92:f9:a4:1f:
09:7c:ca:95:0d:16:ad:05:9e:ca:8b:cb:6a:50:a5:
94:7d:19:41:d8:b2:6e:1f:65:d0:8c:c2:24:8a:4c:
eb:0b:0d:91:4a:eb:dd:4b:9b:fb:9c:1e:d0:33:b4:
58:82:21:b2:43:3f:fb:98:f8:08:cc:7f:2c:2c:a7:
c1:82:8e:03:33:9e:ab:ce:36:3b:a8:8e:96:d8:8f:
2e:98:cc:dc:af:e3:95:69:b7:8f:73:3d:d8:79:c1:
e1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AB:CC:79:D3:B2:28:5E:36:DF:12:B7:F5:60:9F:CC:D4:5A:13:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:b7:1c:5f:2e:0c:09:06:d5:0e:bc:b9:8f:21:af:0d:47:1e:
a8:91:b2:b7:4a:ac:4e:17:d9:e8:46:d7:7c:6f:c0:b5:26:27:
bb:62:95:55:16:ec:37:93:40:d7:15:e6:01:64:8c:bd:2b:4e:
1d:22:c9:4a:be:05:3f:73:7a:b4:7e:b2:ce:d1:34:55:ed:55:
81:66:4f:c6:b8:46:2f:94:71:1b:98:a4:af:8c:7e:9b:4d:ee:
1d:fa:42:ce:9d:8f:03:c1:0e:e4:d2:4a:b2:9d:59:6c:2a:17:
9d:7d:e4:20:24:b0:1e:aa:58:33:68:2e:22:85:f1:fa:99:d4:
2d:00:9f:70:af:23:30:24:9e:db:98:e8:e3:83:db:f6:f0:91:
fe:ad:f6:63:ed:43:2d:58:a5:c3:6c:c2:96:f5:57:f4:86:f4:
ce:b0:67:8b:8a:29:ab:9c:34:ce:18:fe:34:ac:53:14:65:46:
de:aa:86:79:2c:e8:2b:f8:aa:27:87:8d:38:b1:a4:ff:56:de:
94:bf:e2:cc:29:55:4a:91:7a:5c:49:d9:3c:3f:bf:a3:6a:12:
ec:11:71:5f:5e:38:88:f2:f0:d7:de:ed:0a:4e:e4:d6:75:30:
e9:16:92:aa:76:1a:6e:b4:82:42:69:7d:ad:5c:b8:b5:d0:12:
5e:e8:56:93
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIPrjtLnxb03E+CEutVA8DhCkJG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYmU4OTU2ZGQxYTU3NGQ3ODFlNTA2YmVkNTUyMTdjMWEyYzM1ODlkNmVh
ODhkOTJhYjQ3NTIyNzYwYjIyOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMwMIqlaj2Paf2lkUZoOxteom7U++LJLvIi/vlD/baO5p2DqZoH2DKfgf37
wrhD0gUDpUTKuuivYEx1tyAlaMXqtRpSWFr49xlKoN/PRaiG4yBzvF90rH5G2rdu
6pKPTIDpFjebeke9D24IxokM1zCVElSPpRzoYmWbFqomyol+hnuOw39uMlr3IBJy
JC5I62bbpdSJedfPe05NE4EPyrGS+aQfCXzKlQ0WrQWeyovLalCllH0ZQdiybh9l
0IzCJIpM6wsNkUrr3Uub+5we0DO0WIIhskM/+5j4CMx/LCynwYKOAzOeq842O6iO
ltiPLpjM3K/jlWm3j3M92HnB4ZkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQNq8x5
07IoXjbfErf1YJ/M1FoTwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAs7ccXy4MCQbVDry5jyGvDUceqJGyt0qsThfZ6EbX
fG/AtSYnu2KVVRbsN5NA1xXmAWSMvStOHSLJSr4FP3N6tH6yztE0Ve1VgWZPxrhG
L5RxG5ikr4x+m03uHfpCzp2PA8EO5NJKsp1ZbCoXnX3kICSwHqpYM2guIoXx+pnU
LQCfcK8jMCSe25jo44Pb9vCR/q32Y+1DLVilw2zClvVX9Ib0zrBni4opq5w0zhj+
NKxTFGVG3qqGeSzoK/iqJ4eNOLGk/1belL/izClVSpF6XEnZPD+/o2oS7BFxX144
iPLw197tCk7k1nUw6RaSqnYabrSCQml9rVy4tdASXuhWkw==
-----END CERTIFICATE-----
Generated at Fri May 2 14:59:12 2025 by rpki-client