Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: w6lqytDVENyX73XTs2woNMza6K4N2F/xEDKjGeq0128=
Subject key identifier: 1C:8C:CD:76:D4:25:6E:AF:6F:18:DA:A1:81:87:6B:D0:BD:CB:F2:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 412E70FC6A737DAC103392FC894D4C0B26877348
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:2e:70:fc:6a:73:7d:ac:10:33:92:fc:89:4d:4c:0b:26:87:73:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=2ed6f9db9a35eff745bed43cc9c4f4378608eeaab507e370cece0f5ef0f6176d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ee:b0:40:4a:55:2e:20:ba:b1:97:95:a2:a3:
6a:64:14:03:12:da:fd:96:89:45:13:03:5d:a5:47:
17:37:5c:82:7d:18:d8:00:9a:9e:63:26:fe:3a:4d:
d6:5a:f9:8c:5e:8f:83:c4:6a:55:a5:24:36:3b:3b:
2b:c1:b2:ee:b6:1b:ee:6b:4a:81:34:7f:8e:99:76:
83:51:9d:02:7b:22:4c:45:23:4b:df:42:33:5e:41:
39:1f:93:ff:52:34:4e:ad:dc:d0:08:1b:70:9e:94:
ae:2f:e7:a9:05:a4:46:1e:cc:a5:25:c9:86:c7:19:
d0:1a:d2:e6:5a:e4:22:06:f5:7a:5c:5c:f5:e2:68:
7c:80:fc:03:70:d6:9a:57:c1:fd:d9:a5:b4:08:8e:
b3:c5:e7:50:d7:62:6c:4b:a4:02:89:63:19:c1:0e:
1f:b0:43:9a:a0:c4:4f:db:b2:ec:1a:44:93:e6:a4:
7d:4f:ac:a7:f8:ec:e0:2f:7c:a4:97:0d:92:12:b0:
8d:a6:58:90:93:ca:e6:26:ef:58:4f:0b:96:52:38:
dc:4c:fe:22:1f:57:ce:99:6b:6f:63:fa:da:21:53:
61:3f:66:ad:70:eb:be:ad:05:21:fc:43:82:f3:ca:
72:a9:fb:4b:d5:6f:d5:83:a4:3f:ee:43:62:1b:84:
ea:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8C:CD:76:D4:25:6E:AF:6F:18:DA:A1:81:87:6B:D0:BD:CB:F2:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:b4:46:dd:fe:eb:f8:0b:e3:22:b2:f5:87:76:92:39:cc:f9:
e7:a2:23:a2:98:1f:1e:e9:d1:a3:1c:82:66:10:bb:a2:38:33:
0d:83:59:cd:63:eb:77:ba:73:c7:16:81:a9:42:2b:99:5b:ff:
14:0a:1e:9d:55:cb:e2:48:c2:9a:25:14:73:16:74:ca:16:ab:
ef:e8:fc:2d:eb:f2:09:9a:ce:42:e8:05:60:de:17:10:99:24:
39:9f:9b:94:d7:f2:c9:e7:3f:d7:0f:08:06:ea:c6:9d:ae:e2:
c5:90:83:f4:d1:3e:9e:20:06:dc:0a:f3:fa:3b:95:f6:f6:08:
74:d0:49:32:63:a1:58:95:dd:7e:ac:91:20:65:c0:71:dd:a9:
ec:fb:20:61:a6:99:fa:d6:73:d1:dd:ab:31:0b:66:cf:da:3e:
56:9c:6f:fd:7e:e4:7f:b3:d6:c2:8d:ba:54:0e:25:ea:4b:05:
b1:37:3c:2b:77:0e:e0:9a:13:1d:c2:b0:56:69:85:05:e4:89:
47:9a:b6:63:d7:3e:5a:5c:4c:d7:12:1b:dd:83:db:79:f9:61:
7a:22:a9:f5:64:59:4c:49:e2:57:81:a3:a7:91:6e:91:e8:dd:
f0:bf:a5:25:48:5e:3f:a2:b8:b3:bd:e8:44:99:bb:98:27:5b:
80:b9:fd:c8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQS5w/GpzfawQM5L8iU1MCyaHc0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZDZmOWRiOWEzNWVmZjc0NWJlZDQzY2M5YzRmNDM3ODYwOGVlYWFiNTA3
ZTM3MGNlY2UwZjVlZjBmNjE3NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7usEBKVS4gurGXlaKjamQUAxLa/ZaJRRMDXaVHFzdcgn0Y2ACanmMm/jpN
1lr5jF6Pg8RqVaUkNjs7K8Gy7rYb7mtKgTR/jpl2g1GdAnsiTEUjS99CM15BOR+T
/1I0Tq3c0AgbcJ6Uri/nqQWkRh7MpSXJhscZ0BrS5lrkIgb1elxc9eJofID8A3DW
mlfB/dmltAiOs8XnUNdibEukAoljGcEOH7BDmqDET9uy7BpEk+akfU+sp/js4C98
pJcNkhKwjaZYkJPK5ibvWE8LllI43Ez+Ih9Xzplrb2P62iFTYT9mrXDrvq0FIfxD
gvPKcqn7S9Vv1YOkP+5DYhuE6ncCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQcjM12
1CVur28Y2qGBh2vQvcvyWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEAO7RG3f7r+AvjIrL1h3aSOcz556IjopgfHunRoxyC
ZhC7ojgzDYNZzWPrd7pzxxaBqUIrmVv/FAoenVXL4kjCmiUUcxZ0yhar7+j8Levy
CZrOQugFYN4XEJkkOZ+blNfyyec/1w8IBurGna7ixZCD9NE+niAG3Arz+juV9vYI
dNBJMmOhWJXdfqyRIGXAcd2p7PsgYaaZ+tZz0d2rMQtmz9o+Vpxv/X7kf7PWwo26
VA4l6ksFsTc8K3cO4JoTHcKwVmmFBeSJR5q2Y9c+WlxM1xIb3YPbeflheiKp9WRZ
TEniV4Gjp5Fukejd8L+lJUheP6K4s73oRJm7mCdbgLn9yA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:27 2025 by rpki-client