Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: nWROPlk1L0xt5h7V4NR/pmKaZnAK211pQfs8fS9aXeQ=
Subject key identifier: E0:35:85:64:95:5B:8F:51:B2:EE:D9:EB:15:B8:A2:F5:A0:E9:DC:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F0E32EBE9A7BF7069F6CAB6BA9294C0CD8B1CA2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:0e:32:eb:e9:a7:bf:70:69:f6:ca:b6:ba:92:94:c0:cd:8b:1c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=d2337f55f50c3d7c223aa4548713cbd6bf26e560fa9b95ebd41eb76917fba1d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:86:a7:5a:db:f8:3f:bc:40:1b:d5:dd:fc:
82:25:d9:3f:0c:a4:d0:f4:c1:29:9e:85:d9:62:69:
20:71:b2:a7:57:18:ab:5b:4a:97:ed:e8:75:8d:70:
61:66:30:38:f5:a8:c0:39:50:a6:16:37:bb:86:11:
d3:92:49:17:f7:8e:83:cf:9c:82:4c:08:19:bc:54:
57:48:bc:70:b9:a4:b8:26:98:33:35:6e:0a:06:19:
a7:56:db:ac:7e:e3:74:44:33:04:28:97:95:4b:d8:
03:47:5b:87:69:f0:86:a9:3c:4d:9e:3e:7d:d6:78:
31:02:d4:62:d6:41:fd:37:37:f4:9a:84:7c:ca:04:
28:6c:58:c2:6e:4a:19:39:70:f8:b5:0e:b3:43:f5:
5c:00:3f:8e:44:4c:e2:17:87:d7:14:57:18:71:1c:
83:1a:ad:67:22:bb:cd:6b:b4:86:07:f7:db:9a:30:
b3:98:93:2e:05:34:47:a2:b4:31:24:e7:8f:8a:0c:
c9:28:20:9c:e0:90:f7:69:d0:56:98:bb:7b:f3:34:
58:e6:6b:72:9b:32:be:a5:8b:1e:8b:71:21:17:42:
70:27:76:59:b2:ac:14:fb:2c:c1:92:ff:ca:5f:e0:
35:39:93:d6:48:a7:49:1c:16:c1:2f:4a:74:53:34:
91:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:35:85:64:95:5B:8F:51:B2:EE:D9:EB:15:B8:A2:F5:A0:E9:DC:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1d:7b:2a:d7:f5:96:02:c1:76:1e:10:06:43:c8:8b:32:8f:9a:
e4:3c:d6:e4:64:47:5a:a9:95:4b:8e:75:4e:93:13:11:87:b3:
6c:84:ef:03:9b:52:a2:4c:d8:7b:8e:2a:23:bb:82:d8:69:30:
8b:b0:d2:b3:a7:ba:e5:09:e7:2a:14:b4:91:7b:a8:7c:ad:dd:
ca:ba:0d:85:dc:48:1b:95:88:2a:71:fb:09:a3:f7:f2:be:af:
13:3a:27:ef:c2:ec:59:1f:36:85:f0:3e:9b:e8:61:5f:f6:58:
7f:da:9d:ba:4f:63:4c:68:c6:cd:51:27:75:be:4d:9c:06:ba:
f0:5b:bc:5d:a2:d8:3b:df:0c:c7:81:bf:0e:b3:d6:db:0d:de:
6b:3a:3b:39:c7:6b:32:8f:f0:c9:a6:73:7f:2f:34:05:d9:d0:
4a:97:4b:f7:2f:7d:a6:fd:f1:cf:34:b2:1a:11:5a:39:02:ba:
36:b4:e8:f7:35:72:37:1f:a7:58:cb:4c:02:0e:6e:25:c1:c4:
ee:ff:a6:29:b7:09:76:2a:d3:e8:d1:af:62:d2:a8:96:81:33:
92:c2:c3:99:8b:70:2f:a7:a2:36:e1:79:dc:86:9f:c3:0c:44:
00:90:da:45:f7:12:31:2e:3a:0a:8b:9b:86:20:ac:03:99:aa:
0d:c9:c3:bf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPw4y6+mnv3Bp9sq2upKUwM2LHKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMzM3ZjU1ZjUwYzNkN2MyMjNhYTQ1NDg3MTNjYmQ2YmYyNmU1NjBmYTli
OTVlYmQ0MWViNzY5MTdmYmExZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+Xhqda2/g/vEAb1d38giXZPwyk0PTBKZ6F2WJpIHGyp1cYq1tKl+3odY1w
YWYwOPWowDlQphY3u4YR05JJF/eOg8+cgkwIGbxUV0i8cLmkuCaYMzVuCgYZp1bb
rH7jdEQzBCiXlUvYA0dbh2nwhqk8TZ4+fdZ4MQLUYtZB/Tc39JqEfMoEKGxYwm5K
GTlw+LUOs0P1XAA/jkRM4heH1xRXGHEcgxqtZyK7zWu0hgf325ows5iTLgU0R6K0
MSTnj4oMySggnOCQ92nQVpi7e/M0WOZrcpsyvqWLHotxIRdCcCd2WbKsFPsswZL/
yl/gNTmT1kinSRwWwS9KdFM0kSkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTgNYVk
lVuPUbLu2esVuKL1oOnc0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAHXsq1/WWAsF2HhAGQ8iLMo+a5DzW5GRHWqmVS451
TpMTEYezbITvA5tSokzYe44qI7uC2Gkwi7DSs6e65QnnKhS0kXuofK3dyroNhdxI
G5WIKnH7CaP38r6vEzon78LsWR82hfA+m+hhX/ZYf9qduk9jTGjGzVEndb5NnAa6
8Fu8XaLYO98Mx4G/DrPW2w3eazo7OcdrMo/wyaZzfy80BdnQSpdL9y99pv3xzzSy
GhFaOQK6NrTo9zVyNx+nWMtMAg5uJcHE7v+mKbcJdirT6NGvYtKoloEzksLDmYtw
L6eiNuF53IafwwxEAJDaRfcSMS46CoubhiCsA5mqDcnDvw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:13 2025 by rpki-client