Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
File: be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa (raw, json)
Hash identifier: qZGyI9pRT1xt4gJfMFOPtQSg0eCfAF76vJYgd35PrxY=
Subject key identifier: 66:81:1C:86:B5:6F:98:6A:2D:44:F6:5F:3F:5E:27:21:E7:39:28:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2325FC3F0F6E1DDE8CB9FF8B1014216076C59CEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.96.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:25:fc:3f:0f:6e:1d:de:8c:b9:ff:8b:10:14:21:60:76:c5:9c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=149dd9543c6e92b1e0ac3eee6ca6db6d0c52aae2e9e3d4440bb1a4e2b769821f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:03:45:9f:28:7a:db:da:7f:f5:55:44:ae:
e3:9f:74:a1:8a:7c:00:62:07:65:df:a4:fc:f5:da:
68:9c:c3:63:e9:0f:b4:f9:76:7b:17:ea:5a:34:89:
88:b6:70:32:07:55:a9:6a:12:65:c5:d5:1b:9b:e0:
75:e9:35:08:24:c0:c9:6e:fb:cd:5b:65:73:60:b4:
57:15:f5:fc:b2:3c:6a:0e:f2:79:4c:99:a1:5d:f9:
16:f2:bf:7f:2c:cb:ff:82:64:5e:5d:84:6a:c0:4c:
66:46:f8:5b:b4:c2:a9:75:91:f5:68:d7:18:72:5c:
ea:bc:91:81:03:eb:52:bc:b2:a3:d8:d1:27:50:f9:
d4:e0:18:ba:ba:2a:b9:74:3a:a5:cb:af:9b:a5:69:
04:e5:ee:82:af:a3:60:84:84:44:a1:e6:af:1b:34:
09:18:f7:43:da:f7:31:94:e8:90:e5:35:01:18:08:
ed:b8:50:5f:5c:9d:91:fd:3a:e1:2b:37:75:14:93:
ba:50:c3:4b:1e:2a:c4:9c:e5:dc:25:0c:59:89:4b:
e4:ab:11:59:cc:23:25:19:aa:6e:7f:fc:13:61:6b:
ce:87:4c:83:b4:15:52:bb:50:1c:b6:13:30:84:ff:
4a:d5:07:5c:80:d2:fc:90:b6:b9:ae:e5:f8:74:c0:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:81:1C:86:B5:6F:98:6A:2D:44:F6:5F:3F:5E:27:21:E7:39:28:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9f:0a:ac:29:d7:9b:4b:81:1b:82:be:4d:d1:ed:4a:4d:d6:48:
73:0d:44:42:d5:b9:70:80:4c:cf:69:3c:7e:a9:13:51:8c:9f:
e3:04:e6:8c:fb:b4:9a:a5:a1:de:ec:8b:24:f5:9c:df:f2:d3:
6b:94:bc:ae:25:02:95:e2:35:40:79:3f:f8:01:93:89:4c:4b:
85:62:b1:83:d6:3d:8e:de:68:a5:8f:80:26:0c:e2:ca:30:06:
ca:31:c3:7c:af:18:b3:70:23:9e:1f:f3:b4:59:ad:9c:9b:7f:
75:d3:53:50:6b:f7:b4:cb:7f:60:2e:ef:39:06:17:4e:8d:29:
29:af:51:9a:93:c2:00:ff:15:1b:71:d8:87:35:6e:5b:76:44:
9a:33:40:7b:9d:d1:7a:3c:ca:4d:26:ae:5d:72:8d:4c:53:9b:
99:0d:08:59:74:c4:f2:af:7a:9e:8e:c6:4c:08:17:1c:d9:38:
c1:85:6a:bd:c6:77:76:db:58:2e:52:d4:19:8f:03:12:16:ec:
14:48:29:4d:11:0d:3c:71:c1:7b:01:b9:e7:9a:2b:c3:f6:b4:
c5:13:4b:05:8e:7d:c2:6d:ed:49:6e:7f:ae:19:9b:02:0e:73:
37:58:4d:6a:3c:26:65:8d:af:49:31:de:c3:fb:49:90:eb:9d:
ba:68:1f:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIyX8Pw9uHd6Muf+LEBQhYHbFnO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0OWRkOTU0M2M2ZTkyYjFlMGFjM2VlZTZjYTZkYjZkMGM1MmFhZTJlOWUz
ZDQ0NDBiYjFhNGUyYjc2OTgyMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfcA0WfKHrb2n/1VUSu4590oYp8AGIHZd+k/PXaaJzDY+kPtPl2exfqWjSJ
iLZwMgdVqWoSZcXVG5vgdek1CCTAyW77zVtlc2C0VxX1/LI8ag7yeUyZoV35FvK/
fyzL/4JkXl2EasBMZkb4W7TCqXWR9WjXGHJc6ryRgQPrUryyo9jRJ1D51OAYuroq
uXQ6pcuvm6VpBOXugq+jYISERKHmrxs0CRj3Q9r3MZTokOU1ARgI7bhQX1ydkf06
4Ss3dRSTulDDSx4qxJzl3CUMWYlL5KsRWcwjJRmqbn/8E2FrzodMg7QVUrtQHLYT
MIT/StUHXIDS/JC2ua7l+HTA8DsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmgRyG
tW+Yai1E9l8/Xich5zkoKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2YjdjYjAtM2M1NS00YTY1LWIwMGEtNDViYzEzMTA4NjhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JYDAN
BgkqhkiG9w0BAQsFAAOCAQEAnwqsKdebS4Ebgr5N0e1KTdZIcw1EQtW5cIBMz2k8
fqkTUYyf4wTmjPu0mqWh3uyLJPWc3/LTa5S8riUCleI1QHk/+AGTiUxLhWKxg9Y9
jt5opY+AJgziyjAGyjHDfK8Ys3Ajnh/ztFmtnJt/ddNTUGv3tMt/YC7vOQYXTo0p
Ka9RmpPCAP8VG3HYhzVuW3ZEmjNAe53RejzKTSauXXKNTFObmQ0IWXTE8q96no7G
TAgXHNk4wYVqvcZ3dttYLlLUGY8DEhbsFEgpTRENPHHBewG555orw/a0xRNLBY59
wm3tSW5/rhmbAg5zN1hNajwmZY2vSTHew/tJkOudumgfsw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:14 2025 by rpki-client