Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: dnoBNIIh8kctFfff6vEau2YZsTvhhhGxYweMg6e6JJU=
Subject key identifier: 2B:E2:CB:84:08:1B:2D:15:7B:DE:D4:47:7F:DA:DE:20:32:9D:66:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FA8EBAB52EB1733B48DBE3DE564D576900C6E06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:a8:eb:ab:52:eb:17:33:b4:8d:be:3d:e5:64:d5:76:90:0c:6e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=5b8665f4569d5136f9635f3c02d09d4713e83d3acc4773ac090b41b2f10cf73b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:41:22:d0:67:b9:2a:97:2e:51:2b:e1:d1:a5:
95:d1:2a:73:8a:1b:50:29:e8:b6:b2:3f:5d:97:37:
71:09:9a:eb:38:63:cc:1c:e8:62:96:c0:e8:a5:aa:
93:d8:a1:2e:f4:05:e1:3d:98:ab:c3:50:9f:e1:ad:
3f:14:03:2e:8d:32:e1:83:37:0e:60:31:58:85:3f:
ae:dc:14:5a:30:1e:3a:0c:b2:52:4f:ab:0e:43:2b:
79:6f:d5:54:e8:0c:53:98:3b:f1:2c:e0:78:f8:86:
3a:e9:47:93:39:d0:63:df:bd:3b:a3:8d:a6:ee:a3:
11:fc:e3:88:12:89:0d:19:4a:53:ce:af:44:dd:a7:
13:6f:e0:f1:86:d2:af:8a:61:14:27:f9:c7:c3:44:
54:d8:1c:83:20:5a:fa:68:f0:64:f3:e2:f3:9a:ea:
a5:d1:ce:35:d9:78:8d:f1:cc:c8:5c:bd:85:ca:c9:
32:8f:ef:28:83:7d:c0:ec:80:c7:b8:de:77:82:3d:
fc:38:20:da:9a:36:95:63:50:13:3a:fe:25:a8:14:
76:61:4d:10:45:cb:3a:e7:a6:42:43:33:f0:7e:02:
d7:23:21:94:f9:63:96:dd:94:d1:27:f5:ee:48:5d:
85:3d:3d:d8:e1:7f:18:f0:dc:48:0b:b2:29:fa:cd:
49:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E2:CB:84:08:1B:2D:15:7B:DE:D4:47:7F:DA:DE:20:32:9D:66:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:3b:df:fc:f6:4e:30:24:a3:07:80:c7:26:3c:92:5c:a0:e8:
1d:ab:43:62:0d:04:e2:e2:61:63:02:dc:ef:da:1d:d7:c1:10:
01:06:7c:ff:9e:2a:c4:d0:8a:6c:50:a7:d3:57:fc:ba:ea:af:
16:f4:f6:cc:41:be:02:52:c8:48:dd:df:84:aa:f7:2d:02:6a:
48:3e:55:a8:23:d4:c4:02:6d:be:b3:ae:42:3a:6b:12:8e:62:
04:f4:d6:a7:72:97:21:29:3f:b7:16:8d:9f:7c:6d:ab:a1:87:
90:63:0c:15:30:45:cd:bd:a8:6b:10:9f:44:25:34:8d:b2:91:
05:80:cd:19:93:3f:b7:a4:a3:70:d0:f4:36:3b:07:88:7c:d0:
2c:67:6d:99:e2:a9:da:ea:c9:81:cc:96:cf:b6:cd:dd:1f:a1:
a6:ea:29:18:df:3c:41:09:de:c7:a7:23:c9:75:62:e0:12:92:
c3:74:3b:cc:7b:29:76:7c:94:e5:ca:ec:a2:e1:c7:e9:59:5c:
57:9e:c2:02:bf:2b:48:97:3c:25:69:13:90:38:73:1b:1b:cd:
56:8c:61:ac:65:b5:9c:8c:bd:aa:96:6d:40:b6:c7:44:af:19:
f0:bc:a2:d8:39:8c:8e:61:d6:ee:17:6c:a9:38:54:cc:04:7f:
89:75:3a:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUT6jrq1LrFzO0jb495WTVdpAMbgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDViODY2NWY0NTY5ZDUxMzZmOTYzNWYzYzAyZDA5ZDQ3MTNlODNkM2FjYzQ3
NzNhYzA5MGI0MWIyZjEwY2Y3M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBBItBnuSqXLlEr4dGlldEqc4obUCnotrI/XZc3cQma6zhjzBzoYpbA6KWq
k9ihLvQF4T2Yq8NQn+GtPxQDLo0y4YM3DmAxWIU/rtwUWjAeOgyyUk+rDkMreW/V
VOgMU5g78SzgePiGOulHkznQY9+9O6ONpu6jEfzjiBKJDRlKU86vRN2nE2/g8YbS
r4phFCf5x8NEVNgcgyBa+mjwZPPi85rqpdHONdl4jfHMyFy9hcrJMo/vKIN9wOyA
x7jed4I9/Dgg2po2lWNQEzr+JagUdmFNEEXLOuemQkMz8H4C1yMhlPljlt2U0Sf1
7khdhT092OF/GPDcSAuyKfrNSWkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQr4suE
CBstFXve1Ed/2t4gMp1mIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEADTvf/PZOMCSjB4DHJjySXKDoHatDYg0E4uJhYwLc
79od18EQAQZ8/54qxNCKbFCn01f8uuqvFvT2zEG+AlLISN3fhKr3LQJqSD5VqCPU
xAJtvrOuQjprEo5iBPTWp3KXISk/txaNn3xtq6GHkGMMFTBFzb2oaxCfRCU0jbKR
BYDNGZM/t6SjcND0NjsHiHzQLGdtmeKp2urJgcyWz7bN3R+hpuopGN88QQnex6cj
yXVi4BKSw3Q7zHspdnyU5crsouHH6VlcV57CAr8rSJc8JWkTkDhzGxvNVoxhrGW1
nIy9qpZtQLbHRK8Z8Lyi2DmMjmHW7hdsqThUzAR/iXU6+Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:26:36 2025 by rpki-client