Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: dlAYZIzyuWiiTvmOTZHrhkJvtFS8j4bhC15BNubQ6UE=
Subject key identifier: 98:7B:55:D7:2C:5B:B4:01:BE:CB:55:FF:FB:28:96:6C:3A:2C:AF:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 421FFC8215E254349B8EF40AF521550FF67BF5A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1f:fc:82:15:e2:54:34:9b:8e:f4:0a:f5:21:55:0f:f6:7b:f5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=db4bb9d395b9f1505e39330990f79de23e29efd92e5db9ba63c9450cace1b81c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:64:48:eb:a7:fa:00:4a:5b:7b:e1:74:47:ff:
15:3c:02:a5:08:55:f5:fc:30:fc:c3:b6:b8:69:b1:
d4:ed:b4:05:d6:81:4e:de:04:1d:7f:a0:9d:05:b8:
db:c7:aa:40:a4:f9:88:2c:32:72:fe:14:5f:7a:b7:
95:15:e0:46:18:ba:f9:fa:cc:b8:3c:07:b9:31:e7:
8b:4d:2c:74:e7:b8:e5:96:91:07:6f:a4:63:80:54:
87:9d:9e:8a:3a:a5:08:9c:bd:00:5b:56:a6:ef:d4:
28:a3:3f:f0:14:c2:10:6d:2d:64:22:ea:79:22:cf:
fe:1c:35:d3:6e:f9:9e:c1:88:86:4a:a6:2d:ef:00:
e7:58:69:37:c7:2c:0b:51:56:f8:2f:53:23:bf:fb:
d7:c4:e9:aa:c3:77:8b:0a:fd:84:1a:ca:e6:29:fd:
bf:ac:08:41:86:61:36:db:98:08:fe:a7:d0:31:b9:
18:19:68:8b:df:a1:c9:d4:10:9a:d7:f5:7d:95:52:
94:2a:30:8e:98:7b:83:cb:da:bf:00:a8:a7:65:0e:
4c:b7:75:2e:1b:e5:6e:cf:b6:b3:d8:96:58:bd:a5:
4c:2a:12:ea:35:c3:ed:d6:3e:42:77:54:d2:b6:30:
ea:31:be:83:45:2c:53:9d:c4:08:d1:08:d5:a7:03:
95:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:7B:55:D7:2C:5B:B4:01:BE:CB:55:FF:FB:28:96:6C:3A:2C:AF:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
02:1a:19:23:98:ab:84:ef:e0:b0:dc:b9:95:32:af:8d:de:93:
f8:26:88:d2:e2:fc:22:d1:94:68:52:2e:f9:66:35:e6:15:66:
8c:6b:b4:a1:cf:bb:a6:e7:94:08:63:6b:fd:a4:50:24:1c:15:
65:bb:c3:34:d9:2f:74:63:ee:04:76:4a:bc:ce:8b:c1:38:cb:
83:2b:ee:be:87:3c:f0:97:29:13:f3:93:bc:28:8d:8c:61:b7:
fb:7c:0f:dd:01:d4:4e:0a:d9:d4:e3:3a:b5:13:5d:34:cd:71:
71:64:ef:04:d6:74:2e:99:4c:f0:08:cc:2d:e4:33:a8:db:19:
3f:8d:ec:9e:ed:34:10:d9:83:d6:cc:5a:be:8d:21:6a:48:82:
4a:4a:76:f8:b5:e8:a1:37:a8:16:47:9f:a1:c5:bc:b8:2e:b8:
f6:6b:66:c4:ee:33:3e:31:c9:36:cb:81:e7:d5:de:16:65:d6:
b2:40:54:82:54:89:b0:7d:7c:bb:0c:b5:e3:7a:75:33:d0:ea:
4f:5a:00:b5:64:2b:1e:bd:75:ce:b1:b4:e8:80:c0:2d:e8:a7:
8b:0a:16:59:06:10:5e:c4:e7:89:74:57:38:81:28:0e:99:e0:
5e:ce:a8:bc:cf:d9:06:c8:69:c0:cb:03:fd:16:10:56:50:78:
67:6a:7f:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQh/8ghXiVDSbjvQK9SFVD/Z79aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNGJiOWQzOTViOWYxNTA1ZTM5MzMwOTkwZjc5ZGUyM2UyOWVmZDkyZTVk
YjliYTYzYzk0NTBjYWNlMWI4MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpkSOun+gBKW3vhdEf/FTwCpQhV9fww/MO2uGmx1O20BdaBTt4EHX+gnQW4
28eqQKT5iCwycv4UX3q3lRXgRhi6+frMuDwHuTHni00sdOe45ZaRB2+kY4BUh52e
ijqlCJy9AFtWpu/UKKM/8BTCEG0tZCLqeSLP/hw10275nsGIhkqmLe8A51hpN8cs
C1FW+C9TI7/718TpqsN3iwr9hBrK5in9v6wIQYZhNtuYCP6n0DG5GBloi9+hydQQ
mtf1fZVSlCowjph7g8vavwCop2UOTLd1Lhvlbs+2s9iWWL2lTCoS6jXD7dY+QndU
0rYw6jG+g0UsU53ECNEI1acDlSMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSYe1XX
LFu0Ab7LVf/7KJZsOiyv/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAhoZI5irhO/gsNy5lTKvjd6T+CaI0uL8ItGUaFIu
+WY15hVmjGu0oc+7pueUCGNr/aRQJBwVZbvDNNkvdGPuBHZKvM6LwTjLgyvuvoc8
8JcpE/OTvCiNjGG3+3wP3QHUTgrZ1OM6tRNdNM1xcWTvBNZ0LplM8AjMLeQzqNsZ
P43snu00ENmD1sxavo0hakiCSkp2+LXooTeoFkefocW8uC649mtmxO4zPjHJNsuB
59XeFmXWskBUglSJsH18uwy143p1M9DqT1oAtWQrHr11zrG06IDALeiniwoWWQYQ
XsTniXRXOIEoDpngXs6ovM/ZBshpwMsD/RYQVlB4Z2p/+Q==
-----END CERTIFICATE-----
Generated at Fri May 2 15:37:11 2025 by rpki-client