Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: UCrqA+TEkc9AJcPq0SbGt2rN+hwCco7OpdWm4aecd2E=
Subject key identifier: 1F:87:C9:4E:84:95:42:BC:E4:D9:80:7D:20:9D:D9:47:49:BD:AE:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 017748768BCFCF61698AB9CB0EA995F1A2ACF901
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Tue 18 Mar 2025 17:01:00 +0000
ROA not before: Tue 18 Mar 2025 17:01:00 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:77:48:76:8b:cf:cf:61:69:8a:b9:cb:0e:a9:95:f1:a2:ac:f9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 17:01:00 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:82:aa:0b:dd:fe:ac:48:9d:c5:91:d5:3b:40:
9a:b4:5b:fb:dd:63:2d:8a:a5:4a:56:91:b7:89:1c:
e9:e4:30:6f:0b:73:6a:bb:e6:11:08:ea:1f:f1:a1:
a5:70:23:d7:4a:a2:90:12:a5:2c:23:10:86:3a:87:
8f:40:82:4c:52:ff:9b:57:af:31:48:da:ab:f3:90:
67:4f:db:6e:b3:f1:29:09:30:5f:e7:b8:62:3a:cb:
6b:5f:7c:3f:0d:68:3e:34:4e:da:1e:1b:eb:d7:e1:
60:7b:92:06:93:63:cd:9c:15:56:25:48:e6:75:af:
55:a4:fa:2b:9b:1f:8e:74:63:4b:25:b7:b0:f6:04:
c8:bb:7a:59:16:05:dc:60:d9:52:94:49:47:39:47:
17:67:8d:39:f4:0c:c2:19:90:c9:a3:32:d2:7c:a5:
83:79:fa:13:93:87:fb:11:19:7d:eb:4d:e7:49:ad:
43:0a:7a:3e:98:4a:df:0d:a9:9f:92:02:50:a7:b8:
1e:31:4d:0b:3b:e2:0d:2c:18:81:ef:f3:f4:e4:6a:
03:57:20:b6:93:a1:34:0d:6a:89:88:7e:97:ce:a7:
77:d0:20:c1:00:e2:2b:68:6b:d9:28:04:6c:eb:db:
ba:47:43:92:78:c1:b7:ab:35:aa:36:9a:ae:40:3f:
6b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:87:C9:4E:84:95:42:BC:E4:D9:80:7D:20:9D:D9:47:49:BD:AE:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
44:8f:c3:53:5e:ae:be:4b:75:52:a0:5a:93:ca:ed:2f:25:dc:
3d:69:89:95:89:a5:85:b3:29:e2:f1:8f:b1:9e:a6:f6:db:69:
52:83:46:d2:eb:bf:a7:7b:5c:8c:29:bc:de:55:08:89:97:33:
76:b3:96:37:1d:d5:2d:57:04:6e:34:91:94:b9:ab:df:04:b6:
cd:9f:72:ab:35:19:04:b5:75:44:fe:1f:80:18:28:ed:f3:a2:
09:ba:0d:89:a7:db:9a:6d:89:41:36:62:94:44:66:c5:9a:f8:
55:a6:a3:d3:9e:41:a4:0b:d9:c6:8c:84:6f:98:75:a7:97:3c:
29:fe:aa:23:ff:dd:c1:99:01:2e:a0:16:bf:25:f7:8f:49:db:
94:d2:c9:43:ac:aa:1c:34:41:90:01:90:87:30:cd:11:68:ab:
2f:46:ce:f2:a5:49:8b:f3:99:bd:87:a2:31:37:c9:0d:54:af:
dd:aa:11:f4:f3:e5:3a:e6:dc:00:cb:d6:7a:5c:d8:aa:02:4d:
af:dc:76:c7:33:a1:dd:1f:47:e4:fa:f1:c8:5d:36:38:b0:74:
7e:0c:9a:2d:32:5f:f5:0b:99:a3:49:4f:d0:6c:4a:7e:49:72:
ed:55:00:43:01:4e:7e:2e:a5:5f:bd:85:dc:92:50:61:76:ee:
a9:3d:0b:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAXdIdovPz2FpirnLDqmV8aKs+QEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTgxNzAxMDBaFw0yNTA0MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMjI0ZmFhNDMzZWRiZmU5YzIxNmM2MTFjOWM2N2I1ZjEzNzhjMWE3NDg0
ZjI4NjdmZDAwYzE3Y2E0MDhmYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqCqgvd/qxIncWR1TtAmrRb+91jLYqlSlaRt4kc6eQwbwtzarvmEQjqH/Gh
pXAj10qikBKlLCMQhjqHj0CCTFL/m1evMUjaq/OQZ0/bbrPxKQkwX+e4YjrLa198
Pw1oPjRO2h4b69fhYHuSBpNjzZwVViVI5nWvVaT6K5sfjnRjSyW3sPYEyLt6WRYF
3GDZUpRJRzlHF2eNOfQMwhmQyaMy0nylg3n6E5OH+xEZfetN50mtQwp6PphK3w2p
n5ICUKe4HjFNCzviDSwYge/z9ORqA1cgtpOhNA1qiYh+l86nd9AgwQDiK2hr2SgE
bOvbukdDknjBt6s1qjaarkA/ayMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfh8lO
hJVCvOTZgH0gndlHSb2uxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEARI/DU16uvkt1UqBak8rtLyXcPWmJlYmlhbMp4vGP
sZ6m9ttpUoNG0uu/p3tcjCm83lUIiZczdrOWNx3VLVcEbjSRlLmr3wS2zZ9yqzUZ
BLV1RP4fgBgo7fOiCboNiafbmm2JQTZilERmxZr4Vaaj055BpAvZxoyEb5h1p5c8
Kf6qI//dwZkBLqAWvyX3j0nblNLJQ6yqHDRBkAGQhzDNEWirL0bO8qVJi/OZvYei
MTfJDVSv3aoR9PPlOubcAMvWelzYqgJNr9x2xzOh3R9H5PrxyF02OLB0fgyaLTJf
9QuZo0lP0GxKfkly7VUAQwFOfi6lX72F3JJQYXbuqT0LEA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:54 2025 by rpki-client