Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
File: 968c7897-1d8d-4c3a-b38e-6602ae947f34.roa (raw, json)
Hash identifier: uaWOp9Iz5ItfT9tXMl0AZCn+pQ5uZm2gMMabE10KVRQ=
Subject key identifier: FF:13:00:C3:55:F0:71:C3:AE:37:D1:F1:49:F0:89:F7:37:3C:A9:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7092CFD325896111447A36AF7120E1B5926000BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
Signing time: Tue 18 Mar 2025 17:01:16 +0000
ROA not before: Tue 18 Mar 2025 17:01:16 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.208.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:92:cf:d3:25:89:61:11:44:7a:36:af:71:20:e1:b5:92:60:00:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 17:01:16 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:38:28:bd:07:c1:87:81:46:e1:cf:62:b8:98:
e6:34:cb:ce:90:74:7c:35:47:a5:72:ef:a0:92:d3:
37:d7:8d:98:92:97:d0:75:eb:91:90:0d:82:42:ad:
be:a7:ad:e3:7a:a6:d8:e1:64:b2:27:42:93:5a:5b:
fb:cc:da:4e:57:2e:6d:cf:a2:d4:bc:f1:d6:4c:af:
e6:65:23:04:7b:c6:a2:dd:87:af:5c:61:70:0a:d0:
18:87:b9:bb:29:45:41:a6:c9:7d:00:d3:03:fc:63:
09:72:7d:ed:9c:6d:df:a8:34:5c:62:51:99:ef:c0:
c8:4f:b5:cb:47:20:f3:db:71:b5:72:5c:81:46:ee:
55:07:0b:e9:6f:85:a4:1f:cc:ea:9d:06:be:dc:4b:
fd:0b:81:84:e0:e2:88:69:ea:e6:47:10:23:ad:90:
48:b0:fb:12:cb:28:9b:0e:59:a2:f8:c6:b6:c9:fb:
82:3d:97:39:b4:7e:97:50:8b:50:e0:7f:99:6d:40:
e1:21:56:f1:74:cd:84:a8:8b:49:9a:dc:bb:76:87:
e1:e2:63:89:a0:83:e7:ba:8d:c3:53:eb:c4:30:7a:
76:b1:cf:a3:df:49:98:39:68:c1:64:ef:46:e4:1b:
2d:40:3a:c0:16:59:13:21:a4:8e:4d:db:0d:ee:a7:
30:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:13:00:C3:55:F0:71:C3:AE:37:D1:F1:49:F0:89:F7:37:3C:A9:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.208.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:1d:94:b5:0a:5d:79:62:e0:a5:4a:91:30:7e:1c:53:e9:57:
91:2a:e8:1b:f0:11:ac:74:8c:b1:ad:0e:1b:02:d2:fc:a2:99:
71:3a:46:9c:6c:ba:79:c7:61:ed:ea:3a:58:3d:58:96:ab:83:
4f:8a:e2:ff:00:f1:7e:00:02:c2:01:2e:26:10:ed:0b:29:b6:
54:75:ea:23:6b:c2:ce:f9:bd:e9:72:4e:09:23:e1:f8:36:26:
14:a6:18:2c:9f:86:0c:75:81:17:5f:d9:cb:c3:39:c1:97:f6:
e6:42:73:1c:10:53:ca:39:f9:df:78:37:84:90:67:79:96:38:
c0:af:b4:17:ca:55:f3:54:cc:b2:ac:4a:36:ad:08:2f:c2:47:
70:38:17:fa:a0:ab:27:01:00:78:da:ed:5c:1e:1e:e8:2e:e8:
78:a8:a1:2e:05:cc:85:31:15:8d:fc:dd:b4:df:ee:fe:fc:e3:
9a:ba:00:70:b0:7e:28:0d:63:53:f6:99:d9:34:50:dd:df:ef:
0b:4c:f0:08:42:bc:6c:e5:a3:49:47:99:1f:0f:86:d5:99:2e:
3c:e0:bd:be:b0:17:be:de:31:50:2a:94:06:74:67:98:d5:d9:
2a:65:7c:97:59:ad:e8:5d:2d:95:d7:48:98:9e:04:d8:aa:61:
0d:2f:dd:25
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcJLP0yWJYRFEejavcSDhtZJgAL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTgxNzAxMTZaFw0yNTA0MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDllYTQ3ZTc3ZTc5YmY1MDlhMWNjMWFhMjYwNzk5ZDdiZjkzMjUyMzI4ZGY1
OTM2MzQ4MzJmMmQ2ZTcwOTcwNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOw4KL0HwYeBRuHPYriY5jTLzpB0fDVHpXLvoJLTN9eNmJKX0HXrkZANgkKt
vqet43qm2OFksidCk1pb+8zaTlcubc+i1Lzx1kyv5mUjBHvGot2Hr1xhcArQGIe5
uylFQabJfQDTA/xjCXJ97Zxt36g0XGJRme/AyE+1y0cg89txtXJcgUbuVQcL6W+F
pB/M6p0GvtxL/QuBhODiiGnq5kcQI62QSLD7Essomw5ZovjGtsn7gj2XObR+l1CL
UOB/mW1A4SFW8XTNhKiLSZrcu3aH4eJjiaCD57qNw1PrxDB6drHPo99JmDlowWTv
RuQbLUA6wBZZEyGkjk3bDe6nMAMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/EwDD
VfBxw6430fFJ8In3NzypKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY4Yzc4OTctMWQ4ZC00YzNhLWIzOGUtNjYwMmFlOTQ3ZjM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6J0DAN
BgkqhkiG9w0BAQsFAAOCAQEATh2UtQpdeWLgpUqRMH4cU+lXkSroG/ARrHSMsa0O
GwLS/KKZcTpGnGy6ecdh7eo6WD1YlquDT4ri/wDxfgACwgEuJhDtCym2VHXqI2vC
zvm96XJOCSPh+DYmFKYYLJ+GDHWBF1/Zy8M5wZf25kJzHBBTyjn533g3hJBneZY4
wK+0F8pV81TMsqxKNq0IL8JHcDgX+qCrJwEAeNrtXB4e6C7oeKihLgXMhTEVjfzd
tN/u/vzjmroAcLB+KA1jU/aZ2TRQ3d/vC0zwCEK8bOWjSUeZHw+G1ZkuPOC9vrAX
vt4xUCqUBnRnmNXZKmV8l1mt6F0tlddImJ4E2KphDS/dJQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:25 2025 by rpki-client