Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: 9czGbKf6btJgBRTtbHu10qDA6tHORF/NRNuen/neoyw=
Subject key identifier: 3D:65:68:1F:41:75:8C:1E:B9:90:3E:16:CE:6E:B6:7F:30:AA:19:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42EA80D9781BFC7A7710B479CB8D939DCEE00CDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Tue 18 Mar 2025 17:00:26 +0000
ROA not before: Tue 18 Mar 2025 17:00:26 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:ea:80:d9:78:1b:fc:7a:77:10:b4:79:cb:8d:93:9d:ce:e0:0c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 17:00:26 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bb:79:e3:9a:08:4e:e0:f4:15:25:c5:ec:e2:
f2:5c:b2:86:9e:38:8f:1c:9d:fe:31:69:f5:2c:8c:
29:c7:83:dd:e7:78:c4:54:e9:2c:10:d5:20:9f:11:
10:79:d1:32:66:03:5a:2f:57:03:1c:c1:84:58:e3:
d1:69:9e:ea:04:68:82:df:4e:96:fd:36:98:97:80:
f6:7d:61:04:c6:cf:0e:ae:d5:43:d7:0e:fb:81:f4:
ee:5a:5d:42:df:a1:d3:9c:79:0f:f8:73:e0:2f:fb:
ea:e3:80:75:4d:bb:28:ec:4f:45:80:1f:1d:f1:2a:
ae:3b:65:8a:64:d9:33:19:ce:7e:34:0f:18:b6:71:
2d:37:49:0f:30:66:a4:22:6d:c1:30:8b:58:a1:07:
82:ca:c0:8c:85:b5:7a:57:d3:29:62:fa:8e:95:6a:
3f:9c:3e:66:51:83:bb:d0:69:c8:c4:4b:62:07:38:
ac:ac:f2:89:7f:ad:92:38:7b:68:e4:dd:53:48:21:
f1:16:d1:10:99:27:f1:c5:76:66:ce:50:1b:27:2d:
35:e4:f2:e9:59:0d:ad:3b:01:45:4a:c0:b5:ee:2f:
07:da:e8:27:d2:42:a6:45:58:f8:ea:32:48:c6:7f:
19:7f:3d:e4:50:5e:dd:70:9c:53:9b:52:9f:47:51:
66:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:65:68:1F:41:75:8C:1E:B9:90:3E:16:CE:6E:B6:7F:30:AA:19:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:19:fe:25:8a:a0:b4:ca:ab:5b:c2:58:65:74:82:1d:c8:d7:
42:e3:2b:36:f5:c2:7e:60:e2:b6:ba:ea:ca:2a:6b:22:50:61:
13:6a:9e:2b:2b:2c:b1:97:a8:61:6b:40:85:af:fd:6e:9d:97:
26:99:d6:34:da:35:ac:36:c5:8a:e0:84:c3:0f:03:e3:6a:f1:
d9:b7:2e:e1:fa:e2:ea:a9:d9:b1:3c:4d:48:d7:54:d2:eb:04:
db:da:c2:3b:e5:86:43:cb:d1:d9:ac:0d:dc:51:ee:8b:28:c4:
b0:a5:34:fb:14:18:84:1b:5b:51:1c:6b:6c:f7:e3:16:bf:b4:
20:09:0c:6c:c6:79:eb:3c:ed:41:42:f2:8e:98:55:5d:e9:4e:
2b:6e:d9:5f:5b:ce:e5:6c:25:de:44:58:a1:8f:90:21:00:2b:
f0:cd:90:3b:71:b7:f8:bd:96:78:0f:de:de:40:64:d5:1d:3a:
8a:87:fb:a5:fa:bd:96:56:fe:6a:e5:aa:28:4a:60:3f:55:e6:
f4:8b:ce:00:e4:bb:b5:48:50:cc:06:90:7f:c6:2f:87:67:0b:
92:31:21:39:9d:95:53:9b:ac:88:55:d4:59:02:57:0e:74:5c:
93:02:52:16:de:63:bd:77:ab:bb:ac:37:a1:6c:aa:03:2e:ac:
9c:aa:38:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQuqA2Xgb/Hp3ELR5y42Tnc7gDNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTgxNzAwMjZaFw0yNTA0MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1YThlNTQzNDZkNjNlYTRmY2Q0YWQzYjhmMDdmODliMzBmMzM5MDE4ZWIz
NGFhNTgwMGJhNWUzMjc4OGQ3OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANa7eeOaCE7g9BUlxezi8lyyhp44jxyd/jFp9SyMKceD3ed4xFTpLBDVIJ8R
EHnRMmYDWi9XAxzBhFjj0Wme6gRogt9Olv02mJeA9n1hBMbPDq7VQ9cO+4H07lpd
Qt+h05x5D/hz4C/76uOAdU27KOxPRYAfHfEqrjtlimTZMxnOfjQPGLZxLTdJDzBm
pCJtwTCLWKEHgsrAjIW1elfTKWL6jpVqP5w+ZlGDu9BpyMRLYgc4rKzyiX+tkjh7
aOTdU0gh8RbREJkn8cV2Zs5QGyctNeTy6VkNrTsBRUrAte4vB9roJ9JCpkVY+Ooy
SMZ/GX895FBe3XCcU5tSn0dRZq0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9ZWgf
QXWMHrmQPhbObrZ/MKoZZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAoxn+JYqgtMqrW8JYZXSCHcjXQuMrNvXCfmDitrrq
yiprIlBhE2qeKysssZeoYWtAha/9bp2XJpnWNNo1rDbFiuCEww8D42rx2bcu4fri
6qnZsTxNSNdU0usE29rCO+WGQ8vR2awN3FHuiyjEsKU0+xQYhBtbURxrbPfjFr+0
IAkMbMZ56zztQULyjphVXelOK27ZX1vO5Wwl3kRYoY+QIQAr8M2QO3G3+L2WeA/e
3kBk1R06iof7pfq9llb+auWqKEpgP1Xm9IvOAOS7tUhQzAaQf8Yvh2cLkjEhOZ2V
U5usiFXUWQJXDnRckwJSFt5jvXeru6w3oWyqAy6snKo41g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:54 2025 by rpki-client