Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: Ttc30HO+2XPl3wAvRTfuXlECaKoAVGdFHmHM2u9GYQQ=
Subject key identifier: 7D:30:8A:D1:D2:DA:54:6A:98:82:7E:D7:54:5D:B6:61:6A:92:88:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D3E12500F912AF4980E42CD42701F27CD4DCDA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Tue 18 Mar 2025 17:01:07 +0000
ROA not before: Tue 18 Mar 2025 17:01:07 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3e:12:50:0f:91:2a:f4:98:0e:42:cd:42:70:1f:27:cd:4d:cd:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 17:01:07 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fb:87:f5:4e:11:d2:e4:4b:28:3f:32:a3:12:
c9:6c:86:8c:c6:1e:21:10:ec:e8:b8:e4:8e:0b:69:
4c:62:01:07:4b:b7:a0:64:61:2f:bc:cc:14:fd:06:
67:d5:9c:b2:58:83:a3:f4:e2:bd:57:94:ba:0d:13:
f9:d2:75:bf:42:0f:45:7a:26:a7:37:6e:f7:52:7b:
38:9a:a8:e9:1b:91:b9:ca:87:b5:43:71:40:50:2f:
67:af:9d:ba:fc:d5:ef:00:3d:c4:1d:00:20:1b:c0:
ae:d1:b6:a8:8a:05:48:48:99:3a:e9:25:9c:ec:42:
d9:b6:f9:12:b4:36:87:d3:3c:1c:92:58:b2:32:71:
ee:6c:5a:62:5f:c2:f4:51:f8:29:4b:c6:6b:14:97:
a2:87:19:c2:56:8e:1c:ca:aa:8f:81:62:ba:de:b3:
bc:43:98:71:9e:c1:c8:ce:14:d7:44:5b:79:67:b0:
9f:a4:5a:cb:ae:51:55:27:e8:52:1a:b8:08:fd:7c:
20:e8:b7:57:76:a9:d5:25:36:ba:69:90:1c:a6:5a:
85:b5:a4:af:3f:e5:9b:9a:90:7b:55:25:53:4d:a9:
2b:92:01:f7:9c:f1:66:f4:4b:3e:b0:92:de:53:b3:
55:fe:33:90:48:7e:c2:d5:d0:1f:2e:25:bd:1b:e7:
1f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:30:8A:D1:D2:DA:54:6A:98:82:7E:D7:54:5D:B6:61:6A:92:88:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:f6:a1:72:df:9d:92:a8:5f:33:44:28:4b:a8:80:be:27:a2:
40:20:a5:26:1b:cb:e6:12:45:47:31:ad:2e:87:b4:34:08:c3:
1e:4b:35:80:62:2b:5e:00:7d:47:d2:84:b2:aa:23:49:70:b5:
ea:d4:6d:bb:52:11:80:7d:b2:84:fe:e2:5c:64:a2:a1:ce:0f:
e9:bc:50:e4:59:58:be:f3:83:3b:f9:83:6d:2e:20:40:5f:56:
a0:c8:e6:fe:03:d1:5f:b3:c4:cd:48:e8:33:eb:d3:a4:5f:1b:
ae:3f:f6:88:bc:f2:06:b8:76:7d:01:90:4e:d1:14:4f:f3:0a:
f3:7c:15:e5:8a:7a:1e:a4:57:a2:ec:28:a1:b8:cf:5e:d9:e4:
0c:2b:d5:76:1c:f6:2b:50:2f:3c:7a:b2:2b:75:15:31:5f:b6:
bb:7d:59:ca:c9:94:e6:36:ca:55:eb:a2:20:69:e2:e2:7d:05:
91:02:ee:de:48:fc:93:a1:93:66:ad:f6:53:6c:12:ac:78:7b:
04:40:6e:55:68:c0:94:24:e5:52:b2:94:db:9c:44:5f:25:85:
cb:49:10:2e:9e:59:34:ff:00:4e:30:49:96:94:b9:f8:23:b1:
55:86:c3:d8:06:26:2d:8b:8f:28:4b:ec:dc:3e:51:06:d5:af:
59:c1:9e:2a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTT4SUA+RKvSYDkLNQnAfJ81NzaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTgxNzAxMDdaFw0yNTA0MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2NDQ0NWY3MGU2ZmNiMzM4NDQ1YTQ3ODUwM2EzMzQxYTgxYmEzNTFmYTFi
ZTljMmFkODQyMjZiNDhiNjBlMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKT7h/VOEdLkSyg/MqMSyWyGjMYeIRDs6LjkjgtpTGIBB0u3oGRhL7zMFP0G
Z9WcsliDo/TivVeUug0T+dJ1v0IPRXompzdu91J7OJqo6RuRucqHtUNxQFAvZ6+d
uvzV7wA9xB0AIBvArtG2qIoFSEiZOuklnOxC2bb5ErQ2h9M8HJJYsjJx7mxaYl/C
9FH4KUvGaxSXoocZwlaOHMqqj4Fiut6zvEOYcZ7ByM4U10RbeWewn6Ray65RVSfo
Uhq4CP18IOi3V3ap1SU2ummQHKZahbWkrz/lm5qQe1UlU02pK5IB95zxZvRLPrCS
3lOzVf4zkEh+wtXQHy4lvRvnH5UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR9MIrR
0tpUapiCftdUXbZhapKIfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAj/ahct+dkqhfM0QoS6iAvieiQCClJhvL5hJFRzGt
Loe0NAjDHks1gGIrXgB9R9KEsqojSXC16tRtu1IRgH2yhP7iXGSioc4P6bxQ5FlY
vvODO/mDbS4gQF9WoMjm/gPRX7PEzUjoM+vTpF8brj/2iLzyBrh2fQGQTtEUT/MK
83wV5Yp6HqRXouwoobjPXtnkDCvVdhz2K1AvPHqyK3UVMV+2u31ZysmU5jbKVeui
IGni4n0FkQLu3kj8k6GTZq32U2wSrHh7BEBuVWjAlCTlUrKU25xEXyWFy0kQLp5Z
NP8ATjBJlpS5+COxVYbD2AYmLYuPKEvs3D5RBtWvWcGeKg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:26 2025 by rpki-client