Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: R7PbMMf4fu91UvSJUvfMit6bse2fhjunlT5j6e01Rrk=
Subject key identifier: 30:1A:17:91:DA:74:50:1B:B0:30:1E:8C:D9:1B:30:4B:3F:2E:83:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E15D7E3C26F60E3207939BA657A252DCFA8C1B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Tue 18 Mar 2025 17:00:22 +0000
ROA not before: Tue 18 Mar 2025 17:00:22 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:15:d7:e3:c2:6f:60:e3:20:79:39:ba:65:7a:25:2d:cf:a8:c1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 17:00:22 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2f:f3:f1:bd:9c:9b:6e:cd:a5:ed:12:d9:0e:
d8:3b:34:65:9d:d0:85:eb:7f:e6:ad:79:99:fa:b8:
f3:71:07:68:a3:da:93:13:64:43:e6:1a:e7:80:fe:
ad:26:d7:46:08:a8:5f:e3:74:4c:d8:c8:41:20:1f:
25:f0:23:95:f9:a7:26:85:b6:56:73:d5:f4:62:0c:
18:77:42:f7:db:9e:da:d3:67:99:58:95:b9:00:7e:
88:af:47:01:af:9f:09:6d:73:87:ab:56:5e:e2:38:
00:0c:88:21:d9:2a:ff:55:9e:ed:1d:57:87:21:91:
4e:47:34:dd:28:0f:3a:0c:9d:21:b5:4c:d6:cc:c1:
65:42:0c:0f:64:9e:34:44:06:8b:0b:dc:0e:ab:c0:
17:06:12:b8:7d:b8:a9:0c:6b:45:8b:1d:0b:61:73:
2f:b9:0f:56:9a:6d:3c:85:5e:10:54:86:e1:fb:88:
cd:e5:f1:c7:35:4f:01:6b:e5:6c:d1:ac:9d:cd:26:
ae:cb:11:31:58:22:22:e5:60:d3:2f:75:7b:30:48:
a0:19:d4:96:18:44:42:f8:66:8b:32:62:4e:b3:a2:
0e:bf:eb:26:6f:5f:2c:d2:49:0c:f1:0e:dc:47:98:
31:13:24:40:05:46:67:79:8b:5d:f7:aa:ec:d5:c5:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1A:17:91:DA:74:50:1B:B0:30:1E:8C:D9:1B:30:4B:3F:2E:83:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
80:56:b2:09:5d:96:81:ea:69:94:53:bf:bc:b8:d2:5f:a3:5c:
db:a8:33:dc:2b:12:c6:19:3b:c3:ac:d8:d7:db:9d:a1:75:58:
68:f2:18:70:fc:67:2f:a5:a0:ac:0e:d5:5f:6b:94:04:b0:24:
ef:27:cd:b5:67:18:d5:e9:97:02:7b:60:17:7c:fa:5a:d4:c6:
c2:c9:9a:b6:cc:a9:c9:40:fb:58:75:21:5f:5c:3b:4b:12:97:
69:c3:49:0c:6c:77:4c:af:bb:37:a5:4e:7b:ca:33:78:5e:e7:
3d:f1:c2:3d:62:68:b2:a2:21:36:6c:40:5a:83:12:ce:a4:68:
d8:30:0a:8e:ca:f5:5d:c3:03:3a:25:4a:18:88:30:e0:b8:20:
c0:10:2b:05:e1:30:03:42:35:35:5c:7a:b9:36:83:01:99:6a:
8f:46:5d:70:a4:f6:47:84:fe:22:20:92:f7:f9:7f:00:23:7c:
fc:4e:13:c6:c8:c2:73:f5:98:47:48:cf:01:10:8d:a8:69:31:
09:fd:e1:d8:74:4c:f8:31:62:49:75:30:d5:14:a6:a0:05:2b:
55:6f:3e:f3:0b:21:09:4d:35:73:5e:5d:17:5f:20:ea:ed:0e:
f4:9e:1b:b2:ef:3c:f2:34:d5:66:68:45:a5:74:8a:e8:dd:1a:
7a:3c:03:45
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDhXX48JvYOMgeTm6ZXolLc+owbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMTgxNzAwMjJaFw0yNTA0MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiODZjYzMwYWQyZDc1MDU0MmUzOTE1Zjg0N2QwZWYyYjQ1YzJjZjBmZjI0
ZDljNzcxM2IzNTY2NDdjZjQ5ZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEv8/G9nJtuzaXtEtkO2Ds0ZZ3Qhet/5q15mfq483EHaKPakxNkQ+Ya54D+
rSbXRgioX+N0TNjIQSAfJfAjlfmnJoW2VnPV9GIMGHdC99ue2tNnmViVuQB+iK9H
Aa+fCW1zh6tWXuI4AAyIIdkq/1We7R1XhyGRTkc03SgPOgydIbVM1szBZUIMD2Se
NEQGiwvcDqvAFwYSuH24qQxrRYsdC2FzL7kPVpptPIVeEFSG4fuIzeXxxzVPAWvl
bNGsnc0mrssRMVgiIuVg0y91ezBIoBnUlhhEQvhmizJiTrOiDr/rJm9fLNJJDPEO
3EeYMRMkQAVGZ3mLXfeq7NXFkEUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwGheR
2nRQG7AwHozZGzBLPy6DzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgFayCV2WgepplFO/vLjSX6Nc26gz3CsSxhk7w6zY
19udoXVYaPIYcPxnL6WgrA7VX2uUBLAk7yfNtWcY1emXAntgF3z6WtTGwsmatsyp
yUD7WHUhX1w7SxKXacNJDGx3TK+7N6VOe8ozeF7nPfHCPWJosqIhNmxAWoMSzqRo
2DAKjsr1XcMDOiVKGIgw4LggwBArBeEwA0I1NVx6uTaDAZlqj0ZdcKT2R4T+IiCS
9/l/ACN8/E4TxsjCc/WYR0jPARCNqGkxCf3h2HRM+DFiSXUw1RSmoAUrVW8+8wsh
CU01c15dF18g6u0O9J4bsu888jTVZmhFpXSK6N0aejwDRQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:47 2025 by rpki-client