Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/01f952b9-928c-45fc-acec-2723c9b5a654.roa
File: 01f952b9-928c-45fc-acec-2723c9b5a654.roa (raw, json)
Hash identifier: z7b304jzVqBU2QU+HMHJcTLJGejZLFoT06n1XLG99aY=
Subject key identifier: AC:5C:07:B8:68:CB:F0:70:E6:25:2F:E9:38:27:BA:DD:3D:76:B2:9E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3B0DCB5F264FEF933E5ED23633D72EA96A75F448
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/01f952b9-928c-45fc-acec-2723c9b5a654.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 198.14.0.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:0d:cb:5f:26:4f:ef:93:3e:5e:d2:36:33:d7:2e:a9:6a:75:f4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=e4cc6d6590cf07c07b94d543cafacde772abb784a3ae871cd7509ff735947532, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:45:56:d0:47:a7:10:8c:b0:89:2e:0b:fa:
91:62:77:6e:c7:fe:2e:01:af:72:a0:20:16:16:88:
bd:8a:82:0b:72:7d:5c:3e:68:de:39:79:b4:2c:d9:
7d:31:1d:f2:27:93:97:90:70:ed:4d:08:c1:2b:e6:
01:62:27:2f:19:b2:52:41:ed:c7:db:0f:a7:5a:96:
9a:7e:28:8d:f2:f6:8a:de:ce:f7:fb:3d:22:c8:5b:
ca:53:41:e9:09:b3:f2:2b:41:63:64:d6:92:38:68:
f8:19:ba:59:c2:5f:3e:e9:fe:ee:b8:06:85:5a:20:
be:7b:0e:86:5f:ba:11:0f:07:91:96:ac:97:8d:6c:
cd:c9:42:8b:46:c6:7c:dc:94:76:8d:b7:2b:e6:54:
47:86:1f:61:24:6b:3a:fb:17:d0:0d:c7:e7:9e:35:
2e:24:6f:8c:95:29:36:dd:89:ae:fc:a9:90:91:d8:
3c:f7:d8:16:2f:59:75:1e:ca:ee:4b:42:32:ca:c0:
d4:98:d2:cc:e5:63:40:02:18:30:5e:bf:ac:29:0f:
e7:4b:a3:a3:7e:29:0a:07:00:19:6b:b6:49:4a:36:
dc:ca:6d:af:13:1a:06:5d:12:2e:e1:2d:46:3a:3f:
36:ab:7a:5a:30:b2:23:7f:1a:e2:97:ed:51:a6:e6:
00:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5C:07:B8:68:CB:F0:70:E6:25:2F:E9:38:27:BA:DD:3D:76:B2:9E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/01f952b9-928c-45fc-acec-2723c9b5a654.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.14.0.0/20
Signature Algorithm: sha256WithRSAEncryption
13:f0:75:f9:fd:8b:27:60:5e:05:ff:ad:7a:8c:07:9a:c5:64:
d0:f4:b1:a2:39:0a:3a:f8:69:9a:52:10:ee:3c:bc:01:e4:02:
40:7e:57:a2:16:46:24:2f:78:1f:d6:51:9c:fc:fc:8a:9b:9e:
76:81:45:05:b1:64:9f:f3:9f:e9:13:55:c4:78:e5:26:fb:6c:
32:52:0b:9f:20:2d:57:bd:a7:3a:ea:10:6e:c2:30:ad:b6:63:
10:26:54:0a:5e:65:c3:4d:7d:e1:9c:5a:e0:bd:53:f1:ff:63:
63:fe:16:14:ed:37:74:f3:8e:96:87:db:93:fe:f8:e7:71:06:
21:fb:fa:b5:e6:29:fc:f9:f0:35:de:ba:db:59:e8:2a:f6:ef:
89:95:4b:6a:9d:92:02:cd:dc:8a:87:d5:ef:ce:3b:43:37:b4:
06:b8:00:f7:b0:83:c2:25:ae:47:ad:8e:ec:ec:27:9f:01:34:
c8:bd:1d:c5:72:db:88:e8:7c:f9:b0:c5:96:bd:71:eb:9c:7b:
1a:3e:41:e2:c9:d3:0c:bf:09:19:fd:a5:1d:14:f2:cb:0f:0c:
d4:49:65:f1:45:7c:0c:2d:5d:7c:32:35:5e:96:8d:26:87:ac:
4c:db:d6:c8:88:88:75:55:46:3c:b2:83:d6:06:d4:32:44:ee:
92:46:fc:47
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOw3LXyZP75M+XtI2M9cuqWp19EgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNGNjNmQ2NTkwY2YwN2MwN2I5NGQ1NDNjYWZhY2RlNzcy
YWJiNzg0YTNhZTg3MWNkNzUwOWZmNzM1OTQ3NTMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs0kVW0EenEIywiS4L+pFid27H/i4Br3KgIBYWiL2Kggty
fVw+aN45ebQs2X0xHfInk5eQcO1NCMEr5gFiJy8ZslJB7cfbD6dalpp+KI3y9ore
zvf7PSLIW8pTQekJs/IrQWNk1pI4aPgZulnCXz7p/u64BoVaIL57DoZfuhEPB5GW
rJeNbM3JQotGxnzclHaNtyvmVEeGH2Ekazr7F9ANx+eeNS4kb4yVKTbdia78qZCR
2Dz32BYvWXUeyu5LQjLKwNSY0szlY0ACGDBev6wpD+dLo6N+KQoHABlrtklKNtzK
ba8TGgZdEi7hLUY6PzarelowsiN/GuKX7VGm5gC9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrFwHuGjL8HDmJS/pOCe63T12sp4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAxZjk1MmI5LTkyOGMtNDVmYy1hY2VjLTI3MjNjOWI1YTY1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATGDgAwDQYJKoZIhvcNAQELBQADggEBABPwdfn9iydgXgX/rXqMB5rFZND0
saI5Cjr4aZpSEO48vAHkAkB+V6IWRiQveB/WUZz8/IqbnnaBRQWxZJ/zn+kTVcR4
5Sb7bDJSC58gLVe9pzrqEG7CMK22YxAmVApeZcNNfeGcWuC9U/H/Y2P+FhTtN3Tz
jpaH25P++OdxBiH7+rXmKfz58DXeuttZ6Cr274mVS2qdkgLN3IqH1e/OO0M3tAa4
APewg8IlrketjuzsJ58BNMi9HcVy24jofPmwxZa9ceucexo+QeLJ0wy/CRn9pR0U
8ssPDNRJZfFFfAwtXXwyNV6WjSaHrEzb1siIiHVVRjyyg9YG1DJE7pJG/Ec=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:24:13 2025 by rpki-client