Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1555521e-db05-4379-b959-9d437510a9b0.roa
File: 1555521e-db05-4379-b959-9d437510a9b0.roa (raw, json)
Hash identifier: F0g1x5/iZ7k25eNb9I5QDkpwGPXHVJZRjeGOWfQ4SjQ=
Subject key identifier: C5:EC:2D:AD:02:33:24:E7:B9:52:B6:6D:FE:DE:9D:65:7C:7A:F3:4C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 540DAD674999CADD5C1DCABDBA9E5E30A3F7CD94
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1555521e-db05-4379-b959-9d437510a9b0.roa
Signing time: Fri 17 Jan 2025 00:00:00 +0000
ROA not before: Fri 17 Jan 2025 00:00:00 +0000
ROA not after: Fri 21 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 198.41.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:0d:ad:67:49:99:ca:dd:5c:1d:ca:bd:ba:9e:5e:30:a3:f7:cd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 17 00:00:00 2025 GMT
Not After : Feb 21 23:59:59 2025 GMT
Subject: serialNumber=fa151e2b8ac56b8021eef28f5ea47b810f82646a139fa39aad2fbf4f5d7cf372, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1a:97:b6:ee:b5:c4:7a:03:39:e6:49:fd:24:
f1:5d:3e:ff:d7:04:63:ba:09:80:4d:69:5a:8e:89:
5a:a4:a2:1f:e2:77:f1:ca:5a:e8:f6:5d:ff:2b:f2:
f6:14:2b:06:3d:76:f9:66:42:ca:05:91:70:00:72:
57:4a:cd:dd:fd:f9:d3:be:88:e5:78:46:6b:08:eb:
5c:55:1a:71:94:03:b6:a1:66:96:bb:1d:cb:87:2e:
28:94:77:70:f8:5c:66:46:38:fc:c1:00:b8:5a:9d:
c6:72:5d:d6:db:0d:62:e5:b3:8c:17:68:31:64:14:
c0:25:89:46:80:c8:3f:2c:7c:db:ec:e9:85:19:1d:
75:00:8c:cc:f3:ea:11:99:3b:e9:12:59:f4:bb:e2:
3e:13:06:8f:4d:c6:35:d1:0a:c8:95:b5:ea:5e:1f:
91:95:12:ef:31:2d:e4:91:93:3e:c1:34:c9:3c:58:
13:9c:48:d5:d9:d2:74:be:88:f5:3a:27:ac:2d:9c:
b5:19:8a:85:3d:6b:af:8c:ce:a3:44:a3:14:10:48:
bd:fb:b9:a5:39:c1:71:c6:90:70:97:66:ba:72:a2:
6a:1f:e1:12:b9:3f:f7:d0:ab:5d:a8:fb:b2:1b:2f:
da:ab:42:9c:5c:87:e9:fd:1e:7b:49:94:65:05:65:
f6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:EC:2D:AD:02:33:24:E7:B9:52:B6:6D:FE:DE:9D:65:7C:7A:F3:4C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1555521e-db05-4379-b959-9d437510a9b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.41.96.0/19
Signature Algorithm: sha256WithRSAEncryption
76:f2:d6:7e:5b:a0:9f:06:94:d8:05:91:7f:b6:8f:13:08:af:
99:de:99:cc:9d:ca:91:28:1d:ca:b0:bc:20:3a:43:bb:5e:b6:
54:e7:a9:24:c0:b4:d6:6b:db:5c:05:15:c6:cb:a7:7e:8f:4e:
c1:ce:10:83:17:67:a9:c7:d5:5b:fd:88:f0:84:2f:c1:37:9d:
bd:b6:6a:c2:0f:22:92:b7:9b:dc:cc:73:cb:c3:36:1f:51:ef:
7d:34:13:05:e6:83:49:aa:02:8a:08:b0:0b:62:d5:86:57:58:
8a:ab:79:96:e0:4b:f4:0e:d2:c8:49:e3:f0:1d:8b:79:9c:0f:
fa:ad:26:4a:27:fd:29:24:4d:0b:07:b1:25:cc:4e:d3:42:8c:
92:7c:72:b0:74:7d:28:cd:ae:10:91:5c:24:67:35:fd:de:15:
28:d7:f0:7a:ea:60:34:1d:9d:71:4e:da:6a:c6:fa:22:dc:4c:
b4:1d:2b:a6:e1:0d:73:65:a5:6e:9c:5a:4b:a8:cb:d0:60:fa:
5c:e4:4b:b1:47:56:4a:f7:e9:b9:5c:9b:3b:49:c0:20:c5:a1:
eb:1c:7c:2a:07:d1:57:f2:c1:c8:6a:84:34:ce:d8:09:ed:b7:
10:03:12:fd:5c:11:eb:39:f9:41:75:76:aa:ae:58:9a:e8:dc:
ee:58:2f:b5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVA2tZ0mZyt1cHcq9up5eMKP3zZQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE3MDAwMDAwWhcNMjUwMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTE1MWUyYjhhYzU2YjgwMjFlZWYyOGY1ZWE0N2I4MTBm
ODI2NDZhMTM5ZmEzOWFhZDJmYmY0ZjVkN2NmMzcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwGpe27rXEegM55kn9JPFdPv/XBGO6CYBNaVqOiVqkoh/i
d/HKWuj2Xf8r8vYUKwY9dvlmQsoFkXAAcldKzd39+dO+iOV4RmsI61xVGnGUA7ah
Zpa7HcuHLiiUd3D4XGZGOPzBALhancZyXdbbDWLls4wXaDFkFMAliUaAyD8sfNvs
6YUZHXUAjMzz6hGZO+kSWfS74j4TBo9NxjXRCsiVtepeH5GVEu8xLeSRkz7BNMk8
WBOcSNXZ0nS+iPU6J6wtnLUZioU9a6+MzqNEoxQQSL37uaU5wXHGkHCXZrpyomof
4RK5P/fQq12o+7IbL9qrQpxch+n9HntJlGUFZfbvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxewtrQIzJOe5UrZt/t6dZXx680wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1NTU1MjFlLWRiMDUtNDM3OS1iOTU5LTlkNDM3NTEwYTliMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXGKWAwDQYJKoZIhvcNAQELBQADggEBAHby1n5boJ8GlNgFkX+2jxMIr5ne
mcydypEoHcqwvCA6Q7tetlTnqSTAtNZr21wFFcbLp36PTsHOEIMXZ6nH1Vv9iPCE
L8E3nb22asIPIpK3m9zMc8vDNh9R7300EwXmg0mqAooIsAti1YZXWIqreZbgS/QO
0shJ4/Adi3mcD/qtJkon/SkkTQsHsSXMTtNCjJJ8crB0fSjNrhCRXCRnNf3eFSjX
8HrqYDQdnXFO2mrG+iLcTLQdK6bhDXNlpW6cWkuoy9Bg+lzkS7FHVkr36blcmztJ
wCDFoescfCoH0VfywchqhDTO2AnttxADEv1cEes5+UF1dqquWJro3O5YL7U=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:43:12 2025 by rpki-client