Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2bc09a37-792a-4229-8e6d-d65c78aef45e.roa
File: 2bc09a37-792a-4229-8e6d-d65c78aef45e.roa (raw, json)
Hash identifier: dubyjH1JyN2O37g38emo9zC0xt2y0vSXFfwy5IFRD7A=
Subject key identifier: 21:4D:99:B5:12:C8:0E:23:6A:B8:61:14:DC:A4:05:02:49:71:DE:65
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6C7F9726CDC674B27F8456D36BF14F0A1208CB35
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2bc09a37-792a-4229-8e6d-d65c78aef45e.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 75.3.0.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:7f:97:26:cd:c6:74:b2:7f:84:56:d3:6b:f1:4f:0a:12:08:cb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=9c9ba0500c82d9206a731b04405dd6d8d59396f0316fdd60dd649165aa902361, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:b2:4a:ad:e1:8b:4f:7c:07:8c:03:fb:8e:
27:f3:9f:0d:38:73:78:f7:dd:de:1a:20:75:8c:7c:
bd:c0:c6:89:5f:b1:14:92:5d:59:14:dd:38:c6:29:
bb:32:b6:d0:76:b0:bb:35:bb:14:20:c1:0c:de:c8:
15:4a:8a:d8:17:73:cb:47:b1:2e:5a:a6:35:e3:1e:
4c:93:70:d3:1d:b5:25:10:7d:76:96:a0:6c:b2:f4:
71:38:87:39:3c:f9:1c:b2:62:8d:8c:65:33:fe:cc:
92:59:55:2a:ea:dc:d8:56:ca:8b:ab:33:5e:70:3a:
26:a8:bd:f5:c4:0f:65:9a:fe:9b:f9:82:59:69:5b:
e6:a0:4a:0f:18:f5:a8:b6:e2:62:0e:82:57:21:e5:
63:49:4e:ef:0e:18:64:a6:93:11:ee:b2:61:83:62:
d5:8b:1e:03:67:4b:23:d8:22:f1:05:2e:6c:70:08:
38:54:d8:a1:b1:0e:25:cc:0d:02:e7:f1:2c:ee:4a:
4c:7a:fe:4d:6d:f8:66:80:42:a2:e6:82:e8:2c:45:
fa:b1:19:5a:25:79:f1:23:42:19:88:3d:d3:4d:32:
1d:a7:06:44:cb:af:e0:a8:63:d0:d0:7f:ef:b5:9b:
20:7f:0b:f9:c5:2d:85:ee:c1:42:cf:fe:c1:51:38:
1f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4D:99:B5:12:C8:0E:23:6A:B8:61:14:DC:A4:05:02:49:71:DE:65
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2bc09a37-792a-4229-8e6d-d65c78aef45e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
75.3.0.0/18
Signature Algorithm: sha256WithRSAEncryption
8e:de:2e:50:49:02:a5:bf:0a:9c:7c:db:38:21:07:e7:f1:65:
8e:51:b9:60:d2:7a:3d:bc:2f:13:da:78:7c:61:ff:cb:d0:9b:
d4:0e:c1:5a:f4:71:7e:de:a6:1c:2e:ca:6f:36:40:58:10:78:
57:97:0b:f6:5e:f7:69:2c:6e:2a:d5:63:ae:9f:45:da:29:59:
d5:90:0b:31:5a:35:12:a3:9b:af:ac:8d:c2:8e:b6:6e:90:ff:
9a:22:e4:64:4c:7d:1a:d5:b6:c8:b6:7a:2e:20:e0:b8:9f:55:
e9:31:a3:1e:ce:f7:78:88:f7:7b:cf:e6:3b:db:d4:eb:b6:ef:
0d:15:83:a8:da:da:c2:76:25:6f:11:78:8d:5f:f9:11:65:0f:
38:8e:6c:00:32:61:88:4a:6b:23:f5:05:11:72:22:94:3c:55:
09:71:1b:ba:98:3a:44:6f:06:20:d7:04:29:ff:ef:b7:47:20:
d9:c6:87:6a:78:d1:b4:92:53:0b:44:5e:9a:e1:60:df:6f:a0:
0a:37:80:44:8d:8f:51:d9:ef:f1:f3:fb:e8:fb:2f:f3:ce:09:
e4:c2:d6:f1:2b:28:65:66:ed:eb:1e:6d:8b:d5:80:19:76:ef:
19:54:0d:2b:e4:94:9e:99:52:d9:9f:1b:bb:82:ea:9b:23:d7:
ec:ee:0d:55
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbH+XJs3GdLJ/hFbTa/FPChIIyzUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzliYTA1MDBjODJkOTIwNmE3MzFiMDQ0MDVkZDZkOGQ1
OTM5NmYwMzE2ZmRkNjBkZDY0OTE2NWFhOTAyMzYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeOLJKreGLT3wHjAP7jifznw04c3j33d4aIHWMfL3Axolf
sRSSXVkU3TjGKbsyttB2sLs1uxQgwQzeyBVKitgXc8tHsS5apjXjHkyTcNMdtSUQ
fXaWoGyy9HE4hzk8+RyyYo2MZTP+zJJZVSrq3NhWyourM15wOiaovfXED2Wa/pv5
gllpW+agSg8Y9ai24mIOglch5WNJTu8OGGSmkxHusmGDYtWLHgNnSyPYIvEFLmxw
CDhU2KGxDiXMDQLn8SzuSkx6/k1t+GaAQqLmgugsRfqxGVolefEjQhmIPdNNMh2n
BkTLr+CoY9DQf++1myB/C/nFLYXuwULP/sFROB9TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIU2ZtRLIDiNquGEU3KQFAklx3mUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJiYzA5YTM3LTc5MmEtNDIyOS04ZTZkLWQ2NWM3OGFlZjQ1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZLAwAwDQYJKoZIhvcNAQELBQADggEBAI7eLlBJAqW/Cpx82zghB+fxZY5R
uWDSej28LxPaeHxh/8vQm9QOwVr0cX7ephwuym82QFgQeFeXC/Ze92ksbirVY66f
RdopWdWQCzFaNRKjm6+sjcKOtm6Q/5oi5GRMfRrVtsi2ei4g4LifVekxox7O93iI
93vP5jvb1Ou27w0Vg6ja2sJ2JW8ReI1f+RFlDziObAAyYYhKayP1BRFyIpQ8VQlx
G7qYOkRvBiDXBCn/77dHINnGh2p40bSSUwtEXprhYN9voAo3gESNj1HZ7/Hz++j7
L/POCeTC1vErKGVm7esebYvVgBl27xlUDSvklJ6ZUtmfG7uC6psj1+zuDVU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:19:35 2025 by rpki-client