Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8ec433-58d1-4ff2-8444-25e303ae721c.roa
File: 2c8ec433-58d1-4ff2-8444-25e303ae721c.roa (raw, json)
Hash identifier: yxrZ8GKGyH5b6SILzYMfKqwvVQi8La7w3/0fcPjowYU=
Subject key identifier: 82:70:E9:2C:FC:BF:C8:7F:CA:C3:A1:63:EB:F4:AF:E6:F5:A1:B3:64
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 68F2601E3117DB44820496CFB59561CF755CB37F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8ec433-58d1-4ff2-8444-25e303ae721c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f00:4060::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f2:60:1e:31:17:db:44:82:04:96:cf:b5:95:61:cf:75:5c:b3:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=78e5d77bda808e6b95e411db5326dd75a90dee86c8d1f035ce8ad091f64fbd9f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9a:ea:54:2f:b8:f4:76:2f:b1:4b:d0:b2:01:
e5:bb:c4:fb:df:99:b3:a2:75:25:9c:56:0a:14:a3:
19:cd:10:86:40:21:42:41:a4:c3:5b:4d:cc:fa:f6:
11:34:e1:7e:bc:18:71:9b:c2:12:4b:16:e0:82:52:
e5:31:e0:ee:d3:bd:5e:1a:ec:11:fa:9b:97:39:b8:
0e:da:5a:3d:05:b9:1e:70:1b:34:ac:78:87:d5:ec:
c8:e6:00:a3:68:16:24:9d:62:e5:74:69:46:81:90:
76:14:cf:ef:eb:9e:32:93:5e:16:24:65:c6:0a:ce:
76:e1:1c:ea:ae:21:70:51:4f:07:45:a8:47:51:3a:
6d:4d:13:2c:bd:a7:2d:30:86:d9:f7:d2:a8:46:67:
65:e3:9c:a6:23:da:60:25:ab:6c:bf:e3:86:30:42:
c2:bb:00:cd:da:76:45:86:75:05:fe:31:44:59:d3:
9f:bb:93:d8:6f:c2:42:84:cc:65:fa:ad:4c:ae:f2:
bc:f9:b5:ca:73:73:f1:d4:8c:aa:d7:33:fd:32:5d:
13:87:e2:47:f7:9a:d2:33:32:d4:d0:05:6d:dc:ae:
33:b4:ef:b5:f5:7e:3d:2d:61:bf:60:01:6d:e3:90:
c7:91:40:fc:13:40:df:b5:0b:82:e3:aa:2c:da:d1:
e8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:70:E9:2C:FC:BF:C8:7F:CA:C3:A1:63:EB:F4:AF:E6:F5:A1:B3:64
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8ec433-58d1-4ff2-8444-25e303ae721c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f00:4060::/48
Signature Algorithm: sha256WithRSAEncryption
77:55:c0:b4:59:a0:58:f7:fe:d0:2f:08:d5:47:73:a1:98:6e:
f5:85:8c:d6:a0:9b:ae:f0:a3:84:ec:2b:b9:13:67:a8:b1:52:
e2:b5:38:81:0c:e3:71:8f:0f:5b:43:88:4c:89:17:f3:cd:05:
43:ae:80:24:a7:d6:f9:5b:4c:30:37:71:44:c5:af:eb:4c:ec:
e5:64:4e:06:54:68:6f:4e:41:90:69:58:90:15:1c:13:fe:bb:
f7:5b:a8:5e:c0:a3:4e:6a:2b:fc:d6:a9:57:10:1b:0e:93:a4:
31:11:21:aa:5e:08:7f:17:58:2f:2f:35:45:eb:d6:3a:6d:11:
b5:c2:32:66:ff:47:56:76:e2:a6:d6:f5:d8:2d:4a:06:ff:b2:
c9:09:9d:a6:7e:37:ed:06:01:27:e5:b3:d1:dc:5e:fb:b5:59:
84:36:ce:9a:4f:a9:f3:62:2e:d5:dd:5d:61:d9:18:de:a4:43:
47:58:b4:37:4e:2b:a3:a5:79:41:31:05:0d:f2:e6:c6:f8:3e:
b4:f9:13:2b:b0:b0:a0:a2:65:62:24:19:32:d7:9a:78:db:83:
dd:2b:7f:5c:33:71:99:95:e5:00:60:09:09:c8:53:8c:00:c6:
39:0c:dd:b1:6c:81:cb:56:e8:d7:7a:19:99:36:bb:c7:08:64:
d1:b8:ad:a2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaPJgHjEX20SCBJbPtZVhz3Vcs38wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OGU1ZDc3YmRhODA4ZTZiOTVlNDExZGI1MzI2ZGQ3NWE5
MGRlZTg2YzhkMWYwMzVjZThhZDA5MWY2NGZiZDlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdmupUL7j0di+xS9CyAeW7xPvfmbOidSWcVgoUoxnNEIZA
IUJBpMNbTcz69hE04X68GHGbwhJLFuCCUuUx4O7TvV4a7BH6m5c5uA7aWj0FuR5w
GzSseIfV7MjmAKNoFiSdYuV0aUaBkHYUz+/rnjKTXhYkZcYKznbhHOquIXBRTwdF
qEdROm1NEyy9py0whtn30qhGZ2XjnKYj2mAlq2y/44YwQsK7AM3adkWGdQX+MURZ
05+7k9hvwkKEzGX6rUyu8rz5tcpzc/HUjKrXM/0yXROH4kf3mtIzMtTQBW3crjO0
77X1fj0tYb9gAW3jkMeRQPwTQN+1C4Ljqiza0ehVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUgnDpLPy/yH/Kw6Fj6/Sv5vWhs2QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjOGVjNDMzLTU4ZDEtNGZmMi04NDQ0LTI1ZTMwM2FlNzIxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AQGAwDQYJKoZIhvcNAQELBQADggEBAHdVwLRZoFj3/tAvCNVHc6GY
bvWFjNagm67wo4TsK7kTZ6ixUuK1OIEM43GPD1tDiEyJF/PNBUOugCSn1vlbTDA3
cUTFr+tM7OVkTgZUaG9OQZBpWJAVHBP+u/dbqF7Ao05qK/zWqVcQGw6TpDERIape
CH8XWC8vNUXr1jptEbXCMmb/R1Z24qbW9dgtSgb/sskJnaZ+N+0GASfls9HcXvu1
WYQ2zppPqfNiLtXdXWHZGN6kQ0dYtDdOK6OleUExBQ3y5sb4PrT5EyuwsKCiZWIk
GTLXmnjbg90rf1wzcZmV5QBgCQnIU4wAxjkM3bFsgctW6Nd6GZk2u8cIZNG4raI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:47:22 2025 by rpki-client