Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d08cfca-510f-4253-bd56-4705cca3455a.roa
File: 2d08cfca-510f-4253-bd56-4705cca3455a.roa (raw, json)
Hash identifier: h5nmCHm4YplmEAlCKi+TducG3vRr0aA3rMH3ntxtvHY=
Subject key identifier: 80:72:62:8F:8C:28:9B:EC:3E:6F:F7:4F:4E:CA:13:6D:B4:FD:96:C5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 77228B47563B31E76647A1D5DE8069AFDE480EAE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d08cfca-510f-4253-bd56-4705cca3455a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2600:1fff:80b0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:22:8b:47:56:3b:31:e7:66:47:a1:d5:de:80:69:af:de:48:0e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=209f41df125acca2897321233d0937d9a50cfb91cd5f5caa795469eb2edf0c63, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:08:22:80:d4:be:d6:d9:20:b3:c3:4e:57:56:
80:81:9b:92:99:04:a8:52:41:e7:5b:4e:a0:9c:43:
de:94:c1:6e:33:e2:ba:e1:0d:1a:37:81:60:5c:3f:
a8:e8:c0:3b:c6:09:f9:db:b6:17:13:cd:fe:30:10:
cf:b2:4b:68:32:bc:60:2a:1c:32:9a:4b:f9:b6:8a:
26:bd:1b:49:ee:ed:b9:e5:f6:f4:1c:e4:ff:26:64:
5c:80:8a:0c:cf:01:24:5d:5c:a7:53:f6:78:77:ae:
90:3a:2c:64:1b:45:75:d2:93:e0:7c:91:44:16:d4:
79:57:82:30:34:e3:8c:1f:9e:74:7e:5d:38:15:f6:
21:71:07:81:fc:45:f7:e6:1a:3c:da:25:4d:34:86:
bd:03:86:cc:3f:d2:af:df:cf:a7:3a:4c:2c:04:94:
b4:df:6d:ba:70:dc:8c:d4:f3:c6:2b:9b:28:8d:13:
e6:a6:e4:14:e9:8b:17:3e:80:38:f0:db:7c:3f:86:
5a:7c:ab:4d:0d:fd:1e:4c:e7:f8:19:b3:52:3c:28:
eb:45:34:14:6b:dc:3a:28:9b:b3:94:f4:61:8a:ce:
cc:20:4c:4e:4b:13:fd:5b:c5:d9:73:ec:80:dc:15:
da:d9:cb:18:93:32:bd:18:a8:34:bf:06:9b:48:04:
21:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:72:62:8F:8C:28:9B:EC:3E:6F:F7:4F:4E:CA:13:6D:B4:FD:96:C5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d08cfca-510f-4253-bd56-4705cca3455a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fff:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
58:73:e8:de:fd:a2:aa:82:af:05:de:e1:58:b4:c9:da:12:14:
7d:02:1d:4e:5b:b2:72:ee:fb:05:f1:de:1a:27:fa:7a:20:48:
ea:11:9f:8f:1c:38:46:5e:bd:fd:2d:ef:d2:72:84:4e:94:0f:
f4:f1:8e:90:df:98:d9:6b:58:9e:e4:bf:69:87:e6:82:fd:2b:
10:3b:74:99:41:f1:e9:40:d4:ed:de:9a:cc:ae:3c:1a:43:ff:
7f:9d:7d:52:49:f4:81:98:92:85:30:e7:3a:8c:d7:70:8e:72:
06:04:db:7b:a2:f2:26:75:38:ad:8e:42:ab:97:63:cc:6b:7e:
90:01:db:55:6d:fd:b2:e9:53:bb:47:8d:a1:af:0d:b1:10:b1:
a5:76:d7:52:fa:e4:43:42:15:b8:56:66:15:09:d4:7d:c7:aa:
e7:0a:41:4b:88:03:34:10:3b:45:05:31:d0:ea:45:c8:ec:30:
a6:07:ea:7e:55:26:b6:55:4d:b7:c3:96:d0:d5:03:71:2f:75:
87:11:24:5c:7b:c6:a2:c1:50:ab:a0:42:90:b8:27:c8:0b:03:
7a:4c:a3:a4:83:24:e5:38:7a:11:f8:fe:84:24:3d:04:22:e5:
7e:1b:bf:07:83:ed:36:82:5a:86:85:a5:76:5a:d0:26:45:47:
d3:6a:ed:c5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdyKLR1Y7MedmR6HV3oBpr95IDq4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDlmNDFkZjEyNWFjY2EyODk3MzIxMjMzZDA5MzdkOWE1
MGNmYjkxY2Q1ZjVjYWE3OTU0NjllYjJlZGYwYzYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFCCKA1L7W2SCzw05XVoCBm5KZBKhSQedbTqCcQ96UwW4z
4rrhDRo3gWBcP6jowDvGCfnbthcTzf4wEM+yS2gyvGAqHDKaS/m2iia9G0nu7bnl
9vQc5P8mZFyAigzPASRdXKdT9nh3rpA6LGQbRXXSk+B8kUQW1HlXgjA044wfnnR+
XTgV9iFxB4H8RffmGjzaJU00hr0Dhsw/0q/fz6c6TCwElLTfbbpw3IzU88YrmyiN
E+am5BTpixc+gDjw23w/hlp8q00N/R5M5/gZs1I8KOtFNBRr3Doom7OU9GGKzswg
TE5LE/1bxdlz7IDcFdrZyxiTMr0YqDS/BptIBCGXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUgHJij4wom+w+b/dPTsoTbbT9lsUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJkMDhjZmNhLTUxMGYtNDI1My1iZDU2LTQ3MDVjY2EzNDU1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gLAwDQYJKoZIhvcNAQELBQADggEBAFhz6N79oqqCrwXe4Vi0ydoS
FH0CHU5bsnLu+wXx3hon+nogSOoRn48cOEZevf0t79JyhE6UD/TxjpDfmNlrWJ7k
v2mH5oL9KxA7dJlB8elA1O3emsyuPBpD/3+dfVJJ9IGYkoUw5zqM13COcgYE23ui
8iZ1OK2OQquXY8xrfpAB21Vt/bLpU7tHjaGvDbEQsaV211L65ENCFbhWZhUJ1H3H
qucKQUuIAzQQO0UFMdDqRcjsMKYH6n5VJrZVTbfDltDVA3EvdYcRJFx7xqLBUKug
QpC4J8gLA3pMo6SDJOU4ehH4/oQkPQQi5X4bvweD7TaCWoaFpXZa0CZFR9Nq7cU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:00:56 2025 by rpki-client