Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2ef29466-00b2-4064-829f-9e52620573d7.roa
File: 2ef29466-00b2-4064-829f-9e52620573d7.roa (raw, json)
Hash identifier: mefUXF9J71nWNyULyVHukWVIDMTqWQf35dH+4iOx3i8=
Subject key identifier: 38:42:F4:FE:A1:AC:5A:FC:98:FD:02:30:7E:04:50:FC:43:37:79:9E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 713DF058EF89D6C9CAF2ABB428187A75BB812C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2ef29466-00b2-4064-829f-9e52620573d7.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 96.0.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3d:f0:58:ef:89:d6:c9:ca:f2:ab:b4:28:18:7a:75:bb:81:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=0241c96b2bb741978b4bf1d37c519c06cc8b215b2bb129d9165aae0f30310c0e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:14:e2:22:43:86:12:d0:fd:e8:88:6b:f0:
90:90:01:37:82:36:8e:26:6b:81:19:00:68:51:95:
93:41:96:16:59:a8:bc:ca:a3:4c:66:50:88:23:ee:
54:f0:d0:f4:6b:44:fd:b2:a6:7a:47:82:40:d3:3d:
59:3b:a4:dc:d2:80:a0:7e:a9:c1:bf:26:9e:81:f3:
aa:fd:ce:b0:23:37:b2:3c:26:2d:93:77:3f:a2:68:
5a:4e:01:fc:1c:47:05:01:13:2b:ad:04:01:40:70:
e1:d6:bf:3c:7c:ad:71:3c:48:42:66:ea:24:c2:2a:
be:20:70:f4:46:9c:78:5a:0c:d5:f0:95:83:05:63:
b4:c8:87:a4:68:72:5a:ca:1e:a8:db:2b:31:9c:81:
e9:e0:d0:16:49:97:20:a3:53:64:35:90:9e:f3:c6:
9f:e2:e5:e8:ab:d0:2d:3b:82:1c:48:b5:67:91:3f:
a3:55:98:90:08:36:ba:ad:86:84:7e:1c:14:1a:cd:
90:35:bc:f4:2b:07:a1:cb:0f:5c:ed:e9:17:0a:3b:
af:7f:a7:8a:09:d9:8d:04:fb:27:f4:a4:5b:1f:54:
82:0d:84:e0:49:45:37:9f:13:8a:58:69:81:52:0d:
3c:c8:f2:d2:d2:64:3f:88:ba:e9:7f:f2:8c:81:54:
be:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:42:F4:FE:A1:AC:5A:FC:98:FD:02:30:7E:04:50:FC:43:37:79:9E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2ef29466-00b2-4064-829f-9e52620573d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.0.12.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:6b:0e:33:c0:7a:df:b2:53:04:24:69:ca:58:d7:77:30:b5:
33:3d:bf:0d:a5:9c:d9:af:04:96:a5:cd:ce:63:6a:40:8b:2c:
25:d3:ae:0a:1d:78:8d:39:65:07:91:ed:28:12:94:f6:9f:7f:
c1:ee:d1:83:d8:15:4a:ac:e1:11:a5:38:7e:d0:b7:e0:67:9e:
77:02:03:8e:ce:ca:ed:34:e4:77:59:eb:33:eb:d3:ee:5e:8a:
97:54:73:02:70:48:7e:9d:3a:6c:bd:a5:69:36:7a:b8:88:81:
2d:8a:e9:f4:99:dd:8e:41:dd:8f:32:e2:d8:a1:6a:4b:43:70:
5a:42:1b:5d:38:25:74:d5:e5:bb:c2:9f:31:a1:65:a8:ff:79:
c9:80:2c:b2:36:47:b7:69:67:52:aa:91:57:54:e9:d2:34:5a:
f1:08:19:44:ae:2e:7e:c6:c9:d3:5e:2c:e4:31:0a:a2:88:8e:
aa:b4:77:7d:05:3f:ec:b8:2c:7d:21:c8:a6:0e:56:50:9c:52:
72:3e:1c:28:4d:04:cf:58:95:67:f4:86:47:48:c6:be:75:61:
38:76:4b:f5:b4:64:f5:aa:d8:cc:6f:08:fa:5c:b5:a7:bf:20:
ee:ed:e6:73:21:fe:a0:23:c1:4a:d2:22:ef:ec:65:40:97:c5:
3f:07:27:96
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITcT3wWO+J1snK8qu0KBh6dbuBLDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTla
MHoxSTBHBgNVBAUTQDAyNDFjOTZiMmJiNzQxOTc4YjRiZjFkMzdjNTE5YzA2Y2M4
YjIxNWIyYmIxMjlkOTE2NWFhZTBmMzAzMTBjMGUxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgqFOIiQ4YS0P3oiGvwkJABN4I2jiZrgRkAaFGVk0GWFlmo
vMqjTGZQiCPuVPDQ9GtE/bKmekeCQNM9WTuk3NKAoH6pwb8mnoHzqv3OsCM3sjwm
LZN3P6JoWk4B/BxHBQETK60EAUBw4da/PHytcTxIQmbqJMIqviBw9EaceFoM1fCV
gwVjtMiHpGhyWsoeqNsrMZyB6eDQFkmXIKNTZDWQnvPGn+Ll6KvQLTuCHEi1Z5E/
o1WYkAg2uq2GhH4cFBrNkDW89CsHocsPXO3pFwo7r3+nignZjQT7J/SkWx9Ugg2E
4ElFN58TilhpgVINPMjy0tJkP4i66X/yjIFUvn8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQ4QvT+oaxa/Jj9AjB+BFD8Qzd5njAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMmVmMjk0NjYtMDBiMi00MDY0LTgyOWYtOWU1MjYyMDU3M2Q3LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmAADDANBgkqhkiG9w0BAQsFAAOCAQEAuWsOM8B637JTBCRpyljXdzC1Mz2/
DaWc2a8ElqXNzmNqQIssJdOuCh14jTllB5HtKBKU9p9/we7Rg9gVSqzhEaU4ftC3
4GeedwIDjs7K7TTkd1nrM+vT7l6Kl1RzAnBIfp06bL2laTZ6uIiBLYrp9JndjkHd
jzLi2KFqS0NwWkIbXTgldNXlu8KfMaFlqP95yYAssjZHt2lnUqqRV1Tp0jRa8QgZ
RK4ufsbJ014s5DEKooiOqrR3fQU/7LgsfSHIpg5WUJxScj4cKE0Ez1iVZ/SGR0jG
vnVhOHZL9bRk9arYzG8I+ly1p78g7u3mcyH+oCPBStIi7+xlQJfFPwcnlg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:38 2025 by rpki-client