Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5241e690-a3db-46b2-8f15-2711eef6d7a4.roa
File: 5241e690-a3db-46b2-8f15-2711eef6d7a4.roa (raw, json)
Hash identifier: eQ1rAtizJMAMuZzAykYHHm2j3rvMh9r2J3K60PCNAo0=
Subject key identifier: 0E:32:A6:4F:4D:5F:95:17:EE:D9:39:8B:DE:E5:53:25:88:A4:70:AC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 038BDCE5084D82680583F12580E0B4F403242E8C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5241e690-a3db-46b2-8f15-2711eef6d7a4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1fff:8090::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:8b:dc:e5:08:4d:82:68:05:83:f1:25:80:e0:b4:f4:03:24:2e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a71831f1560250d30703aaf22959e1ae4abbaa1397fe9ef15e2c93ece26800ff, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5f:7b:94:63:2a:54:06:32:7c:9a:72:f9:23:
e0:31:05:f5:35:30:14:98:55:18:65:4a:2b:ea:fa:
05:4d:31:53:bd:ff:d3:9d:39:bf:59:24:f3:05:83:
40:9e:e4:12:ce:6c:b5:7a:b6:2e:5a:74:7c:85:90:
cf:08:72:f6:e0:df:7e:4b:43:c8:11:cf:38:ea:08:
91:34:08:1d:ac:99:19:39:06:b5:c1:09:10:5e:97:
38:96:43:94:e8:a8:d3:d7:fb:f8:91:3e:bb:93:23:
dd:2d:0d:30:8b:21:1a:5f:9e:e9:e7:87:84:9d:1f:
a0:81:50:36:1b:89:72:cf:76:6a:12:8a:88:b9:b2:
ce:1b:18:e3:4f:b8:61:75:7a:22:46:e7:fe:f7:ab:
c7:2a:a3:ea:17:38:d0:bf:a3:7e:08:d3:90:5e:63:
56:d8:44:9a:f3:84:19:d8:2d:6a:f6:89:ec:61:6a:
eb:6e:10:06:c5:22:32:92:85:ab:88:27:05:34:8e:
45:26:f5:8e:ac:12:c7:20:00:5b:a3:e9:7b:5b:26:
ec:f6:6a:52:c3:03:03:f8:27:25:91:90:9a:66:f7:
28:19:5a:57:48:bb:9c:3f:14:06:cc:4b:5a:cd:92:
c6:42:23:ae:3b:9a:8b:1d:2e:c2:01:31:08:e6:bb:
fa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:32:A6:4F:4D:5F:95:17:EE:D9:39:8B:DE:E5:53:25:88:A4:70:AC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5241e690-a3db-46b2-8f15-2711eef6d7a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fff:8090::/48
Signature Algorithm: sha256WithRSAEncryption
c9:02:44:ef:02:1b:c9:14:d1:bb:1f:f1:7f:eb:2f:d2:e1:9b:
5d:d1:ab:7d:f5:05:fe:6d:66:e7:24:07:05:0e:12:a3:8b:66:
52:1b:bd:57:a9:c2:ff:e3:5a:bc:76:d8:fc:8a:bb:f1:3c:1d:
fe:f4:a6:c6:c8:2a:32:a3:85:18:97:43:df:83:58:74:e6:bb:
a7:7c:de:b5:74:88:03:95:ee:e7:ab:43:41:39:b4:0e:bc:57:
60:59:09:ec:70:71:29:52:28:fa:de:8f:e0:41:95:76:b5:fa:
0e:cb:f9:b3:42:79:4a:8c:a9:ad:63:31:8e:9d:92:ab:48:9b:
2c:89:26:4f:92:22:00:e1:82:8c:e2:b5:b2:7f:06:f9:32:48:
10:aa:d8:da:67:28:be:f5:31:a0:0f:0d:4b:10:27:96:f6:40:
0f:6d:ef:29:7d:22:58:45:32:8a:02:f8:12:66:88:d0:bd:35:
f3:9c:b3:8b:8d:1e:48:7e:50:ff:88:ee:dd:96:24:73:de:ea:
e3:34:02:00:17:0d:3a:89:e7:ad:7e:25:8f:d0:50:29:e5:72:
3d:f9:fa:e7:0d:9e:53:0a:5a:1a:e7:b6:af:82:0e:95:b9:66:
67:b1:6f:37:6c:19:46:b6:5e:0c:94:55:23:ee:a9:44:0d:2c:
5b:72:18:4f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUA4vc5QhNgmgFg/ElgOC09AMkLowwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzE4MzFmMTU2MDI1MGQzMDcwM2FhZjIyOTU5ZTFhZTRh
YmJhYTEzOTdmZTllZjE1ZTJjOTNlY2UyNjgwMGZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRX3uUYypUBjJ8mnL5I+AxBfU1MBSYVRhlSivq+gVNMVO9
/9OdOb9ZJPMFg0Ce5BLObLV6ti5adHyFkM8Icvbg335LQ8gRzzjqCJE0CB2smRk5
BrXBCRBelziWQ5ToqNPX+/iRPruTI90tDTCLIRpfnunnh4SdH6CBUDYbiXLPdmoS
ioi5ss4bGONPuGF1eiJG5/73q8cqo+oXONC/o34I05BeY1bYRJrzhBnYLWr2iexh
autuEAbFIjKShauIJwU0jkUm9Y6sEscgAFuj6XtbJuz2alLDAwP4JyWRkJpm9ygZ
WldIu5w/FAbMS1rNksZCI647mosdLsIBMQjmu/ppAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDjKmT01flRfu2TmL3uVTJYikcKwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUyNDFlNjkwLWEzZGItNDZiMi04ZjE1LTI3MTFlZWY2ZDdhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gJAwDQYJKoZIhvcNAQELBQADggEBAMkCRO8CG8kU0bsf8X/rL9Lh
m13Rq331Bf5tZuckBwUOEqOLZlIbvVepwv/jWrx22PyKu/E8Hf70psbIKjKjhRiX
Q9+DWHTmu6d83rV0iAOV7uerQ0E5tA68V2BZCexwcSlSKPrej+BBlXa1+g7L+bNC
eUqMqa1jMY6dkqtImyyJJk+SIgDhgozitbJ/BvkySBCq2NpnKL71MaAPDUsQJ5b2
QA9t7yl9IlhFMooC+BJmiNC9NfOcs4uNHkh+UP+I7t2WJHPe6uM0AgAXDTqJ561+
JY/QUCnlcj35+ucNnlMKWhrntq+CDpW5ZmexbzdsGUa2XgyUVSPuqUQNLFtyGE8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:25:42 2025 by rpki-client