Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/53d1d929-2988-4e29-8b0a-cbcad5b8d4a8.roa
File: 53d1d929-2988-4e29-8b0a-cbcad5b8d4a8.roa (raw, json)
Hash identifier: 9wHBwK/Dg68ory7Ujibsm+D7fIwSrncq8SNqTYEtC3g=
Subject key identifier: 64:02:25:15:07:28:C0:42:B4:38:97:2B:96:70:65:3F:5C:B4:82:E9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 54A2816363A5C09D914B400110C6D6996A71DDDA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/53d1d929-2988-4e29-8b0a-cbcad5b8d4a8.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.252.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:a2:81:63:63:a5:c0:9d:91:4b:40:01:10:c6:d6:99:6a:71:dd:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=af4a5d285161ffc6479ced4ba06500323fe96f07472c5f369dbb9cbda57d6048, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:af:f2:1e:60:c6:6c:3a:c7:01:f8:4d:20:
54:f8:43:bd:af:07:3d:7a:71:19:5d:2b:3d:f2:82:
66:09:4e:e2:47:c1:ef:30:da:98:ac:9c:c9:9e:fc:
07:a9:9e:e5:02:4a:49:b9:c9:23:43:ce:f1:ad:24:
21:42:9d:3a:4a:9a:5a:8c:73:13:0e:48:df:b2:c2:
1c:57:6f:f0:3d:ca:b0:9c:68:3a:1d:e2:3a:ce:2b:
75:2f:12:ee:2c:7d:85:c9:78:da:fc:a7:e7:c8:8a:
f5:91:ba:eb:25:cd:2f:9e:5b:8c:54:1d:07:ac:b1:
8a:06:2e:87:7e:8f:b6:d7:66:8b:5a:e2:9d:75:e5:
7e:d1:dd:39:51:60:d3:3b:92:b5:ff:4a:a9:bd:4e:
7a:76:58:6d:b2:cc:fb:c8:2c:e7:2f:03:fd:a8:93:
c3:0e:0f:aa:3d:94:67:69:bb:ee:f3:d8:1f:e7:4c:
86:94:71:b1:f3:21:95:82:ce:b0:3c:72:b3:1c:8c:
bc:79:70:3d:f0:cd:76:91:9b:d1:07:b3:dd:4d:3a:
fd:ef:d9:ae:28:47:61:86:4b:fe:61:bc:fb:1d:ee:
68:2a:7e:b1:45:43:65:ac:10:2c:2f:65:c1:2f:4b:
f0:19:db:1f:f2:63:ec:58:df:e9:9e:7a:4a:f4:63:
d4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:02:25:15:07:28:C0:42:B4:38:97:2B:96:70:65:3F:5C:B4:82:E9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/53d1d929-2988-4e29-8b0a-cbcad5b8d4a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.252.89.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:8b:ae:ac:94:35:5d:67:73:ab:ab:b3:d4:fb:9f:11:70:ad:
24:09:67:9a:0b:6f:0d:b4:95:e6:9f:12:f0:72:ae:fe:c2:c0:
12:56:f1:98:ce:ae:cc:a9:03:96:3a:81:c4:48:6b:9c:a8:2a:
bd:df:bc:a0:98:a4:82:5e:ba:fd:30:21:01:53:40:de:66:dc:
05:f5:56:a4:40:cf:8a:8e:43:2f:de:94:45:83:76:93:47:2e:
b6:e1:6d:dd:e7:37:5b:4d:95:a7:b2:0a:c3:19:f4:a4:21:3c:
d0:5b:d5:d6:39:03:61:e2:78:fe:b8:a6:34:e2:bc:41:bb:3a:
10:d0:91:1a:6f:3c:c0:27:65:40:34:81:40:f0:81:3f:c1:47:
20:ff:94:dc:42:ee:ac:03:5a:14:21:1f:16:16:84:da:c0:2d:
8c:c0:a3:d3:15:5f:a9:ba:2d:1a:18:72:7c:1d:55:a8:56:5a:
bd:41:1c:72:0a:2c:e5:8a:4e:79:c5:7a:04:6e:1b:ee:05:ec:
76:d7:e8:f1:55:a0:02:b9:9d:e7:cd:d7:6b:6f:d4:e1:9f:87:
a7:f9:9f:a4:46:f3:5e:62:af:7d:68:54:7d:03:81:fd:a5:bf:
29:18:e0:de:1e:55:26:a5:cc:79:89:e6:4d:6e:e9:22:83:98:
8e:76:24:80
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVKKBY2OlwJ2RS0ABEMbWmWpx3dowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjRhNWQyODUxNjFmZmM2NDc5Y2VkNGJhMDY1MDAzMjNm
ZTk2ZjA3NDcyYzVmMzY5ZGJiOWNiZGE1N2Q2MDQ4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjKK/yHmDGbDrHAfhNIFT4Q72vBz16cRldKz3ygmYJTuJH
we8w2pisnMme/AepnuUCSkm5ySNDzvGtJCFCnTpKmlqMcxMOSN+ywhxXb/A9yrCc
aDod4jrOK3UvEu4sfYXJeNr8p+fIivWRuuslzS+eW4xUHQessYoGLod+j7bXZota
4p115X7R3TlRYNM7krX/Sqm9Tnp2WG2yzPvILOcvA/2ok8MOD6o9lGdpu+7z2B/n
TIaUcbHzIZWCzrA8crMcjLx5cD3wzXaRm9EHs91NOv3v2a4oR2GGS/5hvPsd7mgq
frFFQ2WsECwvZcEvS/AZ2x/yY+xY3+meekr0Y9TRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZAIlFQcowEK0OJcrlnBlP1y0gukwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUzZDFkOTI5LTI5ODgtNGUyOS04YjBhLWNiY2FkNWI4ZDRhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/FkwDQYJKoZIhvcNAQELBQADggEBAG6LrqyUNV1nc6urs9T7nxFwrSQJ
Z5oLbw20leafEvByrv7CwBJW8ZjOrsypA5Y6gcRIa5yoKr3fvKCYpIJeuv0wIQFT
QN5m3AX1VqRAz4qOQy/elEWDdpNHLrbhbd3nN1tNlaeyCsMZ9KQhPNBb1dY5A2Hi
eP64pjTivEG7OhDQkRpvPMAnZUA0gUDwgT/BRyD/lNxC7qwDWhQhHxYWhNrALYzA
o9MVX6m6LRoYcnwdVahWWr1BHHIKLOWKTnnFegRuG+4F7HbX6PFVoAK5nefN12tv
1OGfh6f5n6RG815ir31oVH0Dgf2lvykY4N4eVSalzHmJ5k1u6SKDmI52JIA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:19:08 2025 by rpki-client