Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c4ab783-ed8f-407b-a600-2e828e4c1279.roa
File: 6c4ab783-ed8f-407b-a600-2e828e4c1279.roa (raw, json)
Hash identifier: g1HT4KOf2aL4RonT72QaDa6ImuPWiaqTquTF3IV2OEc=
Subject key identifier: BB:E6:74:5D:CE:B8:C8:A8:7A:2E:E3:10:B0:84:C4:D7:91:5F:B8:40
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 52D945EA990E733E3267A16AC54B64157EC13BCC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c4ab783-ed8f-407b-a600-2e828e4c1279.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 44.223.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d9:45:ea:99:0e:73:3e:32:67:a1:6a:c5:4b:64:15:7e:c1:3b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=ae0a07112c9245c075264fbd54fdb44255a55cd35a907fcf2a11b632a1ca6de2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c0:ed:79:f2:70:aa:e9:fb:3f:d1:8e:56:9c:
3a:86:4e:92:fc:05:5b:2a:9d:e8:90:68:cd:6b:cd:
05:d8:d6:cf:25:83:a3:bb:0d:2f:c1:ef:ab:70:b3:
f5:67:d4:c4:c0:6b:47:26:8a:58:da:2a:44:ef:ef:
d4:57:79:88:0b:11:16:a1:92:f4:4e:25:cd:ce:fb:
b7:7a:ef:6a:b3:20:3f:f0:ac:d2:17:f3:68:35:2e:
31:94:4d:18:92:f3:5b:fa:d7:f1:af:2c:57:f0:98:
5f:f1:12:06:78:a6:b6:53:dd:8f:86:2a:1a:e1:68:
81:a8:56:cf:3b:c3:5a:51:2f:5c:79:7b:0f:8d:1d:
fc:3d:9e:f7:26:e6:3f:c8:e2:af:62:80:dd:8b:39:
e4:26:ca:16:08:a5:03:0d:bc:c5:81:dd:44:26:d2:
3e:87:48:39:9d:8e:04:53:86:46:cc:4f:d0:7d:9b:
93:95:9a:00:42:dc:f2:64:cf:0a:4d:c2:67:09:86:
17:75:b4:e3:f1:1b:f0:f6:82:1f:2c:9d:ab:ae:11:
ca:c9:51:76:43:29:0e:b9:15:d4:a7:b3:f6:8d:48:
d5:30:bd:66:f4:9d:8b:25:16:62:e6:ed:50:e2:a7:
1f:67:9c:4f:e7:72:c2:8d:b0:59:c7:7d:99:20:80:
f6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E6:74:5D:CE:B8:C8:A8:7A:2E:E3:10:B0:84:C4:D7:91:5F:B8:40
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c4ab783-ed8f-407b-a600-2e828e4c1279.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
44.223.122.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:c2:e2:38:ef:7e:7c:34:cc:d5:d1:b5:1d:f6:f2:45:70:38:
88:bf:1c:58:05:38:b9:46:12:6c:75:d5:e3:73:64:5a:7b:d9:
dd:c0:d0:c7:58:29:5d:1b:00:e8:ed:ab:b6:b1:41:84:0d:82:
bf:5d:9c:ce:d1:ec:e9:84:36:ca:96:35:b0:08:8b:86:a4:aa:
e8:8b:19:f1:1b:ce:02:e7:17:48:3b:a4:db:80:f7:cb:78:a0:
92:56:9b:85:57:ed:e2:66:32:60:8a:2a:1e:14:c8:50:b6:bd:
80:29:25:56:31:f4:ea:91:a5:e8:44:cf:bc:fd:b7:ba:6a:5a:
d3:18:70:df:68:15:50:93:6f:be:fd:16:1e:e0:ff:09:5a:71:
43:d1:7c:2f:2e:c3:1a:24:ac:ad:30:15:40:a8:e6:f3:37:56:
f4:c8:d5:64:3e:60:6e:32:a2:75:f8:5f:91:55:b4:57:d5:69:
4d:c5:2e:f8:93:2f:d6:28:98:30:17:d1:ca:93:c0:65:5d:01:
7e:be:a4:c1:58:c2:e9:79:5d:f2:d3:31:25:34:61:aa:96:4a:
ef:9d:1a:2b:ef:d6:21:cd:87:f6:25:8b:0b:76:45:91:34:ad:
c2:1b:0e:a2:dc:14:b7:6f:2f:a5:fe:71:87:3f:ba:6f:9f:be:
fc:68:f0:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUtlF6pkOcz4yZ6FqxUtkFX7BO8wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZTBhMDcxMTJjOTI0NWMwNzUyNjRmYmQ1NGZkYjQ0MjU1
YTU1Y2QzNWE5MDdmY2YyYTExYjYzMmExY2E2ZGUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJwO158nCq6fs/0Y5WnDqGTpL8BVsqneiQaM1rzQXY1s8l
g6O7DS/B76tws/Vn1MTAa0cmiljaKkTv79RXeYgLERahkvROJc3O+7d672qzID/w
rNIX82g1LjGUTRiS81v61/GvLFfwmF/xEgZ4prZT3Y+GKhrhaIGoVs87w1pRL1x5
ew+NHfw9nvcm5j/I4q9igN2LOeQmyhYIpQMNvMWB3UQm0j6HSDmdjgRThkbMT9B9
m5OVmgBC3PJkzwpNwmcJhhd1tOPxG/D2gh8snauuEcrJUXZDKQ65FdSns/aNSNUw
vWb0nYslFmLm7VDipx9nnE/ncsKNsFnHfZkggPYXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUu+Z0Xc64yKh6LuMQsITE15FfuEAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjNGFiNzgzLWVkOGYtNDA3Yi1hNjAwLTJlODI4ZTRjMTI3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs33owDQYJKoZIhvcNAQELBQADggEBALzC4jjvfnw0zNXRtR328kVwOIi/
HFgFOLlGEmx11eNzZFp72d3A0MdYKV0bAOjtq7axQYQNgr9dnM7R7OmENsqWNbAI
i4akquiLGfEbzgLnF0g7pNuA98t4oJJWm4VX7eJmMmCKKh4UyFC2vYApJVYx9OqR
pehEz7z9t7pqWtMYcN9oFVCTb779Fh7g/wlacUPRfC8uwxokrK0wFUCo5vM3VvTI
1WQ+YG4yonX4X5FVtFfVaU3FLviTL9YomDAX0cqTwGVdAX6+pMFYwul5XfLTMSU0
YaqWSu+dGivv1iHNh/Yliwt2RZE0rcIbDqLcFLdvL6X+cYc/um+fvvxo8K4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:35:08 2025 by rpki-client